Data-Protection Statement

Including the Social Media and Analytic Tools

1. Name and Contact Data of the Processing Controller and of the Works Data Protection Officer

This data protection information applies to the data processing by
Controller: FKP Scorpio Sverige AB, Löjtnantsgatan 25, 11550 Stockholm.
E-mail: datapolicy@fkpscorpio.se
Tel.:   + (0) 8 410 462 42

The works data protection officer for FKP Scorpio Sverige AB is Anna Fernqvist Svensson, Hellström Advokatbyrå KB, and can be reached at the address Kungsgatan 33, 103 90 Stockholm, or else under datapolicy@fkpscorpio.se
 

2. Collection and Storage of Personal Data and the Nature and Purpose of its Use

a) During a Visit to the Website
On calling up our website http://wheresthemusic.se information is automatically sent to the server of our website by the browser used by your terminal device. This information is temporarily stored in a so-called log file. The following information is thereby recorded without your involvement and is stored until its deletion:

– the IP address of the visiting computer
– the date and time of access
– the name and URL of the file called up
– the website from which the access took place (referrer URL)
– the browser used and, sometimes, the operating system of your computer and the name of your access provider.

The data mentioned is processed by us for the following purposes:

– to ensure comfortable use of our website
– for evaluation of the system’s security and stability
– for further administrative purposes.

The legal basis for the data processing is provided by article 6, paragraph 1, sentence 1, letters a and b of the General Data Protection Regulation (GDPR). Our legitimate interest arises from the above-listed purposes for data collection. On no account do we use the data collected for purposes of drawing inferences to your person.

In addition to this, during visits to our website we employ cookies and analytic services. More detailed explanations on this can be found under points 4 and 5 of this data-protection statement.

 

3. Passing On of Data

No transfer of your personal data to a third party for purposes other than those listed below takes place.

We only give your personal data to a third party if

– you have consented to this, in keeping with article 6, paragraph 1, sentence 1, letter a and/or letter b of GDPR, for fulfilment of contractual relationships and/or if this is for necessary implementation of pre-contractual measures and there are no reasons to believe that you might have a predominant legitimate interest in the non-transfer of your data,
– a statutory obligation exists for the transfer, in keeping with article 6, paragraph 1, sentence 1, letter c of GDPR, and
– this is legally permissible, and in keeping with article 6, paragraph 1, sentence 1, letter b of GDPR, is necessary for the processing of contractual relationships with you.

 

4. Cookies

We make use of cookies on our site. These are small files that your browser creates automatically and that are stored on your terminal device (laptop, tablet, smart phone, etc.) when you visit our site. Cookies do not harm your terminal device, they contain no viruses, Trojans or other malware.

Information that in each case has to do with the specific terminal device deployed is stored in the cookie. This does not mean, however, that we thereby have direct knowledge of your identity.

The use of cookies serves, on the one hand, to make it easier for you to utilize our offer. To this end we deploy so-called session cookies to see if you have already visited individual pages of our website. These cookies are automatically deleted after you have left our site.

In addition to this, we also make use of temporary cookies, which are stored on your terminal device for a certain fixed period and serve to optimize user-friendliness. When you visit our site again in order to make use of our services it is automatically recognized that you have previously visited us and which input and settings you made use of, i.e. you need not enter these again.

We also employ cookies to statistically record and evaluate the use made of our website and for purposes of optimizing of our offer for you (see point 5). These cookies make it possible for us to automatically recognize, on a renewed visit to our site, that you have previously visited us. These cookies are automatically deleted, in each case, after a stipulated period.

The data processed by cookies is necessary for the specified purposes and for safeguarding our legitimate interests and those of third parties, in keeping with article 6, paragraph 1, sentence 1, letter b of GDPR.

Most browsers automatically accept cookies.

You can, however, configure your browser such that no cookies are stored on your computer, or that an indication is always given before a new cookie is deployed. The full deactivation of cookies can, however, result in your being unable to make use of all of the functions of our website.

 

5. Analytic Tools

a) Tracking Tools
The tracking measures listed below and deployed by us are implemented on the basis of article 6, paragraph 1, sentence 1, letter b of GDPR. With the tracking measures used we want to ensure a needs-oriented design and the progressive optimization of our website. We also employ tracking measures to statistically record and evaluate the use made of our website, and for purposes of optimizing of our offer for you. These interests are to be seen as legitimate in the sense of the above-mentioned regulation.

Explanations of the respective purposes of the data processing, as well as data categories, can be found in the corresponding tracking tools.

b) Google Analytics
For purposes of a needs-oriented design and continuous optimization of our pages we use Google Analytics, a web-analysis service of Google Inc. (https://www.google.com/intl/sv_se/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”). In this connection, pseudonymized user profiles are created and cookies (see under point 4) are used. The information created by the cookie on your use of this website, such as

– browser type/version
– operating system used
– referrer URL (the site previously visited)
– host name of the accessing computer (IP address)
– time of server enquiry

is transferred to a Google server in the USA and is stored there. The information is utilized to evaluate the use made of the website, to compile reports on the website activities and to produce further services associated with the use made of the website and of the Internet, for purposes of market research and needs-oriented design of these Internet pages. Where appropriate, this information is also passed on to third parties, provided this is legally prescribed, or to the extent that third parties process this data on commission. On no account will your IP address be used in connection with other Google data. The IP addresses are anonymized so that allocation is not possible (IP masking).

You can prevent the installation of the cookies by adjusting the browser-software settings appropriately. In this case, however, we draw your attention to the fact that not all of the functions of this website may then be fully available.

You can also prevent the recording of the data generated by the cookie and relating to your use of the website (incl. your IP address) and the processing of this data by Google in that you download and install the browser add-on: https://tools.google.com/dlpage/gaoptout.

As an alternative to the browser add-on, particularly in cases of browsers on mobile terminal devices, you can also prevent recording by Google Analytics in your settings. This sets an opt-out cookie that prevents future recording of your data during your visit to this website: The opt-out cookie applies only in this browser and only for our website. It is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

You can find further information on data protection in connection with Google Analytics in the Google Analytics help: https://support.google.com/analytics/answer/6004245?hl=en.

c) Facebook Fan Page
We also use the Facebook platform for our fan page https://www.facebook.com/wheresthemusic. For this purpose, Facebook uses the devices of those who use our fan page cookies and collects information about how our fan page is used. These Facebook cookies each have a unique cookie ID. Due to this method of data processing, we (and Facebook) may receive anonymous statistical data about how you use this Facebook fan page. If you have any questions, please feel free to contact us or our data protection supervisor

 

6. Mobile Apps

a) In addition to our online offer we can offer you a mobile app that you can download to your mobile terminal device. In what follows we provide information on the collection of personal data when using our mobile app. Personal data is data that relates to you personally, e.g. name, address, e-mail addresses, user behaviour.

b) Controllers, in accordance with article 4, paragraph 7 of the EU General Data Protection Regulation (GDPR) are named at the beginning of this data-protection statement, under point 1. These are also responsible for the mobile apps.

c) If, for individual functions of our offer, we have to rely on commissioned service companies, or if we would like to use your data for advertising purposes, we will inform you below in detail about the respective procedures. We will also thereby indicate the fixed criteria for the storage period.

d) On downloading the mobile app the necessary information is transferred to the app store, in particular the user name, the e-mail address and the customer number of your account, the time of the download, payment information and the individual device identifying number. We have no influence on this data collection and are not responsible for it. We process the data only to the extent that this is necessary for the downloading of the mobile app to your mobile terminal device.

e) When you use the mobile app we collect the personal data described below, in order to make using the functions more comfortable. When you decide to use our mobile app, we collect the following data that for us is technically necessary to be able to offer you the functions of our mobile app and to guarantee stability and security. The legal basis is article 6, paragraph 1, sentence 1, letter f of GDPR.

– IP Address
– Date and Time of Access
– Time-Zone Difference to Greenwich Mean Time (GMT)
– Content of Enquiry (specific page)
– Access Status / HTTP Status Code
– Data Quantity Transferred in Each Case
– Website From Which the Enquiry Comes
– Browser
– Operating System and Its Surface
– Language and Version of the Browser Software.

f) We furthermore process your device identification, the explicit number of the terminal device (IMEI = International Mobile Equipment Identity), the explicit number of the network user (IMSI = International Mobile Subscriber Identity), the mobile-telephone number (MSISDN = Mobile Station Integrated Services Digital Network), the MAC address for WLAN utilization, the name of your mobile terminal device, and the e-mail address.

g) The mobile app employs no cookies.

 

7. Rights of Persons Affected

You have the right:

– in accordance with article 15 of GDPR, to demand information on your personal data processed by us. In particular, you can demand information on the purposes of the processing, the category of the personal data, the categories of recipients with respect to whom your data has been or will be disclosed, the planned period of storage, the existence of a right to correction, deletion, limitation of the processing or objection to it, the existence of a right of objection, the origins of your data, if this has not been collected by us, and about the existence of an automated decision-making process including profiling and, where applicable, meaningful information on the related details;
– in accordance with article 16 of GDPR, to demand the immediate correction of incorrect data, or to have any incomplete personal data of yours stored by us, completed;
– in accordance with article 17 of GDPR, to demand the deletion of your personal data stored by us, provided the processing is not necessary for the exercising of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons that are in the public interest, or for assertion, exercising or defence of legal entitlements;
– in accordance with article 18 of GDPR, to demand limitations on the processing of your personal data, if the correctness of the data is contested by you, if the processing is unlawful but you reject the deletion of the data and we no longer require it, though you need it for assertion, exercising or defence of legal entitlements, or if you have protested against its processing, in accordance with article 21 of GDPR;
– in accordance with article 20 of GDPR, to demand to be sent personal data of yours, that you have provided us with, in a structured, standard and machine-readable format, or to demand its transfer to another controller.
– in accordance with article 7, paragraph 3 of GDPR, to revoke your previously given consent, with respect to us, at any time. This has the consequence that, from then on, we will no longer be entitled to undertake data processing dependent on this consent;
– in accordance with article 77 of GDPR, to lodge a complaint with a supervisory authority. As a rule you can choose, for this purpose, the supervisory authority at your customary place of residence or workplace, or that at the place of registered address of our business.

 

8. Right of Objection

If your personal data is processed, on the basis of legitimate interests, in accordance with article 6, paragraph 1, sentence 1, letter f of GDPR, you have the right, in accordance with article 21 of GDPR, to protest against the processing of your personal data, provided there are reasons for doing so that arise from your special situation, or the objection is aimed at direct advertising. In the latter case you have a general right of objection that will be implemented by us without the need for details referring to a special situation.

If you wish to make use of your right of revocation or your right of objection, it is sufficient to send an e-mail to: datapolicy@fkpscorpio.se.

 

9. Data Security

During the visit to the website we make use of the much used SSL (secure socket layer) procedure in conjunction with the respective highest encryption level that is supported by your browser. This is normally a 256-bit encryption. If your browser does not support a 256-bit encryption, we resort instead to 128-bit v3 technology. You can see whether a single page of our Internet presentation can be transferred encrypted from the closed depiction of the key or lock symbol in the lower status bar of your browser.

We otherwise make use of appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in accordance with technological developments.

 

10. Current Validity of and Amendments to this Data-Protection Statement 

This data-protection statement is currently valid as in May 2018.

Due to the further development of our website and the offers presented in it, or due to changes in statutory or official specifications, it may prove necessary to alter this data-protection statement. The respective, current data-protection statement can be called up by you on the website, under https://www.wheresthemusic.se, at any time.

 

11. Supervisory authority data protection 

DATAINSPEKTIONEN, box 8114, 104 20 Stockholm, +46 (0) 8-657 61 00, datainspektionen@datainspektionen.se