Privacy Policy
1. Introduction
At Emily Burns Music (“we”, “our”, or “us”), accessible at emilyburnsmusic.com, we are committed to safeguarding the privacy and personal data of all users who access and interact with our website and services. We recognize the importance of protecting information and are dedicated to processing data in a secure, transparent, and lawful manner. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data, in full compliance with all applicable data privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant regulations.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through emilyburnsmusic.com and associated services, whether accessed via desktop, mobile, or other platforms. For the purposes of applicable data protection legislation, Emily Burns Music is the data controller responsible for the collection and use of your personal data. If you have any questions about our privacy practices, you may contact us at: [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data, either directly from you or via automated means:
a. Usage Data: This includes data regarding how you interact with our website, such as your IP address, browser type, city/country of access, pages viewed, session duration, referring URLs, and similar diagnostic data.
b. Account Data: If you create an account or engage with services requiring identification, we may collect your full name, mailing address, email address, and telephone number.
c. Profile Data: This refers to information relating to your personal preferences, submitted playlists, listening behavior, purchases, language selection, genre interests, and other settings or customizations relevant to your user experience.
d. Communication Data: This includes the contents of emails, support inquiries, feedback, and other communications you send us, along with metadata like timestamps and response history.
e. Technical Data: We may collect device identifiers and technical configurations, such as operating system, screen resolution, device model, mobile network information, and browser configurations.
f. Transaction Data: Where you purchase merchandise, tickets, or other services through emilyburnsmusic.com, we may collect records of those transactions, including payment method, billing/shipping address, and purchase history. Note: All payment processing is handled by secure third-party providers and we do not retain full payment card details.
g. Preference Data: This includes your opt-in selections for email marketing, newsletter subscriptions, purchase interests, notification settings, and user behavior across marketing campaigns.
4. Legal Bases for Processing Personal Data
We process your personal data only when the law permits and under the following legal bases:
– Legitimate Interests: To administer our website, improve services, prevent fraud, and communicate relevant updates.
– Contractual Necessity: When processing is required to perform a contract with you (e.g., fulfilling your orders).
– Consent: Where expressly provided by you for marketing emails, cookies, or data collection beyond what is necessary.
– Legal Obligation: When we must comply with legal requirements or cooperate with authorities for enforcement purposes.
5. Your Rights
Under the GDPR and CCPA, you have various rights regarding your personal data, subject to legal conditions:
– Right of Access: Request a copy of your personal information.
– Right to Rectification: Correct incomplete or inaccurate data we hold about you.
– Right to Erasure: Request deletion of your data, where processing is no longer necessary or based on your consent.
– Right to Restriction: Limit how we process your data under certain circumstances.
– Right to Data Portability: Receive your data in a structured, machine-readable format and request transmission to another controller.
– Right to Object: Object to processing based on our legitimate interests or for marketing purposes.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.
– Right Not to Be Discriminated Against: You will not receive discriminatory treatment for exercising your rights under the CCPA.
To exercise any of the above rights, please contact us at [email protected]. We may need to verify your identity before complying with your request.
6. Security Measures
We implement comprehensive administrative, technical, and physical safeguards to protect your data, including:
– Data encryption in transit and at rest
– Role-based access controls and authentication protocols
– Regular security audits and penetration testing
– Staff training in data protection and privacy awareness
– Secure backup and disaster recovery protocols
While no system is entirely immune to breaches, we continuously strive to enhance our security practices to protect user data in accordance with industry standards.
7. International Data Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA) or your country of residence. Where such transfers occur, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), adequacy decisions by regulators, or other legally approved mechanisms to protect your information in accordance with GDPR and CCPA requirements.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The specific retention periods are:
– Usage, Technical, and Analytics Data: Up to 24 months
– Account and Profile Data: For as long as the account is active, and up to 12 months thereafter
– Transaction Data: Retained for a minimum of 7 years for tax and legal compliance
– Communication and Support Data: Retained up to 3 years after closure of inquiries
– Preference Data: Until consent is withdrawn or preferences are updated
9. Cookie Policy
emilyburnsmusic.com uses cookies and similar technologies to enhance your browsing experience. Cookies help us understand user behavior, remember preferences, and provide essential site functionalities. These include:
– Essential Cookies: Necessary for navigating the site and accessing secure areas
– Functional Cookies: Remember your choices and preferences (e.g., language settings)
– Analytics Cookies: Gather usage data for performance oversight (e.g., Google Analytics)
– Performance Cookies: Optimize load times, responsiveness, and interaction levels
10. Cookie Management and Compliance
On your first visit to emilyburnsmusic.com, you are presented with a cookie consent banner enabling you to accept or manage your preferences in line with GDPR and CCPA standards. You can modify these settings at any time via your browser settings or our Cookie Management console. Note that disabling certain cookies might affect the functionality of the site.
11. Children’s Privacy
Our website and services are not directed at children under the age of 13. We do not knowingly collect or solicit personal data from individuals under 13 without verified parental consent. If we discover that we have inadvertently collected data from a child under 13, we will delete it promptly in accordance with applicable laws. Parents or guardians who believe we may have collected such data should contact us at [email protected].
12. Policy Updates
We may update or amend this Privacy Policy to reflect legal, regulatory, or operational changes. When changes occur, we will update the policy on emilyburnsmusic.com and, where required, notify you through appropriate channels. Continued use of the website after updates constitutes acceptance of the revised terms.
13. Contact Us
If you have any questions, concerns, or wish to exercise your data protection rights, please contact us at:
Email: [email protected]
Website: https://emilyburnsmusic.com
We are committed to maintaining full compliance with applicable data protection laws and ensuring that your personal data is handled with the highest standards of care and integrity. If you have concerns regarding our privacy practices or how your information is used, do not hesitate to reach out.
