Privacy Policy

1. General

1.1 What is personal data

Personal data is information that discloses or can disclose the identity of the user. We adhere to the principle of data avoidance. As far as possible, we refrain from collecting personal data.

1.2 Handling of personal data

Personal data is used exclusively for the purpose of establishing the contract, defining its content, implementing or processing the contractual relationship (Art. 6 (1 b) GDPR).

Beyond that, personal data will only be processed if we have received your consent to do so (Art. 6 (1 a) GDPR) or if it is data whose processing is necessary for our legitimate interests and insofar as the balancing process shows that no overriding interests, fundamental rights or freedoms on your part are opposed (Art. 6 (1 f) GDRP).

We may use order processors to process your personal data but will not pass on the personal data to third parties beyond this as a matter of principle.

Only for the processing of payments, the payment data required for this will be passed on to the credit institution commissioned with the payment and, if applicable, to the commissioned and selected payment service provider.

The processing of your personal data takes place exclusively within the EU unless otherwise stated below.

1.3 Usage data
When visiting the website, general technical information is collected. This is the IP address used, time, duration of the visit, browser type and, if applicable, the page of origin. This usage data is registered in a log file for technical reasons and can be used and stored for the purpose of statistical evaluation of this website. A linkage of these usage data with your further personal data does not take place.

1.4 Duration of storage

We store your personal data after the termination of the purpose for which the data was collected only as long as this is required by law (especially tax law).

2. Your rights

2.1 Information

You can request information from us as to whether we are processing personal data about you. If so, you have a right to information about this personal data and the further information specified in Article 15 of the GDPR.

2.2 Right to rectification

You have the right to rectification of inaccurate personal data concerning you and may request the completion of incomplete personal data in accordance with Art. 16 GDPR.

2.3 Right to erasure

You have the right to demand that we delete the personal data concerning you without undue delay. We are obliged to delete them without delay, in particular, if one of the following reasons applies:

  • Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
  • You revoke your consent on which the processing of your data was based, and there is no other legal basis for the processing.
  • Your data has been processed unlawfully.

The right to erasure does not exist insofar as your personal data is required for the assertion, exercise or defense of our legal claims.

2.4 Right to restriction of processing

You have the right to demand that we restrict the processing of your personal data if

  • you dispute the accuracy of the data, and we, therefore, verify the accuracy,
  • the processing is unlawful, and you refuse the deletion and demand the restriction of use instead,
  • we no longer need the data, but you need it to assert, exercise or defend legal claims,
  • you have objected to the processing of your data, and it has not yet been determined whether our legitimate reasons outweigh your reasons.

2.5 Right to data portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent or a contract and the processing is carried out by us with the help of automated processes.

2.6 Right of withdrawal

Insofar as the processing of your personal data is based on consent, you have the right to revoke this consent at any time.

2.7 General and right of appeal

The exercise of your above rights is generally free of charge for you. In the event of complaints, you have the right to directly contact the supervisory authority responsible for us, the State Data Protection Officer. 

3. Data security

3.1 Data security

All data on our website are secured by technical and organizational measures against loss, destruction, access, modification and distribution.

3.2 Sessions and cookies

To operate the website, we use cookies or server-side sessions in which data can be stored. We only use cookies or server-side sessions that are technically necessary for the operation of this website (e.g. spam protection for contact form, shopping cart function) and for which the assessment shows that there are no overriding interests on your part (Art. 6 (1 f) GDPR).

4. Newsletter

If you register for our newsletter, we will use the data required for this purpose or separately provided by you to regularly send you our e-mail newsletter based on your consent in accordance with Art. 6 (1 a) GDPR.

Unsubscribing from the newsletter is possible at any time and can be done either by sending us a message via the contact options provided in the imprint or via the link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this statement.

5. Presence on social media platforms

We use the following social media platforms for company presentation and communication (explicit reference is made to the privacy statements and opt-out options linked below).

Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).
Privacy policy: https://www.facebook.com/about/privacy/
Opt-Out: http://www.youronlinechoices.com

Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).
Privacy policy and opt-out: http://instagram.com/about/legal/privacy/

TikTok (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland)
Privacy policy: https://www.tiktok.com/legal/privacy-policy?lang=en

These social media platforms may process personal data outside the EU, we refer in this respect to the above privacy statements of the social media platforms.

The respective social media platforms may create usage profiles from your usage behavior and the resulting interests and actions on your part and store cookies on your computer in which your usage behavior is stored. If you have an account on the respective social media platform and are logged in, your usage behavior may even be stored independently of the device. Your usage profile can be used, for example, to place advertisements that presumably correspond to your interests.

We process the personal data exclusively for communicating with you via the social media platform you have chosen and for optimizing our online presence and ensure that no interests of yours are affected here that outweigh this legitimate interest of ours (Art. 6 (1 f) GDPR). Insofar as you have already given the respective operator of the social media platform effective consent to the corresponding data processing, the processing of your personal data will also be based on this consent (Art. 6 (1 a) GDPR).

We have our own social media pages with third-party providers that can be reached via links from this website. Using the links will take you to the respective websites of the third-party providers (e.g. Facebook, Twitter, Instagram). To avoid unnecessary data transfer, we recommend that you log out of the respective third-party provider before using a corresponding link, so that user profiles cannot be created by the third-party provider simply by using the link.

6. Third party services 

6.1 Social media links

We have our own social media pages with the third-party providers that can be reached via links from this website. Using the links will take you to the respective websites of the third-party providers (e.g. Facebook, Twitter, Instagram). To avoid unnecessary data transfer, we recommend logging out of the respective third-party provider before using a corresponding link, so that usage profiles cannot be created by the third-party provider simply by using the link.

6.2 Use of Matomo
This website uses Matomo, which is a web analytics service operated by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769.
Your IP address is immediately anonymized during the analysis, so that you as a user remain anonymous to us. 
The information generated about your use of this website is not shared with third parties. 
Thus, the weighing shows that there are no overriding interests on your part (Art. 6 (1 f) GDPR).
You can view Matomo’s privacy policy here https://matomo.org/privacy/. 

6.3 WordPress plugin NinjaFirewall

We use NinjaFirewall, a service of NinTechNet, 38, Soi Ladprao 94, Wang Thonglang, Bangkok 10310, Thailand, to increase the security of our website. For the function of NinjaFirewall your IP address is stored in anonymized form on our server.

Thus, the balancing shows that there are no overriding interests on your part (Art. 6 (1 f) GDPR). You can view the privacy policy of NinjaFirewall here: https://blog.nintechnet.com/ninjafirewall-general-data-protection-regulation-compliance/

7. Contacting us

To contact us regarding data protection, you are welcome to use the following contact options. 

contact form

e-mail: office@schallmayer.at

The person responsible in the sense of the GDPR:
Schallmayer Music
Michael Schallmayer
KLG Rosenberg
1130 Vienna
Austria