Sound Sanctuary is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our app or website, then you can be assured that it will only be used in accordance with this privacy statement.
Sound Sanctuary may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25 May 2018.
What we collect
We may collect the following information:
- contact information including email address
- demographic information such as postcode, preferences and interests
- other information relevant to customer surveys and/or offers
- mobile device information for the purpose of push notifications
- cookie information
What we do with the information we gather
This data is used to process registrations of any online accounts, maintain your online account, identify you as a customer when you place orders with us and process and complete orders you place via our app or websites.
We may also need this data for the following reasons:
- We may require particular information in order to deliver certain features within our mobile app or website
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
- We may use the information to customise our app or website according to your preferences.
- We may use the information to deliver digital or physical products to you via our ecommerce platforms
Where this data is stored:
Your data may be held or accessed by Sound Sanctuary in the UK in the course of providing the site and services to you. We also use third party providers in order to fulfil the purposes of our services to you who may be located in countries in Europe, Canada or in the US.
In terms of any such transfers, we ensure that your data is transferred with relevant and appropriate contractual and other safeguards in place to ensure that it is kept secure and remains protected by GDPR and you consent to this transfer of your data on these terms.
Primarily your personal data is stored via the touchpoints outlined below:
- For website registrations your data will be stored in a database, hosted on a secure server in the UK.
- For app registrations and push notification delivery your data will be stored in a database, hosted on a secure server in the UK, and any in-app purchase data will be hosted with Apple (for iOS) and Google (for Android) respectively.
- For data submitted during ecommerce transactions your data is stored through Bandcamp’s data storage, databases and the general Bandcamp application. Your data is secured using SSL Encryption on a secure server behind a firewall.
- For mailing list signups your data will be accessible through our secure, GDPR-compliant email platform, Mail Chimp – but won’t be used unless you opt-in to our newsletter.
How long this data is kept:
We will keep your name and email address on file along with any order history until you opt-out.
We are required to retain some information in accordance with the law, such as information needed for income tax and audit purposes. In the case of accounting, we are obliged to retain invoices for seven years.
How to opt out:
You can update your preferences or unsubscribe from our Mailchimp mailing list using the links at the bottom of every email.
If you wish us to remove your data from our other systems, please contact firstname.lastname@example.org who will be happy to help.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We use Drupal to operate our websites as it is a trusted and maintained web platform backed by a vigilant community who continually monitor the CMS for security vulnerabilities. In our opinion this makes it a very secure choice for our web platform.
We use GDPR-compliant third parties such as Mailchimp, Bandcamp, Apple and Google to process our mailing list, ecommerce and app delivery data.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website and app may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified.
Consent is required for Sound Sanctuary to process both types of personal data, but it must be explicitly given. Where we are asking you for sensitive personal data we will always tell you why and how the information will be used.
You may withdraw consent at any time by contacting email@example.com
We will facilitate your request in line with our opt-out procedures.
Data controllers and data processors
When using our app or website or buying from our ecommerce store, Sound Sanctuary is the data controller – we collect the data from our customers.
We also use third party data processors, who process personal data on our behalf. For example, through using a Bandcamp system, Bandcamp is a data processor.
We only use data processors to fulfil our services to our customers and never share data with third parties for marketing purposes without your explicit consent. Wherever we use data processors, each processor is required to be GDPR compliant to safeguard your personal data.
We may pass on your data to third parties in order to complete our services with you. We never pass your data to third parties for marketing or other purposes.
We may pass on information containing your data to other parties as follows:
To our sub-contractors and data processors to administer your online account and orders and other parts of the services
To the police, regulatory bodies or legal advisers in connection with any alleged criminal offence or where required by law
Where your information is shared, it remains protected under GDPR.
Questions & Comments
If you have questions or comments about this policy or if you feel that our app or websites are not following its stated information policy please contact us at firstname.lastname@example.org