Privacy Policy
The responsible party in terms of the European Data Protection Regulation (DSGVO) and other national data protection laws as well as other data protection regulations is:
Atomic Fire Records GmbH
Managing directors: Sven Michael Bogner
Hauptstraße 109
73072 Donzdorf / Germany
Phone: +49 (0) 7162 – 227 046 4
Email: info@atomicfire-records.com
I. Provision of our Internet pages and log files
1. scope of the processing of personal data
When you call up our Internet pages, your browser establishes a connection to our web server. This creates connection data that is stored in so-called log files.
Log files contain the IP address of your requesting device, the date and time of your request, your browser type, your operating system, the referrer URL (Internet address of the website previously visited by you, which is automatically transmitted depending on the browser you are using), and the name of your access provider.
2. purpose of data processing
We use the data to display and deliver our content.
3. legal basis for the processing
The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f DSGVO.
4. duration of storage
Your IP address and other data will be anonymized. A personal reference can no longer be established.
5. possibility of objection and elimination
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
II. use of cookies
1. general description
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.
In the cookies, language settings and log-in information are stored and transmitted.
With the exception of the essential cookies that are required for the operation of our website, we do not set cookies automatically, but first ask for your consent when you call up our website, before another type of cookie is set by us. For this purpose we use the Borlabs Cookie Plugin from the manufacturer Borlabs – Benjamin A Bornschein https://de.borlabs.io/borlabs-cookie. Your consent or refusal is stored by us in a log file (without using the personal data) so that we and you can track when you gave which consent to which cookies. Alternatively, you can set your browser to accept or reject our cookies.
We have integrated YouTube videos and a Spotify player on our website via an iframe, so that you can also access the content of our artists provided there via our website. For this purpose, your IP address is transmitted to the respective operators when you call up our site, if you agree to this.
The operator of YouTube is Google Ireland Limited, a company registered and operated under Irish law (registration number: 368047) with its registered office in Gordon House, Barrow Street, Dublin 4, Ireland. For more information, please visit: www.youtube.com
Spotify is operated by Spotify AB, a company incorporated and existing under the laws of Sweden, with its registered office at Regeringsgatan 19, 111 53 Stockholm, Sweden. For more information, please visit: www.spotify.com
Your consent to the transmission of your IP address to the aforementioned providers is requested via the Borlabs cookie plugin. If you do not agree, the iframe content will be automatically blocked for you without transmitting your IP address to the respective provider.
Furthermore, there are links to third-party websites such as Facebook, Twitter and Instagram, which you can access via our website.
All third-party providers may possibly set cookies, for which the third-party providers alone are responsible. We do not accept any liability for the possible use of cookies by third parties. We therefore recommend that you check third-party websites with regard to the use of cookies. The same applies to the collection of personal data by these third parties when using their services, for which they alone are responsible.
2. purpose of data processing
The purpose of using these technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.
3. legal basis for processing
The legal basis for the processing of personal data using cookies is Art. 6 (1) lit. f DSGVO.
4. duration of storage, possibility of objection and removal.
Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies – even those to which you have given your explicit consent. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.
5. web analysis through Matomo
We also use cookies on our website that enable an analysis of the user’s surfing behavior.
a) Scope of the processing of personal data
We use the open source software tool Matomo on our website to analyze the surfing behavior of our users. The software sets a cookie on the user’s computer. If individual pages of our website are called up, the following data is stored:
- Two bytes of the IP address of the user’s calling system.
- The website called up
- The website from which the user accessed the accessed website (referrer)
- The subpages accessed from the accessed website
- The time spent on the website
- The frequency with which the website is accessed
The software runs exclusively on the servers of our website. A storage of the data of the users takes place only there. The data is not passed on to third parties. The software is set in such a way that the IP addresses are not stored completely, but 2 bytes of the IP address are masked (ex: 192.168.xxx.xxx). In this way, an assignment of the shortened IP address to the calling computer is no longer possible.
b) Legal basis for data processing
The legal basis for the processing of personal data using cookies for analysis purposes is, in the presence of a relevant consent of the user, which we request when entering our website via the Borlabs Cookie Plugin, Art. 6 para. 1 lit. a DSGVO.
c) Purpose of the data processing
The processing of users’ personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness.
d) Duration of storage
The data is stored by us for 12 months and then automatically deleted.
e) Possibility of objection and removal
You can prevent the storage of cookies in connection with Matomo by setting your browser software accordingly. You can find more information about the privacy settings of the Matomo software under the following link: https://matomo.org/docs/privacy/.
6. Wordfence Firewall
We also use cookies on our website to prevent bruteforce or XSS attacks on our website.
a) Scope of the processing of personal data
We use a Wordfence Web Application Firewall on our website, a service provided by Defiant Inc, 1700 Westlake Ave N Ste 200, Seattle, WA 98109, USA, www.wordfence.com, which protects our website from common web-based attacks. The firewall is configured to filter attacks before plugins or themes can execute potentially vulnerable code. For this purpose, cookies are set and the IP address, the browser used, the operating system, the country and the current location of the call, as well as the page called up, are stored and transmitted to Difiant Inc. with whom we have an order processing agreement.
b) Legal basis for data processing
The legal basis for the processing of personal data using cookies to protect against attacks is Art. 6 (1) lit. f DSGVO.
c) Purpose of the data processing
The processing of users’ personal data enables us to provide protection against hackers, fraudsters and attacks.
d) Duration of storage
Data is stored by us for 30 days and then automatically deleted.
e) Possibility of objection and removal
You have the possibility to object to the storage of your personal data at any time by sending an e-mail to info@atomicfire-records.com. In turn, we reserve the right to object to deletion if we have evidence that you have prepared and/or carried out an attack on our system, because we have a legitimate interest in ensuring that our website is not affected in the form of a “service blockade”.
III. Newsletter registration
1. scope of processing of personal data
On our website, you can subscribe to a free newsletter in the account. When you register for the newsletter, your email address and your name from the input mask are transmitted to Mailjet GmbH, Alt-Moabit 2, 10557 Berlin, Germany, https://www.mailjet.de, with whom we have a contract for the processing of orders and who sends the newsletter on our behalf and creates analyses of your behavior in relation to the newsletter for us. Mailjet can be used to analyze, among other things, how many recipients have opened the mail and how often which link in the newsletter was clicked. It can also be analyzed whether after clicking on the link in the newsletter a further interaction between the recipient and us has occurred. For the processing of the data, your consent is obtained during the registration process and reference is made to this privacy policy.
2 Purpose of the data processing
The processed data is used exclusively for sending our newsletter.
3. legal basis for the processing
The legal basis for the processing of data after you have registered for the newsletter is Art. 6 para. 1 lit a DSGVO.
4. duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Accordingly, the email address will be stored as long as the newsletter subscription is active.
5. possibility of objection and removal
The subscription to the newsletter can be cancelled by you at any time. For this purpose, you will find a corresponding link in each newsletter.
IV: Your rights
If personal data is processed by you, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
1. right to information
You may request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request information from the controller about the following:
- The purposes for which the personal data are processed;
- the categories of personal data which are processed;
- the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
- the planned duration of the storage of the personal data concerning you or, if concrete information on this is not possible, criteria for determining the storage period;
- the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- any available information on the origin of the data, if the personal data are not collected from the data subject;
- the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 DSGVO in connection with the transfer.
2. right to rectification
You have a right to rectification and/or completion vis-à-vis the controller if the personal data processed concerning you is inaccurate or incomplete. The controller shall carry out the rectification without undue delay.
3. right to restriction of processing
Under the following conditions, you may request the restriction of the processing of personal data concerning you:
- if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
- the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
- the controller no longer needs the personal data for the purposes of processing, but you need it for the establishment, exercise or defense of legal claims; or
- if you have objected to the processing pursuant to Article 21 (1) DSGVO and it has not yet been determined whether the controller’s legitimate grounds override your grounds.
If the processing of personal data concerning you has been restricted, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State. If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. right to deletion
a) Obligation to delete
You may request the controller to erase the personal data concerning you without undue delay, and the controller is obliged to erase such data without undue delay, if one of the following reasons applies:
- The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
- You revoke your consent on which the processing was based pursuant to Art. 6 (1) a or Art. 9 (2) a DSGVO and there is no other legal basis for the processing.
- You object to the processing pursuant to Art. 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) DSGVO.
- The personal data concerning you has been processed unlawfully.
- The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
- The personal data concerning you has been collected in relation to information society services offered pursuant to Article 8(1) of the GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) of the GDPR, it shall take reasonable steps, including technical measures, having regard to the available technology and the cost of implementation, to inform data controllers that process the personal data that you, as the data subject, have requested that they erase all links to or copies or replications of that personal data.
c) Exceptions
The right to erasure does not exist to the extent that the processing is necessary
- For the exercise of the right to freedom of expression and information;
- for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) DSGVO;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) DSGVO, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or
- for the assertion, exercise or defense of legal claims.
5. right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients vis-à-vis the controller.
6. right to data portability
You have the right to receive the personal data concerning you that you have provided to the controller in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided, provided that
- the processing is based on consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO and
- the processing is carried out with the help of automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. right of objection
You have the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning you that is carried out on the basis of Article 6(1)(e) or (f) DSGVO; this also applies to profiling based on these provisions. The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
If the personal data concerning you is processed for the purposes of direct marketing, you have the right to object at any time to processing of personal data concerning you for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the possibility, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures using technical specifications.
8. right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
9. Automated decision in individual cases including profiling.
You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects vis-à-vis you or similarly significantly affects you. This does not apply if the decision
- is necessary for the conclusion or performance of a contract between you and the controller,
- is permitted by legal provisions of the Union or the Member States to which the controller is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests, or
- is done with your explicit consent.
However, these decisions may not be based on special categories of personal data pursuant to Article 9(1) of the GDPR, unless Article 9(2)(a) or (g) of the GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests. With regard to the cases mentioned in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
10. right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.