Changes in data protection law in the EU (i.e. GDPR) have prompted us to take a look at how we make sure care and wellbeing are there when we’re looking after the information you share about yourself with us. We are a small band, with very limited audience, and not a real company as such, but we’d rather make it clear!
We’ve written this policy to be clear about how we treat and look after your information. It’s grounded in the European Union’s ‘GDPR’ . A key component of these protocols is transparency. Please read the whole document to understand the new information we have included in our policy from 25 May 2018.
Astrakan Project and Customers
1) We collect contact information from you; your name, address and email, when you make a purchase (including free products) from the platform http://astrakanproject.bandcamp.com/
2) We collect your name (if you chose to) and email address when you sign up to receive newsletters through our blog at http://astrakanproject.com hosted by WordPress. You can opt to a French or an English version.
3) We collect your name (if you chose to) and email address when you add your name to our contact list at a live concert.
4) How do we use your data?
a. To quickly process your transactions in line with the Contract made on purchase. In which case we also keep all the information for legal purposes (we don’t fall under VAT system, but we still might one day need to prove our sales)
b. To send a newsletter about 2-3 times a year in English or French depending on your choice (online subscription) or where we met (in person subscription).
5) Where is your data stored?
Our data is stored on paper (in a small notebook with all people signing in during our concerts!) and online with http://mailchimp.com/ that we use to create nice layouts.
5) We have never and have no plans on selling your data to any third party.
If you’re not happy
5) If you’d rather not receive Newsletters please opt out by clicking on the ‘unsubscribe’ option on the top of in every email you are sent or email us at: firstname.lastname@example.org
6) If you’d like to ask a question or want to know what data of yours we hold please email us at: email@example.com
7) If you have a complaint please email us at: firstname.lastname@example.org
8) Alternatively you can write to:
Hent-dall ar Puns
How do we protect your data?
10) Your personal information is contained behind secured networks (WordPress and Mailchimp) and is only accessible by the both of us.
11) In addition we don’t collect any sensitive/credit information you supply, that is made via the platform http://bandcamp.com
Do we use ‘cookies’?
12) No. The platforms we use (http://bandcamp.com, http://wordpress.com, http://mailchimp.com, and possibly http://youtube.com from which our videos get played) however do, as they do for any user, and we have no control over that.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
California Online Privacy Protection Act (CalOPPA)
According to CalOPPA, we agree to the following:
14) Users can visit our site anonymously.
16) COPPA (Children Online Privacy Protection Act)
a. When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
b. We do not specifically market to children under the age of 13 years old.
GDPR and Fair Information Practices
17) GDPR is the data protection framework for the European Union. The Fair Information Practices Principles form the backbone of privacy law in the United States. The concepts they cover play a significant role in the development of data protection laws around the globe.
18) In order to be in line with GDPR and Fair Information Practices we will take the following responsive action, should a data breach occur: We will notify you via email within 4 business days
GDPR and CAN SPAM Act
19) The CAN-SPAM Act is a USA law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
20) In addition to the points made elsewhere in this policy Astrakan Project agrees to:
a. Not use false or misleading subjects or email addresses.
b. Identify the message as an advertisement in some reasonable way.
c. Include the physical address of our business or site headquarters.
d. Monitor third-party email marketing services for compliance, if one is used.
e. Honour opt-out/unsubscribe requests quickly.
f. Allow users to unsubscribe by using the link at the bottom of each email.
Last updated on: 25rd May 2018