Privacy Policy
Effective Date: November 22nd, 2024
Universal Music Group is the world leader in music-based entertainment. We are the home for music’s greatest artists, innovators, and entrepreneurs. As digital technology refashions the world, our unmatched commitment to lead by developing new services, platforms, and business models for the delivery of music and related content empowers innovators and allows new commercial and artistic opportunities to flourish.
As part of this mission, Universal Music Group operates websites, applications, stores, and other services (which we refer to in this privacy policy as "Apps") to help our artists stay connected with fans in new and exciting ways.
This privacy policy describes Deutsche Grammophon GmbH's (as part of the Universal Music Group) data practices, including the collection, use, and sharing of data through Apps that link to this privacy policy, along with the choices and rights you have to control those data practices.
The personal names (e.g., artist) used herein in masculine form for purely language economics purposes include individuals of each sex (m / f / d).
WHO WE ARE
Apps that link to this privacy policy are operated by Deutsche Grammophon GmbH (as part of the Universal Music Group), located at Mühlenstraße 25, 10243 Berlin. As used in this policy, "DG," "we," and "our" refers to this entity, who acts as a data controller and is responsible for the processing of personal data by the Apps under applicable privacy and data protection laws.
Other entities in the Universal Music Group family of companies may receive or process data in connection with the operation of the Apps, including UMG Commercial Services, Inc., UMG Recordings, Inc., and UMG Recordings Services, Inc., each of which is also located at 2220 Colorado Ave, Santa Monica, CA 90404. Where applicable, each of these entities separately makes the disclosures in this privacy policy.
Apps may be operated on behalf of artists and/or partners who may process personal data in connection with the Apps. In such cases we will disclose the relevant third parties on the Apps and/or at the point of data collection.
CONTACT US
Questions or comments about this privacy policy, our data practices, or requests regarding your privacy rights may be submitted through our Privacy Request Form. You may contact DG’s global Data Protection Officer by clicking here, the German Data Protection Officer may be contacted here. We are only able to respond to requests related to our data practices through this form.
ALL NON-PRIVACY QUESTIONS: Please see this FAQ regarding how to contact DG with questions or requests not related to our privacy practices or your privacy rights.
You may also contact the German Data Protection Officer by writing to Deutsche Grammophon GmbH (ATTN: “Data Protection Officer”), Mühlenstraße 25, 10243 Berlin. You may also contact DG’s global Data Protection Officer, by writing to Universal Music Group (ATTN: “Data Protection Officer”), 2220 Colorado Ave, Santa Monica, CA 90404 USA.
INFORMATION WE COLLECT
In our operation of the Apps, we collect the following categories of data:
1. Category of information
Information you choose to provide via the App or through other interactions with DG, such as e-mail, social media, SMS, telephone, or other methods
What may be collected
- your name,
- country of residence,
- e-mail address,
- phone number,
- login information, including certain social media profile information if you login with a social media account,
- gender,
- age or date of birth,
- payment card information,
- billing and/or shipping address,
- clothing sizes or similar physical descriptions,
- personal description,
- photographs, videos, or images,
- comments.
How it is collected, where applicable
- Forms you fill out on our App, including subscribing to direct marketing, creating an account, searches, uploading documents or media, or linking a social media account;
- Correspondence with us (e-mails, phone transcripts or otherwise);
- Purchases or orders placed on the App;
- Participation in forums, chats, or other social media functions on the App;
- Entering a competition, promotion, or survey;
- Reporting a problem on the App or requesting support.
2. Category of information
Information collected through your use of an App
What may be collected
- IP address and network information,
- location (based on IP lookup),
- user agent string including browser and OS version,
- language and time zone,
- identifiers set by cookies or similar tracking information (see cookies disclosure below),
- unique device identifiers and hardware version,
- page response times,
- download or content errors,
- page interaction information (such as scrolling, clicks, and mouse-overs, length of visit, pages viewed),
- methods used to browse away from the page.
How it is collected, where applicable
Visiting our App or interacting with us
3. Category of information
Information collected from third parties
What may be collected
- name or username,
- age or birthdate,
- address,
- phone number,
- gender,
- household income,
- device OS,
- brand affinities,
- consumer profile category,
- music intent scores,
- music concert spend category,
- music genre interests.
How it is collected, where applicable
Consistent with applicable laws, we may match and supplement information you provide, such as your email address or phone number, with data held by third party data providers or data brokers.
HOW YOUR INFORMATION MAY BE USED
We may use information we collect to:
- Respond requests and/or queries, including customer support queries,
- Fulfil orders, process payments, and provide order-related updates,
- Send requested marketing communications via email, SMS, or direct messages,
- Advertise our products or the products of third parties that we believe may be of interest,
- Create segments of users with similar features for ad targeting or seeding lookalike audiences,
- Operate, measure, and audit online advertisements,
- Build user profiles to assist us in understanding your interests, create marketing or advertising segments, and predict likely sales, marketing, or advertising outcomes,
- Train AI or machine learning models that analyze or predict sales, marketing, or advertising outcomes,
- Personalize and improve our Apps, products, and services,
- Administer promotions, contests, or sweepstakes,
- Operate and administer our Apps, including troubleshooting, data analysis, testing, research, statistics, and other internal operations,
- Manage your access to our Apps, including notifying you of changes to the Apps,
- Analyze usage of our Apps,
- Secure our Apps and prevent fraud or other illegal activities,
- Resolve disputes and/or enforce our agreements,
- Comply with legal and regulatory obligations.
HOW YOUR INFORMATION MAY BE SHARED
In compliance with applicable laws, we may share information about you with third parties to facilitate the uses described above, including:
- Our affiliates and joint venture partners that we have now or may have in the future,
- Our business partners, suppliers, agents, and sub-contractors who provide services on our behalf;
- Relevant DG artists and/or their representatives,
- With other users where you leave comments or otherwise contribute content to an App,
- Advertisers, advertising networks and social networks,
- As part of an actual or potential corporate sale, merger, or acquisition, or other transfer of all or part of DG,
- Pursuant to a subpoena, court order, governmental inquiry, or other legal process or as otherwise required by law, to protect our rights or the rights of third parties, or to protect the safety or security of any person or entity, or
- With your consent or as otherwise disclosed at the time of data collection or sharing.
STORAGE AND RETENTION OF INFORMATION
We will retain the information we collect in accordance with applicable laws and as reasonably necessary for our processing purposes set out under this privacy policy, including resolution of disputes, enforcement of agreements, securing the Apps, and to comply with our legal obligations. When personal data is no longer necessary for our purposes we will delete or deidentify the data.
We will also take steps to ensure that the information we collect is treated securely and in accordance with this Privacy Policy. We have put in place technical and organisational procedures designed to safeguard the information we collect.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect the information we collect, we cannot guarantee its security.
CHILDREN
Our apps are not directed toward children (as defined by local law) nor does DG knowingly collect information from children (as defined by local law) without parental consent except where in compliance with applicable laws.
YOUR RIGHTS
You may have certain rights regarding our processing of personal data about you. These rights may include access to, rectification, erasure, and/or portability of your personal data. You can exercise these rights by contacting us as described in the “Contact” section. We may take steps to verify your identity before completing your request. Our verification measures vary based on the risk to the individual and may involve confirming access to the relevant email account, providing a government-issued ID or other identification documents, or providing other account details or information that indicates a valid request.
You may also be entitled, in accordance with applicable law, to lodge a complaint with a supervisory authority if you consider that our processing of your personal data infringes applicable law.
Specific information regarding rights related to data processing of European data and personal data about residents of California, Colorado, Virginia, Connecticut, and Utah can be found on our “Your Privacy Rights" page.
INTERNATIONAL DATA TRANSFERS FROM THE EU, UK, OR SWITZERLAND
Universal Music Group US-based group companies UMG Recordings Services, Inc., UMG Recordings, Inc., Universal Music Investments, Inc., Universal Music Group Holdings, Inc., Universal Music Group, Inc., UMG Commercial Services, Inc., and Universal Music Publishing, Inc. participate in the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, and the UK Extension to the EU-US Data Privacy Framework (collectively the “DPF”) regarding the collection, use, and retention of personal information transferred to the United States from member countries of the European Economic Area, Switzerland, and the United Kingdom. Universal Music Group has certified to the United Stated Department of Commerce that we adhere to the Data Privacy Framework Principles. More information about the Data Privacy Framework, including Universal Music Group certification, is available on the Data Privacy Framework (DPF) Program website.
Our group companies are subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).
DG collects and uses personal information as described in the “Information we collect” and “How your information may be used” sections above. We may disclose personal information about you as described in the “How your information may be shared” section above. DG may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Where we transfer personal information subject to the DPF to a third party, we require that third party to access, use, and disclose the personal information in compliance with the DPF. DG is responsible for the processing of personal information we receive under the DPF and subsequently transfer to third parties acting as an agent on our behalf. We remain liable if such third parties process personal information inconsistent with the DPF Principles unless we prove that DG is not responsible for the event giving rise to the damage.
Individuals whose data is subject to the DPF have the right to access personal information about them. You may also have choices to limit the use, and disclosure of personal information about you. Please see our “Your Privacy Rights” page for additional information regarding your rights and how to make privacy requests.
Dispute Resolution
If you have any questions or complaints regarding DG handling of your personal information, please contact us using our Privacy Request Form or email us at datenschutz@deutschegrammophon.com. We will respond promptly. If you are not satisfied with our resolution of your privacy or data use complaint you may contact our US-based independent dispute resolution body, JAMS by clicking here. It may be possible, under certain conditions, for individuals to invoke binding arbitration.
CHANGES TO OUR PRIVACY POLICY
Any material changes we may make to our privacy policy in the future will be posted here. Please check back frequently to see any updates or changes to our privacy policy.
DIGITAL ADVERTISING
We use third party partners to enable targeted advertising on third-party social media platforms, websites, and mobile apps. These companies collect information through our Apps to target users and serve ads. Some of these ads may be personalized, meaning that these ads are intended to be relevant to you based on information the companies collect or receive about your use of our App and third-party sites and apps over time, including through the use of cookies and other tracking technologies.
Visit the DAA Webchoices tool at www.aboutads.info to learn more about targeted advertising and how to opt out of targeted advertising by companies participating in the DAA self-regulatory program. If you delete your cookies or use a different browser or mobile device, you may need to renew your opt-out choices exercised through the DAA Webchoices tool.
To opt-out of targeted advertising in mobile apps by companies participating in the DAA’s AppChoices program, you can download that app onto your device from https://youradchoices.com/appchoices. You can also limit data collection and use by third parties for targeted advertising in your mobile device settings, where available.
Note that electing to opt out will not stop advertising from appearing in your browser or applications. It may make the ads you see less relevant to your interests.
COOKIES
Our Apps use cookies and other similar technologies to improve your experience and support targeted advertising. For the purpose of this Cookies Policy, cookies, and other similar technologies (like scripts, plug-ins, tags, device fingerprints, Local Stored Objects, beacons, and pixels) are all referred to as “cookies.”
You can find more information about the cookies and other tracking technologies we use, the purposes for which we use them, and make certain choices about cookies through the cookie choices tools available on our Apps.
Most internet browsers are automatically set up to accept cookies. However, if you want to refuse or delete any cookies (or similar technologies), please refer to the help and support area on your internet browser for instructions on how to block or delete cookies. Please note you may not be able to take advantage of all the features of our App, including certain personalised features, if you delete or disable cookies.
For more information on managing cookies, please go to www.allaboutcookies.org, or visit www.youronlinechoices.eu which has further information about behavioural advertising and online privacy.
Your privacy rights
Effective Date: November 22nd, 2024
Here at Deutsche Grammophon GmbH (as part of the Universal Music Group), we take your privacy seriously and we’re dedicated to providing you with the best possible music experience. To do that, we collect and use information about you to personalize our sites, stores, and marketing communications. However, only you know what your best experience is, so we provide fans with choices about how we collect, use and share your data.
This page describes specific rights you may have based on where you live, but if you live somewhere else you can still contact us and we will try to address any questions or concerns.
To exercise any of the rights described on this page, or to ask us a question about our data collection practices, please contact us:
- Online using our Privacy Request Form; or
- By emailing us at datenschutz@deutschegrammophon.com.
You can exercise your right to opt out of targeted advertising and/or the sale of personal information by clicking the “Cookie Choices” link at the bottom of the website you are interacting with and disabling Online Advertising. You must do this on each browser and each device you use in order to fully opt out.
EUROPEAN AND UK RIGHTS
This section of this Privacy Policy applies only if you use the App or DG websites from a country that is a Member State of the European Economic Area and supplements the information in this Privacy Policy.
You may be entitled, subject to validation of your identity and in accordance with applicable law, to:
- Confirm whether we process the consumer’s personal information and to access such information;
- Correct inaccuracies in personal information;
- Delete personal information;
- Data portability;
- Withdraw consent you have previously given; and/or
- Object to or request the restriction of processing of your personal data.
You may also be entitled, in accordance with applicable law, to lodge a complaint with a supervisory authority if you consider that our processing of your personal data infringes applicable law.
Legal Basis for Data Processing: We process personal data for the purposes set out in the relevant privacy policy. Our legal bases to process personal data includes processing that is: necessary for the performance of the contract between you and us (for example, to provide you with the services you request and to identify and authenticate you so you may use the App); necessary to comply with legal requirements (for example, to comply with applicable accounting rules and to make mandatory disclosures to law enforcement); necessary for our legitimate interests (for example, to manage our relationship with you and to improve the App); and based on the consent of our customers (for example, to communicate with you about our products and services and provide you with marketing information), which may subsequently be withdrawn at any time (by using preference settings found in our emails/Apps or by contacting DG as described above) without affecting the lawfulness of processing based on consent before its withdrawal.
We may use automated decision-making technologies, including profiling, to support our data processing activities. Our automated decision-making capabilities include logic that attempts to identify artists, music, communications, products, or offers that we believe may interest you. By using this logic, it helps us personalize your interactions with DG and DG artists. For you, this means that you may see online advertisements, direct marketing communications (if you have subscribed), or other advertising or marketing messages or special offers based on your activity on our Apps or interactions with Universal Music Group Companies or our third-party partners.
In some instances, you may be required to provide us with personal data for processing as described above, for us to be able to provide you to use all the features of the App.
International transfers
Our sharing your personal data in accordance with this Privacy Policy, may involve transferring your data outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by certifying, where required by law, at least one of the following safeguards is implemented:
- transferring personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
- consent of the individual;
- adherence to the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, and UK Extension to the EU-US Data Privacy Framework (see details below); or
- using specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
You may be entitled, in accordance with applicable law, to request a copy of relevant safeguards by contacting DG as described above.
US STATE RIGHTS
Residents of Colorado, Connecticut, Utah, or Virginia have certain rights with respect to their personal information, including the right to:
- Confirm whether we process the consumer’s personal information and to access such information;
- Correct inaccuracies in personal information;
- Delete personal information;
- Data portability;
- Opt out from targeted advertising; and/or
- Opt out from the sale of personal information.
Residents of Virginia, Colorado, and Connecticut have the right to opt out from profiling in furtherance of decisions that produce legal or similarly significant effects and to appeal decisions regarding a request to exercise their rights.
California residents may opt out of having their personally identifiable information shared with third parties for those third parties' direct marketing purposes by contacting us as described above.
Do-Not-Track Signals and Similar Mechanisms. Some web browsers may transmit “do-not-track” signals to the websites and other online services with which a user communicates. While there is no comprehensive industry standard for such signals, certain websites DG operates attempt to recognize this signal and, if detected, limit our use of cookies and similar tracking technologies. Unfortunately, due to the variation in browsers and detection capabilities and the lack of accepted standards we cannot guarantee that transmitting a “do-not-track” signal will result in our disabling cookies and tracking technologies. We recommend using the cookie choices tools on our sites to control DG’s use of cookies and tracking technologies.
Personal Data We Collect and Disclose
In the preceding 12 months, DG collected and disclosed the following categories of personal data. DG shares personal data for targeted advertising but does not otherwise engage in “sales” of personal data as defined by state laws.
1. Categories of personal data:
- Identifiers such as real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
- Disclosed to the following categories of third parties for business purposes: Universal Music Group affiliates; Business partners; Service providers; and Advertising companies.
- Shared for targeted advertising purposes with the following categories of third parties:
- Our business partners; Our service providers; and Advertising companies.
- Sold to the following categories of third parties: Data enrichment providers;
2. Categories of personal data:
- Commercial information, including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Disclosed to the following categories of third parties for business purposes: Universal Music Group affiliates; Business partners; Service providers; and Advertising companies.
- Shared for targeted advertising purposes with the following categories of third parties: N/A
- Sold to the following categories of third parties: N/A
3 Categories of personal data:
- Gender, a protected classification under California and federal law.
- Disclosed to the following categories of third parties for business purposes: Universal Music Group affiliates; Business partners; and Service providers.
- Shared for targeted advertising purposes with the following categories of third parties: Advertising companies.
- Sold to the following categories of third parties: N/A
4. Categories of personal data:
- Internet or other electronic network activity information, including browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
- Disclosed to the following categories of third parties for business purposes: Universal Music Group affiliates; Business partners; and Service providers.
- Shared for targeted advertising purposes with the following categories of third parties: Advertising companies.
- Sold to the following categories of third parties: N/A
5. Categories of personal data:
- Geolocation data, generally derived from IP address location services, but could also include presence in a geo-fenced area.
- Disclosed to the following categories of third parties for business purposes: Universal Music Group affiliates; Business partners; and Service providers.
- Shared for targeted advertising purposes with the following categories of third parties: Advertising companies.
- Sold to the following categories of third parties: N/A
6. Categories of personal data:
- Audio, electronic, visual, or similar information.
- Disclosed to the following categories of third parties for business purposes: Service providers.
- Shared for targeted advertising purposes with the following categories of third parties: N/A
- Sold to the following categories of third parties: N/A
7. Categories of personal data:
- Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
- Disclosed to the following categories of third parties for business purposes: Universal Music Group affiliates; Business partners; Service providers; and Advertising companies.
- Shared for targeted advertising purposes with the following categories of third parties: Advertising companies.
- Sold to the following categories of third parties: N/A
8. Categories of personal data:
- Other information about you that is linked to the personal information above.
- Disclosed to the following categories of third parties for business purposes:
- Universal Music Group affiliates; Business partners; Service providers; and Advertising companies.
- Shared for targeted advertising purposes with the following categories of third parties: Advertising companies.
- Sold to the following categories of third parties: N/A
Categories of Sources:
We collect personal data from:
- Individuals who provide information directly; Affiliates and business partners, which may include third parties;
- Third-party data providers and data brokers;
- Service providers; and
- Advertising companies.
Business or Commercial Purposes for Processing Personal Data:
We use and disclose the personal data as described above in the “How Your Information May Be Used” section of our privacy policy.
Your Rights:
Residents of certain states have rights with respect to the personal data collected by DG. You may be able exercise the following rights regarding your personal data:
- The right to confirm whether we process personal data about you;
- The right to correct inaccurate personal data;
- The right to know the categories and specific pieces of personal data we collect, use, disclose, and sell about you; the categories of sources from which we collected personal data about you; our purposes for collecting or selling personal data about you; the categories of personal data about you that we have sold or disclosed for a business purpose; and the categories of third parties with which we have shared personal data;
- The right to request the deletion of personal data we have collected about you;
- The right to opt out of processing and sharing of personal data for targeted advertising;
- Depending on your state, the right to limit our processing of certain “sensitive” personal data, including the withdrawal of prior consent; and/or
- The right to be free of discriminatory treatment for the exercise of the above privacy rights.
DG does not knowingly sell or share personal data of individuals younger than 16.
Depending on your state, if you have submitted a request that we have not reasonably fulfilled, you may contact us to appeal our decision by sending an email with the subject line “Appeal” to privacy@universalmusic.com.
Verification
We may take steps to verify your identity before completing your request. Our verification measures vary based on the risk to the individual and may involve confirming access to the relevant email account, providing a government-issued ID or other identification documents, or providing other account details or information that indicates a valid request.
Authorized Agent
You may also designate an authorized agent to requests on your behalf by designating such an agent in writing or through a power of attorney. We will require the agent to provide us with proof that you have authorized the agent to make requests on your behalf prior to accepting requests from the agent.
Additional Data Protection Info
ORDERING SERVICES FROM DEUTSCHE GRAMMOPHON
If you order services offered by Deutsche Grammophon GmbH ("Deutsche Grammophon", "DG", "we", "us"), e.g. conclude a streaming subscription (STAGE+), we require your personal master data (e.g. name), communication data (e.g. e-mail) as well as payment data upon conclusion of the contract. We need these to initiate or fulfil the contract (Art. 6 para.1 lit.b DSGVO).
You can manage your contract data yourself in our online service center. For this, you have to be registered.
After termination of the contract, we delete or block your data unless we are legally obliged to retain it. An obligation to retain your data e.g. for tax purposes is based on § 147 AO.
PAYMENT SERVICE PROVIDER
You may use the following payment methods:
PAYMENT BY CREDIT CARD (STRIPE).
If you have chosen to pay by credit card, the payment will be processed through Stripe Payments Europe Ltd, 1 Canal Street Lower, Grand Canal Dock, Dublin, Ireland ("Stripe"). We share the information you provided during the checkout process with Stripe, along with information about your order (including name, credit card number, invoice amount, currency and transaction number). At no time we store your credit card details. These are directly passed on to Stripe.
Stripe notifies us of the receipt of payment and we store the information on the receipt of payment as well as the details of the content ordered (in particular subscription type, duration, fee, payment method).
Your data will only be passed on if required for the purpose of processing your payment with Stripe.
You can find more information about Stripe's data protection here.
PAYMENT PER IN-APP PURCHASE (iOS APP)
If you make a STAGE+ purchase within the iOS App, e.g. purchase a STAGE+ subscription, the transaction and payment (so-called in-app purchase) is exclusively between you and the Apple App Store, Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill, Cork, Ireland (hereinafter "Apple"). The terms and conditions of Apple Media Services and the Apple App Store's Privacy Policy apply.
We only receive a Universally Unique Identifier - UUID (External ID) from Apple. Using this ID, Apple provides us with information about the subscription you purchased (Apple Product ID) and an original Transaction ID that identifies the transaction between you and Apple.
The legal basis for the processing is Art.6 para.1 lit.b GDPR. We need this data to verify your eligibility and activate your subscription.
NECESSARY TECHNOLOGIES
Strictly necessary technologies are required for you to browse our services and use their features. The information collected by these technologies relate to the operation of our service, e.g. scripting language and security tokens to maintain secure areas of our service. The service cannot function properly without these technologies. This includes collecting streaming data for royalty settlements with our artists and licensors. These technologies cannot be deactivated. The legal basis for using strictly necessary technologies with regard to the end device is § 25 II 2 TTDSG.
CONTACT
You may obtain information about the data stored about you at any time and, if we store the data on our servers, you may request its deletion or blocking.
For this purpose, please contact Universal Music's data protection officer at: datenschutz@deutschegrammophon.com.
More information on data processing can be found on our website, Deutsche Grammophon privacy policy.