Privacy Policy for In The Flesh Record Company Aps Collection and Processing of Personal Data

In this privacy policy, you can read how In The Flesh Record Company ApS (“the Company”, “we”, “us”, or “our”) handles the personal data we obtain when you interact with us, including when you visit our website, purchase our products or events, subscribe to our news updates, and/or otherwise use the various services and features we offer.

1. Collection of Personal Data

We collect and process the personal data about you that is considered necessary for carrying out your transactions with us, including when you visit our website, purchase our products or events, subscribe to our news updates, and/or otherwise use the services and functions we provide.

The following types of general personal data may be processed:

General personal data, including:
• Contact information such as name, address, phone number, and email address
• Payment/Billing information
• Demographic data including age, gender, and interests
• Photos, videos, audio recordings, and other content captured at our events and/or uploaded by you to our website
• IP addresses, usernames, and passwords
• Information about your music preferences and past purchases
• Other information you may provide to us in connection with your transactions with us
• Information on any non-compliance relating to your transactions with us

If you are an artist or another commercial partner, we will collect and process the following additional information:
• Your business information, including company name, registration number, etc.
• Contact details for your representatives, including addresses, phone numbers, and email addresses
• Payment/Billing information

We only process the data necessary in connection with your transactions with us. The basis for processing most of the personal data we collect and process about you is the agreements for the purchase of our products and/or events that you enter into via our website, in accordance with Article 6(1)(b) of the GDPR. Processing may also be based on a legal obligation arising from other legislation, in accordance with Article 6(1)(c), or on our legitimate interests, in accordance with Article 6(1)(f).

Your personal data may also be processed where required by law or for the establishment, exercise, or defence of legal claims, in accordance with Article 6(1)(f) and Article 9(2)(f) of the GDPR.

2. Processing of Personal Data

We may process your personal data for the following purposes:
• To fulfil your transactions with us
• To comply with legal requirements and other obligations, including regulatory obligations and other forms of public regulation

3. Who Will My Personal Data Be Shared With?

Third parties may gain access to your personal data based on a contractual relationship with us when they provide relevant services to us, such as distribution and logistics. Such providers (data processors) will only process personal data based on a data processing agreement and in accordance with our instructions.

We also share your information with relevant public authorities, external agents, and the Company’s legal advisers. The legal basis for this disclosure is Article 6(1)(b), (c), and (f) of the GDPR.

Certain personal data will be reported to public authorities if required by law, for example in relation to tax reporting. The legal basis for such disclosure is Article 6(1)(b) and (c) of the GDPR.

If we require legal assistance or other advisory services, we may disclose your personal data to our external lawyers, auditors, and other relevant advisers based on our legitimate interest in establishing, defending, or enforcing a legal claim, in accordance with Article 6(1)(f) and Article 9(2)(f).

4. Transfer of Personal Data

Data disclosed/exchanged in accordance with the above may be transferred both within the EU/EEA and to countries outside the EU/EEA.

If your data is transferred to a recipient located in a country outside the EU/EEA that does not ensure an adequate level of data protection, the transfer will only take place if a transfer agreement has been entered into between the parties. Such agreement will be based on the EU’s Standard Contractual Clauses.

5. Storage and Deletion of Your Personal Data

We delete your personal data when we no longer need to process it for the purposes for which it was collected.

6. Your Rights

Subject to certain legal exceptions, you have the right to access the personal data we process and store about you. You also have the right to object to the processing and to request restriction of the processing of your personal data. In addition, you have the right to request rectification, including completion, or deletion of your personal data where necessary.

Under certain circumstances, you may also request a copy of your personal data in a structured, commonly used, and machine-readable format, and request that we transfer the personal data you have provided to another data controller.

7. Questions

The following legal entity is the data controller for the processing of your personal data:

In The Flesh Record Company ApS
CVR no. 45340333
H.C. Ørsteds Vej 39C, 4. th
1879 Frederiksberg C
Denmark

If you wish to exercise any of your rights, or if you have questions about this privacy policy or the processing of your personal data, please contact us at info@itfrc.com

If you wish to lodge a complaint about our processing of your personal data, please contact us. You may also submit a complaint to the Danish Data Protection Agency (Datatilsynet), Carl Jacobsens Vej 35, 2500 Valby, phone +45 33 19 32 00, email dt@datatilsynet.dk.