Revised July 1, 2022
WHAT INFORMATION DO WE COLLECT AUTOMATICALLY FROM YOU?
In Short: Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our Site.
We automatically collect certain information when you visit, use or navigate the Site that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked with you or your household. This information may not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Site and other technical information. This information is primarily needed to maintain the security and operation of our Site, and for our internal analytics and reporting purposes.
The technologies we use for this automatic data collection may include:
Cookies (or browser cookies).
Certain features of our Site may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Site. Flash cookies are not managed by the same browser settings as are used for browser cookies.
Pages of our Site and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related Sites statistics (for example, recording the popularity of certain Sites content and verifying system and server integrity).
WHAT INFORMATION IS COLLECTED FROM OTHER SOURCES?
In Short: We may collect limited data from public databases, marketing partners, and other outside sources.
In addition, you can prevent the recording of the data generated by the cookie and relating to your usage of the website (incl. your IP address) to Google and the processing of these data by Google, by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?
Further information on data protection with regard to Google Analytics can be found directly here at Google.
Our website uses the social plug-ins and pixels of the social network facebook.com, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. If you have your normal place of residence in the European Union, the Facebook services are offered to you by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland. The social plug-ins are discernible by the Facebook logos (white “f” on blue background or the characteristic Facebook thumb) or marked by the addition “Facebook Social Plug-In”; all Facebook plug-ins can be viewed here. The sign-up and/or log-in of Facebook is also easy to recognize by the characteristic white script on a blue background.
If you would like to register or log in with us using the Facebook sign-up and/or log-in, you then permit us to:
1. Access your general details such as your name, profile image, gender, the user ID, your friend lists and all other data that you have made public in your profile.
2. Send your e-mails.
3. Post status reports on your behalf.
4. Also to access your data when you are not currently using the application.
5. Access your other profile information such as “About me”, your date of birth, your home town and your current place of residence.
When you call up our Website on which a social plug-in (e.g., a “like” button) is implemented, your browser will then establish a direct link to Facebook and will then transmit the following data to Facebook directly:
1. date and time of your visit,
2. the Internet address/URL of the site that you are currently visiting,
3. your IP address,
4. your browser,
5. your operating system,
6. your user code if you are a registered user of Facebook and if applicable your surname and first name.
The data can only be transmitted to the Facebook profile when the user is logged in to Facebook. Logging out of Facebook prevents the transmission of these data to the Facebook profile.
Facebook saves these data for a period of 90 days. Facebook then removes the name and all other personal information from the data; a pseudonymized usage profile remains.
Please note that we do not have any influence on the scope of the data which Facebook collects with the help of the plug-in and that with regard to data protection we have to rely on the data usage guideline of Facebook, on which our aforementioned information is based. Please inform yourself further on Facebook specifically about the purpose and scope of the data collection and your rights in this regard and the setting options to protect your privacy using the data usage guidelines. It is of course possible to prevent the placing of cookies by settings in your browser. In addition, it is also possible to block the social plug-ins of Facebook with add-ons for your browser such as the “Facebook Blocker.”
Our Website uses plugins from YouTube, including YouTube Pixel, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR. Further information about handling user data can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
GOOGLE WEB FONTS
SPOTIFY AND APPLE MUSIC
Our Website uses plugins from Spotify and Apple Music. The operators of these two applications are as follows:
A) Spotify USA Inc., 45 W. 18th Street, Fllor 7, New York, NY 10011, USA
B) Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014, USA.
If you visit one of our pages featuring a Spotify or Apple Music plugin, a connection to their website is established. Here their servers are informed about which of our pages you have visited. If you’re logged in to your Spotify or Apple Music account, each allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Spotify or Apple Music accounts. Spotify and Apple Music are used to help connect you with our music. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Further information about handling user data can be found in the data protection declaration of Spotify or Apple Music respectively under https://www.spotify.com/us/legal/privacy-policy/ and
WHAT OTHER INFORMATION DO YOU PROVIDE TO US?
In Short: You provide us information if you sign up for our Forum, Fan Club or a Contest, and we also collect some information if you sign up for our Newsletter.
If you register for an Account on our Forum or Fan Club, you will provide information that could be Personal Information, such as your date of birth, a user name, your email address, your time zone, a password, and if you were referred to our Site by an existing registered member. You may also choose to provide additional Personal Information by editing your profile. You may choose to include a Custom User Title, information about yourself, basic demographic information including age and location, a description of your interests, your favorite Blue October songs and/or albums, and links to your website or social media profiles.
Through our Newsletter, we send our fans information about tour dates, new music, merchandise, band members’ side projects, and other Blue October related material. If you choose to be on our mailing list, all we ask for is your name and email address.
PERSONAL INFORMATION OF CHILDREN
In Short: We do not knowingly collect data from or market to children under 16 years of age.
We do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send us any of your Personal Data. If we learn that we have collected Personal Data from a child under age 16, we will delete that information as quickly as possible.
HOW, AND WITH WHOM, IS MY INFORMATION SHARED OR TRANSFERRED?
In Short: We only share information either with your consent, to comply with laws, to protect your rights, or to fulfill business obligations.
We may process or share data based on the following legal basis:
Consent: We may process your data if you have given us specific consent to use your Personal Information in a specific purpose.
Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
Performance of a Contract: Where we have entered into a contract with you, we may process your Personal Information to fulfil the terms of our contract.
Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet
national security or law enforcement requirements).
Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved. Additionally, we may need to process your data or share your Personal Information in the following situations:
Service Providers. We may share your data with our Service Providers. We may allow Service Providers to use tracking technology on the Site, which will enable them to collect data about how you interact with the Site over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your Personal Information with any Third Party or Service Provider for their promotional purposes.
WHAT PUBLIC INFORMATION ABOUT YOU AND YOUR ACTIVITY ON THE SITE CAN OTHERS VIEW?
In Short: Information you post about you on our Site may be viewed by others who access the Site.
Information you choose to include in your profile, or any Personal Information you share about yourself on our Forum may be viewed by others who access the Site. This includes information you choose to provide openly, including your username, contact name, information about yourself, and links to your website or social media profiles, which may be displayed to other users to facilitate user interaction within the Site. We will not directly reveal user email addresses to other users.
Some of your activity on and through the Site is public by default. This may include, but is not limited to, content you have posted publicly on the Site or otherwise through the Site. Please remember that if you choose to provide Personal Information using certain public features of the Site, then that information is governed by the privacy settings of those particular features and may be publicly available. Individuals reading such information may use or disclose it to other individuals or entities without our control and without your knowledge, and search engines may index that information. We therefore urge you to think carefully about including any specific information you may deem private in content that you create or information that you submit through the Site.
WHAT INFORMATION IS DISCLOSED FOR OUR PROTECTION AND THE PROTECTION OF OTHERS?
In Short: We may have to share your Personal Information if legally required to do so.
WHAT CHOICES DO YOU HAVE REGARDING YOUR INFORMATION?
IN SHORT: YOU HAVE SEVERAL OPTIONS TO CONTROL AND MANAGE THE AMOUNT OF PERSONAL INFORMATION YOU SHARE WITH US.
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Information, as outlined below.
You can request more information about the Personal Information we hold about you and request a copy of such Personal Information.
If you believe that any Personal Information we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by updating any of the information contained in your user profile.
You can request that we erase some or all of your Personal Information from our systems.
D) WITHDRAWAL OF CONSENT:
If we are processing your Personal Information based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Information, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
You can ask for a copy of your Personal Information in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
You can contact us to let us know that you object to the further use or disclosure of your Personal Information for certain purposes.
G) RESTRICTION OF PROCESSING:
You can ask us to restrict further processing of your Personal Information.
H) RIGHT TO FILE COMPLAINT:
You have the right to lodge a complaint about Blue October’s practices with respect to your Personal Information with the supervisory authority of your country or EU Member State.
I) TRANSFERS OF PERSONAL INFORMATION:
The Services are hosted and operated in the United States (“U.S.”) through our Service Providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you is being provided to Blue October in the U.S. and will be hosted on U.S. servers, and you authorize us to transfer, store and process your information to and in the U.S., and possibly other countries. Please note that whenever we transfer your personal data outside of the EEA, we ensure a similar degree of protection is afforded to it by ensuring, where required by law, at least one of the following safeguards is implemented: transferring personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
using specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or transferring personal data to the United States to an entity if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
You may be entitled, in accordance with applicable law, to request a copy of relevant safeguards.
CALIFORNIA PRIVACY RIGHTS:
If you are a California resident and you have provided us with your Personal Information, you have the right to request that we:
A) Disclose the categories and specific pieces of Personal Information we have collected;
B) Disclose the categories of sources from which the Personal Information is collected;
C) Disclose the purpose for collecting or selling your Personal Information;
D) Disclose the categories of third parties with whom we share your Personal Information;
E) Delete any Personal Information about you that we have collected from you, subject to
certain exceptions; and
F) NOT SELL YOUR PERSONAL INFORMATION.
NEVADA PRIVACY RIGHTS:
If you are a Nevada resident and you have provided us with your Personal Information, you have the right to request that we allow you to opt-out of the sale of your Personal Information.
OPT-OUT OF TARGETED ADVERTISING
Through the Digital Advertising Alliance (“DAA”) and Network Advertising Initiative (“NAI”), several media and marketing associations have developed an industry self-regulatory program to give consumers a better understanding of and greater control over ads that are customized based on their online behavior across different websites. To make choices about interest-based ads from participating third parties, please visit the DAA’s or NAI’s consumer opt out pages, which are located at http://www.networkadvertising.org/choices/ or www.aboutads.info/choices.
Reset your mobile device’s advertising identifier or set it to opt out of targeted advertising.
iOS: You can opt-out of targeted advertising by choosing “Limit Ad Tracking” in your device’s settings menu.
Android: You can reset your advertising ID at any time from the Ads section under Settings on your device, or you can also opt-out of targeting advertising in this same section.
HOW LONG DO WE RETAIN YOUR PERSONAL INFORMATION?
IS THE INFORMATION ABOUT YOU SECURE?
In Short: We aim to protect your Personal Information through a system of organizational and technical security measures, including encryption as required by law.
As required by Nevada law, we encrypt any Personal Information during transfers or any movement of it to our Service Providers are whenever otherwise required contractually, by law or order. In addition, we have implemented appropriate technical and organizational security measures designed to protect the security of any Personal Information we process.
Please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your Personal Information, transmission of Personal Information to and from our Site is at your own risk. You should only access the Site within a secure environment.