Data protection
​
General note and mandatory information
Naming of the responsible body
The responsible body for data processing on this website is:
Oliver Nözel (contact see imprint)
​
The responsible body decides alone or together with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).
​
Cookies and Similar Technologies
When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services ("Tracking Technologies"). These Tracking Technologies may allow third parties to collect your information automatically in order to improve the browsing experience on our digital assets, to optimize their performance and to ensure a customized user experience, as well as for security and fraud prevention purposes.
To learn more about this, please read the cookie policy.
Revocation of your consent to data processing
Some data processing operations are only possible with your express consent. You can revoke your consent that you have already given at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.
​
Right to lodge a complaint with the competent supervisory authority
As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority with regard to data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html .
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. It is provided in a machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.
​
Data processing in third countries
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing within the framework of the use of third-party services or the disclosure or transmission of data to other persons, bodies or companies takes place, this is only done in accordance with the legal requirements.
Subject to express consent or contractually or legally required transmission, we only process or have the data processed in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, if there are certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, Information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).
​
Provision of the online offer and web hosting provider
The hosting service for our digital assets is provided by the online platform WIX.com Ltd. available through which we can offer our services to you. Your data may be stored through our hosting provider's data storage, databases and general applications. It stores your data on secure servers behind a firewall, and it offers secure HTTPS access to most areas of its services.
​
Wix.com Ltd. hosting platform for websites; Service Provider: Wix.com Ltd., 40 Nemal St., 6350671 Tel Aviv, Israel; Website: https://de.wix.com/ ; Privacy Policy: https://de.wix.com/about/privacy ; Order processing agreement: https://www.wix.com/about/privacy-dpa-users .
​
Personal information may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel and other jurisdictions to the extent required for the proper provision of our Services and/or by law (as further explained below).
​
The data processed as part of the provision of the hosting offer may include all information relating to the users of our online offer that arises in the context of use and communication. This regularly includes the IP address, which is necessary in order to be able to deliver the content of online offers to browsers, and all entries made within our online offer or on websites.
​
Please note that we, or our hosting provider, may retain the information we collect for as long as is necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements.
We can correct, supplement or delete incorrect or incomplete data at any time at our own discretion.
Right to information, correction, blocking, deletion
You have the right to free information about your stored personal data, the origin of the data, its recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time using the contact options listed in the legal notice if you have any further questions on the subject of personal data.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses an SSL or. TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the "https://" address line of your browser and by the lock symbol in the browser line.
contact form
Data transmitted via the contact form will be stored, including your contact details, in order to be able to process your request or to be available for follow-up questions. This data will not be passed on without your consent.
The data entered in the contact form is processed exclusively on the basis of your consent (Article 6 (1) (a) GDPR). You can revoke your consent that you have already given at any time.
An informal message by e-mail is sufficient for the revocation. The legality of the data processing operations that took place up until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need for data storage. Mandatory legal provisions - in particular retention periods - remain unaffected.
Our website can usually be used without providing any personal data.
Insofar as personal data (e.g. name, address or e-mail
addresses) are collected, this is always done on a voluntary basis as far as possible. These dates
will not be passed on to third parties without your express consent.
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail). may have security vulnerabilities. A complete protection of the data against access by
Third party is not possible. The use of contact data published as part of the imprint obligation by third parties to send unsolicited advertising and information material is hereby expressly prohibited. The operators of the website www.elrubio-music.com expressly reserve the right to take legal action in the event of unsolicited advertising being sent, such as spam e-mails.
​
Newsletter
With the following information we will inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures as well as your rights of objection. By subscribing to our newsletter, you agree to receive it and the procedures described.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter "newsletter") only with the consent of the recipient or legal permission. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the consent of the user. Our newsletter also contains information about our services and us.
Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with someone else's e-mail address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the shipping service provider are also logged.
Registration data: In order to register for the newsletter, it is sufficient if you enter your e-mail address. Optionally, we ask you to enter a name so that we can address you personally in the newsletter.
The dispatch of the newsletter and the success measurement associated with it are based on the consent of the recipient in accordance with Article 6 Paragraph 1 Letter a, Article 7 GDPR in conjunction with Section 7 Paragraph 2 No. 3 UWG or on the basis of statutory permission according to § 7 paragraph 3 UWG.
The registration process is logged on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR. Our interest is focused on the use of a user-friendly and secure newsletter system that serves our business interests as well as meets user expectations and also allows us to prove consent.
Cancellation/revocation of the newsletter - You can cancel the receipt of our newsletter at any time, ie revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We can store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the previous existence of consent is confirmed at the same time.
​
Newsletters - Mailchimp
The newsletter is sent using the mail service provider "MailChimp", a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the data protection regulations of the shipping service provider here: https://mailchimp.com/legal/privacy/ . The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection standards ( https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active ). The shipping service provider is used on the basis of our legitimate interests in accordance with Article 6 Paragraph 1 Letter f GDPR and an order processing contract in accordance with Article 28 Paragraph 3 Clause 1 GDPR.
The shipping service provider can use the data of the recipients in pseudonymous form, ie without assignment to a user, to optimize or improve their own services, e.g. for technical optimization of the dispatch and the presentation of the newsletter or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass the data on to third parties.
​
YouTube
Our website uses plugins from YouTube to integrate and display video content. The provider of the video portal is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When a page with an integrated YouTube plugin is called up, a connection to the YouTube servers is established. This tells YouTube which of our pages you have accessed.
YouTube can assign your surfing behavior directly to your personal profile if you are logged into your YouTube account. You can prevent this by logging out beforehand.
YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.
Details on handling user data can be found in YouTube's data protection declaration at: https://www.google.de/intl/de/policies/privacy .
​
Registration function / member account
Users can create a user account. As part of the registration, the required mandatory information is communicated to the user and processed on the basis of Article 6 (1) (b) GDPR for the purpose of providing the user account. The processed data includes in particular the login information (name, password and an e-mail address). The data entered during registration will be used for the purpose of using the user account and its purpose.
Users can be informed by email about information relevant to their user account, such as technical changes. If users have terminated their user account, their data will be deleted with regard to the user account, subject to a statutory retention obligation. It is the user's responsibility to back up their data before the end of the contract in the event of termination. We are entitled to irretrievably delete all of the user's data stored during the contract period.
As part of the use of our registration and login functions and the use of the user account, we save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the user's protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Article 6 (1) (c) GDPR. The IP addresses are anonymized or deleted after 7 days at the latest.
​
Data transmission upon conclusion of contract for services and digital content
We only transmit personal data to third parties if this is necessary within the framework of contract processing, for example to the bank responsible for processing payments.
Any further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 Paragraph 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
​
Encrypted payment transactions on this website
If, after the conclusion of a fee-based contract, there is an obligation to send us your payment data (e.g. account number for direct debit authorization), this data is required for payment processing. (Web hosting provider: (WIX.com / WIX Payments).
Payment transactions using the usual means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
With encrypted communication, your payment data that you transmit to us cannot be read by third parties.
​
PayPal
On our website we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
If you choose to pay via PayPal, the payment details you enter will be sent to PayPal.
Your data is transmitted to PayPal on the basis of Article 6 (1) (a) GDPR (consent) and Article 6 (1) (b) GDPR (processing to fulfill a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of past data processing operations.
​
Payments / eCom
All payment options offered by us and our hosting provider for our digital assets comply with the regulations of the PCI-DSS (data security standard of the credit card industry) of the PCI Security Standards Council (council for security standards of the credit card industry). This is a collaboration between brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural controls) by our store and service providers.
​
Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee the absolute privacy or security of any information you upload, post or otherwise disclose to us or others.
For this reason, we ask that you set strong passwords and, if possible, do not give us or others confidential information that you believe disclosure could cause significant or lasting harm to you.
In addition, since email and instant messaging are not considered secure forms of communication, we ask that you do not share any confidential information through any of these communication channels.
​
Collection of access data and log files
We, or our hosting provider, collect data about every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Article 6 Paragraph 1 lit. The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider . (Source: Datenschutz-Generator.de)
​
We will only use your personal information for the purposes set out in the Privacy Policy and only when we are satisfied that:
-
the use of your personal information is necessary to perform or enter into a contract (e.g. to provide you with the Services themselves or to provide customer or technical support);
-
the use of your personal data is necessary to comply with a relevant legal or regulatory obligation, or
-
the use of your personal information is necessary to support our legitimate business interests (provided that we do so at all times in a way that is proportionate and respects your privacy rights).
As an EU resident you can:
-
request confirmation as to whether or not personal data concerning you is being processed and request access to your stored personal data and certain additional information;
-
request the receipt of personal data that you have provided to us in a structured, common and machine-readable format, insofar as this is technically feasible.
-
request rectification of your personal data held by us;
-
request the erasure of your personal data;
-
object to our processing of your personal data;
-
request the restriction of the processing of your personal data, or
-
lodge a complaint with a supervisory authority.
​
However, please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal information we collect and how we use it, please contact info@elrubio-music.com as provided below.
In the course of providing the Services, we may transfer information across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the Services, you consent to the transfer of your information outside of the EEA.
If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA where we are satisfied that an adequate or comparable level of protection of personal data is in place. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place to minimize the risk of unlawful use, alteration, destruction, loss or theft of your personal information and that such third parties will act in accordance with applicable laws at all times.
​
The site www.elrubio-music.com does not sell data of its users
We do not sell users' personally identifiable information for the intent and purposes of the CCPA.
​
Updates or changes to the Privacy Policy
We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes in the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.
​
Contact:
If you have general questions about the Services or the information we collect about you and how we use it, please contact me at:
Name: Oliver Noezel
Address: Saportastr. 4, 80637 Munich (Germany)
Email address: info@elrubio-music.com
​
In the event of competition law or similar problems, I ask you to contact me in advance to avoid unnecessary legal disputes and unnecessary costs. The cost note of a legal warning without prior contact with the operator of this site will be rejected as unfounded in the sense of the obligation to mitigate damage.
​
This website is subject to German law.
Place of jurisdiction is Munich Germany.Europe.
​
​
​