The person responsible within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is the:
MusicDNA AS
Postbox 60 Vinderen
0319 Oslo, Norway
Phone: +47 99218310
Email: support@musicdna.com
Website: musicdna.com
In principle we only process personal data of our users when it is deemed necessary to provide a functional website as well as to ensure the availability of our service and also when it is governed by legal requirements.
The legal basis for consent requiring processing operations of personal data is art. 6(1)(a) of the General Data Protection Regulation (GDPR).
The legal basis for processing personal data that is necessary for the compliance of a contract to which the data subject is party is art. 6(1)(b) of the GDPR. This also applies to processing operations required to carry out pre-contractual actions.
The legal basis for processing personal data required to fulfill a legal obligation that is subject to our company is art. 6(1)(c) of the GDPR.
The legal basis for processing personal data that is necessary to safeguard a legitimate interest of our company or a third party, and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, is art. 6(1)(f) of the GDPR.
Personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases. In addition, further storing may take place if it is intended by the European or national legislator in EU regulations, laws, or other regulations to which the person responsible is subjected to.
Unless there is a need for further storage of the data for a conclusion of contract or for a fulfillment of the contract, personal data will be deleted or blocked when the mentioned storage regulations expire.
Personal data is only collected to an extent as it is necessary for the use or operation of the service.
Access to this data will only be granted to selected employees and kept to a minimum. We do not create profiles of our users and only evaluate their activities on our websites as far as it is essential for providing our services.
All data on our website (this applies in particular to passwords) are always transmitted encrypted.
For the purchase transaction of our products we cooperate with the company Cleverbridge. With more than 10 years experience, Cleverbridge is one of the leading providers of global billing and e-commerce services.
Each time our website is accessed the system automatically collects data and information from the computer system of the connecting computer.
The following data is hereby collected:
This data is stored in the log files of our system. This data is not stored together with other personal data.
In addition, to improve the service the current filter and page settings of the respective registered user are saved when logging out of a user account. The consent to the processing of this data takes place during the registration process.
Furthermore we point out that our website is provided by the external service provider Hetzner (www.hetzner.de).
To provide the service our hosting provider processes data which is technically necessary. The legal basis for the processing is stated in art. 6(1)(f) of the GDPR. Further information can be found in the data protection FAQ of Hetzner.
The legal basis for the temporary storage of data and log files is stated in art. 6(1)(f) of the GDPR.
The legal basis for the storage of the settings is stated in art. 6(1)(a) of the GDPR.
The temporary storage of the users IP address by the system is necessary to allow delivery of the website to the computer of the user. Therefore the users IP address must be kept for the duration of the session.
The storage of the data in log files is done to monitor the functionality of our website and thus to ensure the operations of the site, as well as to ensure the security of our information technology systems.
An evaluation of the data for marketing purposes does not take place in this context.
For these purposes our legitimate interest in the processing of data is justified in accordance with art. 6(1)(f) of the GDPR.
In cases of abuse or attacks on the system art. 100(1) of the Telecommunications Act forms the basis for the extended processing of the collected data.
The storage of the filter and page settings is done solely with the aim of making the operation of the website user-friendly.
The data for the provision of the website will be deleted as soon as they are no longer necessary for the purpose of their survey.
This is the case after 4 weeks when storing data in log files. Any further storage is possible but only to prove an improper use or their attempt.
The filter and page settings are saved until the next login and will be deleted no later than eight weeks after expiration of the product.
The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility for revocation on the part of the user.
When a user is activating or deactivating a recording for the monitoring, the following data is collected:
These data are stored in the database of our system.
To optimize the service and the products, we collect anonymous statistics on the activation and deactivation of recordings. The product / user assignment is completely removed.
The legal basis for the temporary storage of data is stated in art. 6(1) of the GDPR.
The temporary storage of order activation and deactivation data of items for orders by the system is necessary to enable proper reporting in current and future products.
For these purposes, our legitimate interest in the processing of data is justified in accordance with art. 6 of the GDPR.
In cases of abuse or attacks on the system art. 100(1) of the Telecommunications Act forms the basis for the extended processing of the collected data.
The data for the provision of services for registered user will be deleted as soon as they are no longer necessary for the purpose of their survey.
When saving the activation or deactivation data, this will be performed together with deleting the user account.
Collecting the data to provide the service to registered users – enabling and disabling recordings and storing the data in the system database is essential to the operation of the service. There is consequently no possibility for revocation on the part of the user.
The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibilty for revocation on the part of the user.
Our website uses cookies. Cookies are text files that are stored from the web browser on the users computer system. When a user opens a web page, a cookie can be stored on the users computer. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.
Some elements of our website require that the calling browser can be identified even when a new subpage is opened.
The following data is stored and transmitted in the cookies:
In addition, we do not store any information in cookies that allow an analysis of the browsing behavior of users.
Maps are created on our website to provide a clear overview of the detection results for users with active products. For presenting these maps we use software from Openlayers.org. The cfduid-cookie of CloudFlare (www.cloudflare.com) is necessary to use this software. According to CloudFlare, this cookie is used to unambiguously identify the user, e.g. behind firewalls, and stores no personal data.
Further information can be found at:
The legal basis for processing personal data using technically necessary cookies is art. 6(1)(f) of the GDPR.
The legal basis for processing personal data using cookies for analysis purposes when consent of the user in this regard has been obtained is art. 6(1)(a) of the GDPR.
Some features of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page break.
The user data collected through technically necessary cookies will not be used to create user profiles.
For these purposes, our legitimate interest in the processing of data is justified in accordance with art. 6(1)(f) of the GDPR.
Cookies are stored on the computer of the user and transmitted by that to our site. Therefore, every user maintains full control over the use of cookies. By changing the settings in the respective Internet browser each user can disable or restrict the storage of cookies.
Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all features of the website fully.
On our website, we offer users the opportunity to register with the necessary personal data. In doing so we restrict ourselves to the minimum necessary amount of information. Thereby the data is entered into an input mask, transmitted to us and stored. A transfer of data to third parties does not take place. The following data is collected during the registration process:
At the time of registration the following data will also be stored:
The consent of the user to process this data is obtained as part of the registration process.
The specification of further data is not necessary. Registered users can voluntarily leave their name in the member area to be contacted. They can also delete this information themselves.
For registered users, the following additional data points are collected during a session and stored until the next session:
The legal basis for processing this data is art. 6(1)(a) of the GDPR.
User registration is required for the provision of certain content and services on our website.
The registration on our website and the completed purchase of one of our products is necessary in order to use our reporting and monitoring products. The purchase of the products is handled by our payment provider Cleverbridge.
To use our chargeable offers a unambiguous identification of the user is necessary to prevent misuse. For identification we only use username and password.
The user identification is particularly required for chargeable orders, invoicing, handling of complaints as well as licensing-relevant transactions.
The data will be deleted as soon as they are no longer necessary for the purpose of their survey.
For the data collected during the registration process, this is the case when the registration on our website is canceled or modified.
Without active products, registration data is automatically deleted 8 weeks after the end of the service period.
Accounts containing only open orders will be removed three weeks after receipt of the most recent order in accordance with point 9 of the terms and conditions.
The users of our service have the possibility to dissolve the registration at any time. They can change the data stored about them at any time.
The deletion of a user account and the associated data is done manually according to a defined instruction by one of our employees. An order for deletion can be made via the contact form on our website or by email at support@musicdna.com.
Our website contains a contact form which can be used for electronic contacting. If a user utilizes this option, the data entered in the input mask will be transmitted to us and saved.
These data are:
At the time of sending the message the following data is also stored in the log files of the web server:
For processing the data the consent of the user is obtained in the context of the sending process and a reference is made to this privacy policy.
Alternatively, you can contact us via the provided email address support@musicdna.com. In this case, the users personal data transmitted by email will be stored.
In this context, there is no disclosure of the data to third parties. The data is used exclusively for processing the conversation.
The legal basis for processing this data when consent of the user has been obtained is art. 6(1)(a) of the GDPR.
The legal basis for processing data which has been transmitted in the course of sending an email is art. 6(1)(f) of the GDPR. If the email contact aims to conclude a contract, art. 6(1)(b) of the GDPR is an additional legal basis for processing data.
The processing of personal data from the input mask is solely for processing the contact. In the case of contact via email, this also leads to the required legitimate interest in processing data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to guarantee the security of our information technology systems.
The data will be deleted as soon as it is no longer necessary for the purpose of the survey. Data sent to us via email as well as the data of the input mask of the contact form will be stored until reaching the legal guidelines (6 years regarding paragraph 147 of the German Fiscal Code).
The user has the possibility to revoke his consent to processing personal data at any time. If the user contacts us by email, he may object to the storage of his personal data at any time.
The revocation must be made in writing in each case. This is possible either by email to the known support address or by mail to the above mentioned address.
All personal data stored in the course of contacting will be deleted in this case.
Regarding the execution of the purchase we rely on the external payment service provider Cleverbridge (www.cleverbridge.com).
Users can choose their desired product on our website, both in the freely accessible area and in the account settings. After accepting the terms of use, an ID of the process and the product ID will be transmitted to Cleverbridge to identify the order. To finish the purchase, the user will be directed to Cleverbridges website.
After the user has completed the process, Cleverbridge sends us a part of the invoice data (as far as specified by the user):
Account or credit card related information will not be sent to us. Only information about confirmation or negative disclosure of the payment.
For further information, we refer to the terms and conditions and privacy policy of Cleverbridge.
The legal basis for processing personal data that is necessary for the compliance of a contract to which the data subject is party is art. 6(1)(b) of the GDPR.
The data is transmitted solely for identity and credit checks.
The data is stored until reaching the legal guidelines. For accounting vouchers the legislator intend a period of 10 years according to paragraph 257 of the German commercial code.
Within the framework of the purchase transaction no data is collected and transmitted which is not necessary for fulfilling the contract. Therefore the data processing can’t be contradicted.
If personal data of a user is processed, this person is data subject within the meaning of the GDPR and has the following rights to the person responsible:
The person concerned may demand from the person responsible a confirmation as to whether personal data relating to him are being processed.
If such processing exits the person concerned may request information from the person responsible about the following information:
The data subject has a right of rectification and/or completion to the person responsible if the processed personal data concerning him are incorrect or incomplete. The person responsible must make the correction immediately.
Subject to the following conditions the person concerned may request the restriction of processing personal data concerning him:
If processing personal data concerning the user has been restricted, this data may only be used – disregarding storage – with the consent of the user or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important reasons of public interest of the EU or member state.
If processing has been restricted following the above mentioned conditions the user will be informed by the person responsible before the restriction is lifted.
Data subjects may require the person responsible to delete the personal data concerning them without delay and the person responsible is required to delete that data immediately, provided one of the following is true:
If the person responsible made the personal data concerning the user public and is this person obligated to delete this data according to art. 17(1) of the GDPR, he takes appropriate measures for this taking into account the available technology and the costs of implementation.
Responsible persons processing the personal data must be informed in this regard that the data subject has requested the deletion of all links to this personal data or of replications of this personal data.
The right to deletion does not exist if the processing is necessary:
If a user has asserted the right of rectification, deletion or restriction of processing his personal data to the controller, the latter is obliged to notify all recipients, to whom the personal data relating to the user have been made public, about the correction or deletion of the data or about the restriction of processing unless this proves impossible or involves disproportionate effort.
The user is entitled to the person responsible to be informed about these recipients.
Users have the right to receive the personal data they provided to the person responsible in a structured, common and machine-readable format. In addition users have the right to transfer this data to another person without hindrance by the person responsible to whom the personal data has been provided, provided that
In exercising this right users also have the right to obtain that personal data relating to them be transmitted directly from one person responsible to another where technically feasible. Freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data necessary to carry out a task of public interest or in the exercise of public authority delegated to the controller.
At any time for reasons arising from their particular situation users have the right to lodge an objection against the processing of personal data relating to them which occur according to art. 6(1)(e) of the GDPR. This also applies to profiling based on these provisions.
The controller no longer processes the personal data concerning the user unless he can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the user, or the processing is intended to assert, exercise or defend legal claims.
If the personal data relating to the user are processed in order to operate direct mail the user has the right to object at any time to the processing of his personal data for the purposes of such advertising. This also applies to profiling insofar as it is associated with such direct mail.
If users object to the processing for direct marketing purposes their personal data will no longer be processed for these purposes.
Users have the option in the context of the use of information society services – regardless of directive 2002/58/EC – to exercise their right of objection through automated procedures using technical specifications.
Users have the right to object their declaration of consent in terms of data protection at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
The use of MusicDNA’s service is no longer possible after the revocation.
The MusicDNA radio monitoring service (SERVICE) is provided by the MusicDNA AS, Postbox 60 Vinderen, 0319 Oslo, Norway (MUSICDNA). The document has to be interpreted in terms of the Norwegian law.
The SERVICE is a fully automatic monitoring system of radio stations worldwide, realized by content-based audio recognition (fingerprint). Extensive reports are generated for the music tracks selected or uploaded by the user.
These reports as well as the graphical summaries are based on the detection of plays at monitored stations within the selected region. Within the service term, the following resulting data will be provided for the active tracks of the user:
In addition, the result data is prepared in the following form for a detailed and user-friendly view:
The monitoring results can be accessed on the MusicDNA website (musicdna.com) during the service period. The right to access expires at the end of the service period. Nevertheless, MusicDNA grants access to the last report data for another eight weeks after the expiration date.
Songs can be activated for monitoring in two ways, either by selecting them from the MusicDNA database or by uploading the audio file. If a piece of music is uploaded before 19:00 UTC, its fingerprint is generated and loaded into the system by 4:00 UTC the next morning. The monitoring then starts from the moment of successful loading. If the fingerprint generation fails (due to damaged audio files etc.), the song is marked as inactive on the “Manage Songs” page.
Depending on the service package booked, the CLIENT can deactivate active music pieces after a minimum monitoring period and replace them with others (SWITCHING). MusicDNA is only obligated to provide detection data for the time a piece of music was activated.
MusicDNA reserves the right to modify or adapt the metadata displayed (artist, title, …) on the music pieces.
MusicDNA reserves the right to adapt or change the display of metadata (artist, title, …) of music pieces.
The list of stations in active monitoring can be viewed after the login under Available Channels. If a station is not included, its admission into the system can be suggested by email. MusicDNA then checks the technical requirements for this radio station and, if possible, includes it in the monitoring system. The final decision on the inclusion of a station into the monitoring is incumbent on MusicDNA, there is no obligation for an inclusion.
MusicDNA guarantees >94 % availability of the reporting system and the corresponding website. Regular maintenance times will be announced on the website three days in advance.
MusicDNA achieves a generally high level of service and ensures the correctness of detections. Nevertheless, the availability of radio stations for active monitoring also depends on their reception via satellite or as a web stream, etc.. MusicDNA is not responsible for technical problems caused by third parties, e.g. short-term transmission interruptions due to technical problems of a radio station.
The description of the service packages or products can be viewed under the following link: https://musicdna.com/pricing
MusicDNA reserves the right to terminate a service contract in the event of misuse. Misuse is, for example, the deliberate attempt to cause a disruption of the SERVICE by uploading manipulated or damaged audio files or metadata, the massive sharing of a named account, the attempt to create a database dump by massive SWITCHING, the redistribution or sale of the obtained data in parts or as a whole with the aim of generating sales in comparable companies, etc..
The CLIENT has the right to use the SERVICE in the intended way.
The SERVICE will be provided as named account and will be identified by a username. The CLIENT, whether as person or organization, is automatically the owner of the account.
The CLIENT keeps all property rights of uploaded material but grants MusicDNA limited rights of use to run the SERVICE and further more like described in paragraph 4.
The CLIENT is not allowed to distribute or sell the SERVICE whether in whole or in part for the purpose of making a profit on a business model similar to MusicDNA.
MusicDNA reserves the rights to the generated fingerprints for the monitoring and the generated detection data. MusicDNA can continue to use and monetize this data.
The CLIENT acknowledges that the SERVICE and its underlying software contains patent rights and confidential information which are protected by copyright and other laws. MusicDNA and/or third parties hold all rights, titles and shares of the service. Provided that nothing in this agreement tells explicitly otherwise, all rights to the SERVICE remain exclusively with MusicDNA.
The CLIENT pays MUSICDNA the fees for the SERVICE. The amount of the fees is listed in the price list at https://musicdna.com/pricing/ plus value added tax if applicable. The payment process is handled by the payment service provider Cleverbridge.
Independent from its legal basis, MusicDNA’s liability is restricted as follows:
MusicDNA is liable
MusicDNAs liability in case of slightly negligent violation of cardinal obligations is limited to the damage which is typical for this kind of service and which was foreseeable by MusicDNA when this agreement came into effect.
The aforementioned limitation of liability also applies in cases of personal liability of employees, accomplice and organs of MusicDNA.
Independent from its legal basis, MusicDNA’s liability is limited to the value of the agreement and to the amount of money which was paid by the customer to MusicDNA to run the SERVICE.
Neither party to this agreement shall be responsible for or suffer any penalty for any breach or delay of its obligations under this agreement if such breach or delay was caused by force majeure. Each party shall inform the other immediately in the event of force majeure.
The expected duration of the outage and the estimated effect on the party concerned shall be disclosed and all reasonable efforts shall be made to overcome these effects. Either of the contracting parties may terminate this Agreement without penalty in the event of force majeure if its compliance with its obligations or the obligations of the other party is impeded for a period of sixty (60) consecutive days or more.
The agreement comes into force as soon as the CLIENT accepts the terms and conditions of this agreement by clicking the designated button on the website of the SERVICE and MusicDNA has received the money for the ordered service. The agreement has a term which is defined through the CLIENT ordered and paid service period. The right of contracting parties to terminate the contract with immediate effect due to important reasons stays untouched. An important reason is a delay of payment by the CLIENT (despite demands) or a substantial neglect of duty.
Two months after termination of the agreement, the user account of the CLIENT will be deleted and thereby the access to the SERVICE will be disabled.
Accounts containing only open orders will be removed three weeks after the most recently placed order in accordance with point 9 of the terms and conditions.
Should one or more terms of this contract be invalid or unenforceable in whole or in part, the validity of the remaining provisions shall not be affected thereby. Such ineffective or unenforceable terms shall be replaced to the fullest extent as permitted by the law by provisions, which most closely approximate the actual or implied intentions of the parties at the time the contract was concluded. The same applies mutatis mutandis if this agreement does not take into account problems which should reasonably have been considered.
MusicDNA tries constantly to improve its services and to fulfill customer requirements. That’s why our range of services, products and also the SERVICE itself changes over time. MusicDNA keeps the right to carry out those changes and to adapt the conditions accordingly. In case that new conditions become valid, MusicDNA will release these under the following link: https://musicdna.com/legal
In case of doubt regarding the interpretation of the General Terms and Conditions, the text of the English version shall prevail over other versions.
version 1.2, 01.01.2020
