Privacy policy

1. General

1.1 What is personal data

Personal data is information that discloses or can disclose the identity of the user. We adhere to the principle of data avoidance. As far as possible, we refrain from collecting personal data.

1.2 Handling of personal data

Personal data is used exclusively for the purpose of establishing the contract, defining its content, implementing or processing the contractual relationship (Art. 6 (1 b) GDPR).

Beyond that, personal data will only be processed if we have received your consent to do so (Art. 6 (1 a) GDPR) or if it is data whose processing is necessary for our legitimate interests and insofar as the balancing process shows that no overriding interests, fundamental rights or freedoms on your part are opposed (Art. 6 (1 f) GDRP).

We may use order processors to process your personal data but will not pass on the personal data to third parties beyond this as a matter of principle.

The processing of your personal data takes place exclusively within the EU unless otherwise stated below.

1.3 Usage data

When using our app, general technical information is collected. This is the IP address used, time, duration of the visit, browser type/device type and, if applicable, the page of origin. This usage data is registered in a log file for technical reasons and can be used and stored for statistical evaluation of this app. A linkage of these usage data with your further personal data does not occur.

1.4 Registration data

To use our app, you must first register in the Google Play Store, Windows Store or Apple App Store to download the app. The separate provisions of Google, Windows or Apple apply here. 

1.5 Data access

Through your consent after downloading the app, we gain access to the following types of data:

  • End device
  • Type of the end device
  • Time zone
  • Country of origin

This data is required for the assignment of the user and the functions of our app. In particular, however, it is also intended to prevent misuse by the user.

1.6 Push Services 

Our app uses push services provided by the operating system manufacturers.

After downloading the app, the mobile device registers with the corresponding push service of the platform (iOS – Apple Push Notification Service; Android – Google Cloud Messaging). The service then sends the registration ID (Android) or token (iOS) to the registered device; the ID or receipt is sent by the app to the server and stored therein a database. If a push notification is to be sent, the server sends the desired message with registration ID/token to the platform’s push service, which forwards the push message to the respective devices.

We use push messages to inform you about events within the app that may require your special attention or a reaction on your part.

Consent is requested during the initial setup of the app and/or later on occasion.

You can suspend receiving push notifications when not using the app by explicitly logging out of the app. Through the operating system, you can revoke consent to receive push notifications as follows: 

– iOS/Settings//Messages.

– Android/Settings/Applications/Application Manager//Notifications.

1.7 Duration of storage

We store your personal data after the termination of the purpose for which the data was collected only as long as required by law (especially tax law).

2. Your rights

2.1 Information

You can request information from us as to whether we are processing personal data about you and, if so, you have a right to be informed about this personal data and to receive the further information referred to in Article 15 of the GDPR.

2.2 Right to rectification

You have the right to rectify inaccurate personal data concerning you and may request the completion of incomplete personal data by following Art. 16 GDPR.

2.3 Right to erasure

You have the right to demand that we delete the personal data concerning you without undue delay. We are obliged to delete them without delay, in particular, if one of the following reasons applies:

  • Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
  • You revoke your consent on which the processing of your data was based and there is no other legal basis for the processing.
  • Your data has been processed unlawfully.

The right to erasure does not exist insofar as your personal data is required for the assertion, exercise or defense of our legal claims.

2.4 Right to restriction of processing

You have the right to demand that we restrict the processing of your personal data if

  • you dispute the accuracy of the data and we, therefore, verify the accuracy,
  • the processing is unlawful and you refuse the deletion and demand the restriction of use instead
  • we no longer need the data, but you need it to assert, exercise or defend legal claims,
  • you have objected to the processing of your data and it has not yet been determined whether our legitimate reasons outweigh your reasons.

2.5 Right to data portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent or a contract and the processing is carried out by us with the help of automated processes.

2.6 Right of withdrawal

Insofar as the processing of your personal data is based on consent, you have the right to revoke this consent at any time.

2.7 General and right of appeal

The exercise of your above rights is generally free of charge for you. In the event of complaints, you have the right to contact the supervisory authority responsible for us, the State Data Protection Officer, directly.

3. Data security

3.1 Data security

All data within the application of the app is secured by technical and organizational measures against loss, destruction, access, modification and distribution.

3.2 Sessions and cookies

To operate the app, we use cookies or server-side sessions in which data can be stored. We only use cookies or server-side sessions that are technically necessary for the operation of this website (e.g. spam protection for contact form, shopping cart function) and for which the assessment shows that there are no overriding interests on your part (Art. 6 (1 f) GDPR).

4. Presence on social media platforms

We use the following social media platforms for company presentation and communication (an explicit reference to the privacy statements and opt-out options linked below).

Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).

Privacy policy:


Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).

Privacy policy and opt-out:

TikTok (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland)

Privacy policy:

These social media platforms may process personal data outside the EU, we refer in this respect to the above privacy statements of the social media platforms.

The respective social media platforms may create usage profiles from your usage behavior and the resulting interests and actions on your part and store cookies on your computer in which your usage behavior is stored. If you have an account on the respective social media platform and are logged in, your usage behavior may even be stored independently of the device. Your user profile can be used, for example, to place advertisements that presumably correspond to your interests.

We process the personal data exclusively for communicating with you via the social media platform you have chosen and for optimizing our online presence and ensure that no interests of yours are affected here that outweigh this legitimate interest of ours (Art. 6 (1 f) GDPR). Insofar as you have already given the respective operator of the social media platform effective consent to the corresponding data processing, the processing of your personal data will also be based on this consent (Art. 6 (1 a) GDPR).

5. Social media links

We have our own social media pages with third-party providers that can be reached via links from this app. Using the links will take you to the respective websites of the third-party providers (e.g. Facebook, Twitter, Instagram). To avoid unnecessary data transfer, we recommend logging out of the respective third-party provider before using a corresponding link, so that user profiles cannot be created by the third-party provider simply by using the link.

6. Contacting

To contact us regarding data protection, you are welcome to use the following contact options.
contact form


Responsible party within the meaning of the GDPR:
Schallmayer Music
Michael Schallmayer
KLG Rosenberg Parz. 85
1130 Vienna