Privacy Policy
1. Introduction
At New Low For Music (“we,” “us,” or “our”), accessible via newlowformusic.com (the “Website”), we are firmly committed to respecting and protecting your privacy. We take our responsibilities regarding the processing and security of your personal data seriously—whether you are browsing our Website, making a purchase, or communicating with our team. This Privacy Policy outlines how we collect, use, store, and protect your personal data and affirms our compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the processing of personal data collected through newlowformusic.com. For the purposes of data protection law, we act as the data controller in relation to your personal data. We determine the purposes and methods for which your data is collected and used. If you have any questions regarding this Privacy Policy, you may contact us at [email protected].
3. Categories of Data We Process
We collect and process several categories of personal data to ensure we provide you with a secure, personalized, and efficient experience on newlowformusic.com:
a. Usage Data
Includes information about how you use the Website, such as IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system, device identifiers, and usage patterns.
b. Account Data
Includes full name, postal address, email address, and telephone number provided during account creation or checkout.
c. Profile Data
Includes purchase history, preferences (such as music genres, favorite artists), browsing behavior, and feedback or survey responses.
d. Communication Data
Includes records of communications with us, including support tickets, email correspondence, and contact form submissions.
e. Technical Data
Includes diagnostics, system configuration data, crash logs, and other device-related information automatically collected when using the Website.
f. Transaction Data
Includes payment details (processed securely via third-party providers), billing address, and order fulfillment information.
g. Preference Data
Includes consents for receiving marketing communications, preferred channels of engagement, and product or feature interests.
4. Legal Bases for Data Processing
We process your personal data lawfully and fairly based on the following legal grounds under the GDPR:
– Contractual Necessity: To fulfill our obligations to you, such as processing orders or delivering services.
– Legal Obligations: To comply with applicable laws or respond to lawful governmental requests.
– Legitimate Interests: To operate and improve our business, prevent fraud, secure our network, and communicate with users, provided such interests are not overridden by your fundamental rights.
– Consent: For specific purposes, such as sending marketing emails or placing non-essential cookies, we rely on your prior consent.
For California residents under the CCPA, we only collect and use personal information for the purposes described herein and do not sell personal data.
5. Your Rights
You have various rights depending on your jurisdiction, outlines of which are as follows:
Under the GDPR:
– Right of Access: Request information about the personal data we hold about you.
– Right to Rectification: Request corrections to your personal data if inaccurate or incomplete.
– Right to Erasure: Request deletion of your personal data under certain conditions.
– Right to Restrict Processing: Request restriction of processing under specific circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used format.
– Right to Object: Object to our processing of your personal data, particularly for direct marketing.
Under the CCPA:
– Right to Know: Request details about categories and specific pieces of personal data collected.
– Right to Delete: Request deletion of your collected personal data.
– Right to Opt-Out: Decline the sale of personal data (note: we do not sell your data).
– Right to Non-Discrimination: Not be discriminated against for exercising your rights.
To exercise your rights, please contact us at [email protected]. We will address your request in accordance with applicable laws.
6. Security Measures
We implement industry-standard security measures to ensure the confidentiality, integrity, and availability of your personal data. These measures include:
– Data encryption during transit and at rest
– Secure access controls and authentication systems
– Regular backups and off-site storage
– Staff training in data protection and cybersecurity best practices
– Frequent auditing and vulnerability assessments
While no digital system is completely immune from vulnerabilities, we take proactive steps to mitigate potential risks.
7. International Data Transfers
If you are located outside of the country where our servers are hosted, your data may be transferred, stored, and processed outside your jurisdiction. When transferring data internationally, we ensure appropriate safeguards, including Standard Contractual Clauses approved by the European Commission and other applicable protective mechanisms, to ensure the continued protection of your data under the GDPR and other local regulations.
8. Data Retention
We retain personal data only for as long as it is necessary for the purposes for which it was collected, including satisfying legal, accounting, or reporting obligations. Retention periods include:
– Usage Data: up to 24 months
– Account and Profile Data: retained for as long as your account is active, then securely archived or deleted within 12 months
– Communication Data: retained for 3 years for audit and service quality purposes
– Transaction Data: retained for 7 years to comply with tax and financial regulations
– Preference Data: retained until you withdraw your consent or update your preferences
Data will be periodically reviewed, and records that are no longer needed will be securely deleted.
9. Cookie Policy
Our Website uses cookies and related technologies to enhance your experience. Cookies are small data files stored on your device that help us recognize your browser and remember information about your visit. We use the following types:
– Essential Cookies: Necessary for basic site functionality (e.g., secure login, cart management)
– Functional Cookies: Enhance user preferences and facilitate personalized content
– Analytics Cookies: Help us understand website usage and improve effectiveness (e.g., Google Analytics)
– Performance Cookies: Offer insights into page load times and other performance metrics
10. Cookie Management and GDPR/CCPA Compliance
We provide users with clear choices about cookie usage upon their first visit to the Website. A detailed cookie banner allows you to accept, reject, or customize your cookie preferences in line with GDPR and CCPA requirements. You may also modify cookie permissions at any time through your browser settings or our cookie management interface.
Opt-out mechanisms for analytics and marketing cookies are honored, and we do not offer or permit the sale of user data in accordance with CCPA.
11. Special Protections for Children Under 13
We do not knowingly collect or solicit personal data from anyone under the age of 13. If you believe we may have inadvertently collected personal data from a child without appropriate consent, please contact us at [email protected], and we will promptly delete the information.
12. Changes to This Policy
We may occasionally update this Privacy Policy to reflect changes in technologies, legal requirements, or our practices. We will notify users of significant changes by publishing an updated version on newlowformusic.com and revising the policy link in the website footer. We encourage you to review this Policy regularly to stay informed about how your data is being used.
13. Contact Information
If you have any questions, concerns, or requests related to your personal data or this Privacy Policy, you may contact us at:
Email: [email protected]
—
This Privacy Policy reflects our ongoing commitment to transparency, accountability, and compliance with all applicable data protection laws. If you have privacy-related concerns, we welcome your inquiries and are here to assist you.