Privacy Policy
We at Session (the "Provider") are dedicated to treating our users' (the "User(s)"/"You"/"Your") personal data with care and respect in relation to Your use of the Session platform ("Session") and all services provided on Session (collectively the "Service").
This is the Privacy Policy for the Service and, as such, it describes how the Provider collects, uses, and shares the personal data of individuals whenever they use the Service.
Please read this policy carefully to understand the Provider’s views and practices regarding Your personal data and how the Provider will treat it. By using the Service You are agreeing to the Terms of Use and You are accepting and consenting to the practices set out in this Privacy Policy. Please do not use the Service unless You agree with the Terms of Use and this Privacy Policy.
Reference to “Provider”, “Session”, “we”, “our” or “us” is to Session.id Limited a company incorporated under the laws of England and Wales with company number 11782991 and whose principal office is at 1 Montem Terrace, 35a Arterberry Road, London, SW20 8AG, England.
Terms starting with a capital letter and not defined herein are defined in the Terms of Use and have the meaning assigned to them in the Terms of Use (which can be found here: Terms of Use).
YOUR PERSONAL RIGHTS AND CONTROLS
1. Privacy laws, including the UK and EU General Data Protection Regulation (“UK GDPR” and “EU GDPR”), give rights to individuals over their personal data and regulate the collecting and processing of personal data. The Provider shall be liable for the collecting and processing of personal data for which the Provider decides the purposes and the means for which the personal data is processed. Personal data is any information that directly or indirectly identifies a natural living person, e.g. name and address, but may also include other information (as set forth below) uploaded to the Service in relation to a Song Project.
INFORMATION AND PERSONAL DATA SESSION COLLECTS
2. The Provider collects and processes the following data, including personally identifiable data, about You and/or Your physical representatives and Users ("Data Subject") as provided to Provider by You when You:
2.1 Register: When creating a user account with the Provider You will be required to provide the following information: name, surname, email, phone number, and IPI/IPN number. The Provider may store this information so that it can be used for purposes explained in Section 3.
2.2 Create a Song Project: When a User starts a Song Project, Users are required to provide certain information such as User’s name and the name of the Song Project. When a User starts or joins a Song Project, the Provider may also collect and process other information disclosed by other Users, such as information about User’s (or other third party contributor’s) skills (e.g. instruments User plays), experience (where, what and when User performed), membership in relevant organisations, relevant agreements , User’s representation, location, lyrics, songwriter splits, distribution arrangements, photos, and recordings of the User.
2.3 Use the Service: When a User uses the Service certain information will be collected automatically, including: (i) information about User’s interactions with the Service; (ii) the details of the queries a User makes; (iii) content they post, upload and/or contribute to the Service; (iv) technical data, which may include the URL Users have come from or gone to, User’s IP address, unique device ID, network and computer performance, browser type, language and identifying information and operating system; and (v) location information. The Provider may store this information so that it can be used for purposes explained in Section 3.
2.4 The Provider may be unable to provide the Services in full if the User fails to provide the relevant data stated above.
2.5 When You visit the Provider’s website Provider may automatically collect information about Your visit through the use of cookies as explained in more detail below.
WHY SESSION COLLECTS YOUR INFORMATION
3. The Provider will collect and process the information described in Section 2 above for the following purposes and legal justifications (also known as a “legal basis” under data protection laws) in general the Provider’s legal basis include:
-Performance of a Contract: When it’s necessary for the Provider (or a third party) to process Your personal data to comply with obligations under a contract with You e.g. Session’s obligations under the Terms of Use to provide the Service to you.
-Legitimate Interest: When Provider (or third party) has an interest in using Your personal data in a certain way, which is necessary and justified considering any possible risks to You and other Service Users e.g. using Your Use of Service data to improve the Service for all Users.
-Consent: When Provider asks You to actively indicate Your agreement to Service’s use of Your personal data for certain purposes.
-Compliance with Legal Obligations: When Provider must process Your personal data to comply with a law.
SHARING YOUR PERSONAL DATA AND TRANSFERS TO OTHER COUNTRIES
4. The Provider may share and/or disclose personal data about Users to its contractors, service providers, partners, potential investors in or buyers of all or part of the Provider, and to collecting societies, within the EU/EEA and outside the EU/EEA, to countries or territories whose laws may not provide an adequate level of protection for personal data, for the purposes stated in Section 3 above. You understand that the Provider has no control over these third parties and no responsibility for the technologies they employ. Where such third parties process personal data on the Provider's behalf, the Provider will take every precaution to protect Your personal data as if it were being used in the UK or EEA. Provider will use one of the below safeguards to ensure protection:
Transfer data to a non-EEA country which has privacy laws at least as protective as those within the EEA; or
Put in place a contract with the recipient of the data meaning the recipient must uphold the same standards as required within the EEC; or
Transfer it to organisations which are part of the Privacy Shield, who set out standards for data transference between the United States and European countries to ensure data is protected to the same standards as the EEA.
4.1 For the purpose of spreading recognition and credit Users in relation to their contributions to musical works, the Provider may also share and/or sell personal data provided in the Service such as Your name and role in the creation or production of music shared through the Service to third parties who collect or publish information relating to track or other music information, such as online streaming services or collecting societies.
4.2 The Provider will not sell or share Your contact details for marketing purposes without your prior consent.
DATA ERASURE AND RETENTION
5. Data Subjects may be entitled, under local law, to exercise rights of access, rectification, erasure or blocking of personal data processed by the Provider. The ability to exercise such rights may be limited by local law. If a Data Subject wishes to exercise any of these rights, they should write to support@sessionstudio.com stating Data Subject’s full name and, if applicable, their address, User name and the email address used for registration. The Provider will reserve the right to charge any fee permitted under national law to allow such rights to be exercised. California U.S.A. users under the age of 18 may request the removal of their content or information publicly posted on the Service by emailing us at support@sessionstudio.com. Please note that most of the user content that appears on the Service is stored and controlled by third party providers; thus, complete and comprehensive removal of the content may not be possible.
5.1 The User may at any time withdraw User’s consent to the use of their personal data for direct marketing purposes by emailing support@sessionstudio.com.
5.2 Provider will keep Your personal data only as long as necessary to provide You with the Service and for Provider’s legitimate and essential business purposes.
THIRD PARTY PARTNER CONSENTS
6. You must ensure that any Data Subject who are Your physical representatives and employees etc., whose personal data may be processed by the Provider, are made aware of the contents of this Privacy Policy and any sections to which it refers, and provide necessary consents, at the latest when their personal data is provided to the Provider.
6.1 You must also ensure that any personal data submitted by You relating to others (such as individuals not using the Service) whose personal data may be processed by the Provider, are made aware of the relevant contents and implications of the Terms of Use and provide You with any necessary consent to the collection and processing no later than at the time their personal data is shared with the Provider.
KEEPING YOUR PERSONAL DATA SAFE
7. The Provider has implemented reasonable technical and organisational measures designed to secure and protect personal data from accidental loss, unlawful use, unauthorised access, corruption, alteration, disclosure, or destruction. Provider uses technical measures such as encryption and password protection to ensure the protection of Your data and the holding systems. Furthermore, Provider will limit the number of people who have access to the databases in which Your personal data is held. You acknowledge, the Internet is an open system and the Provider cannot guarantee that unauthorised third parties will never be able to defeat those measures or use personal information for improper purposes.
MINORS
8. The Service is intended for users who are 18 years old or older. Provider does not knowingly collect personal data from children under the age of 18. If Provider becomes aware that it has inadvertently received personal data from a child under the age of 18, Provider will delete such data from its records.
CHANGES TO THIS POLICY
9. Provider may occasionally make changes to this Privacy Policy. When Provider makes material changes to this Privacy Policy, Provider will provide you with prominent notice as appropriate under the circumstances. For example, Provider may display a prominent notice within the Service or website, or send You an email or device notification.
COOKIES
WHAT IS A COOKIE?
1. A cookie is a small text file that a website asks to place on Your computer, mobile phone, or other device when You visit a website. Cookies accomplish several different things. A cookie can help the website Provider to recognise Your device the next time You visit the website provide You with access to certain functions on the website and/or register Your browsing history. There are other technologies such as pixel tags, web bugs, web storage and other similar files and technologies that can do the same thing as cookies.The term “cookies” in this Privacy PolicyAgreement refers to cookies and all such similar technologies. For more information on cookies, including how to see what cookies have been set on Your device and how to manage and delete them visit www.allaboutcookies.org, www.youronlinechoices.eu or www.ico.gov.uk. If You have any questions or comments about the Provider’s use of cookies, please contact support@sessionstudio.com.
HOW DOES SESSION USE COOKIES?
2. The Provider use the following cookies for following purposes:
-Essential Operational Cookies: These cookies are necessary for the Provider to operate the Service as You have requested. For example, they allow the Provider to recognise You and then provide You with the Service accordingly.
-Analytics and Performance Cookies: The Provider uses these cookies to analyse how the Service is accessed, used or is performing. The Provider uses this information to maintain, operate and continually improve the performance of the Service. These cookies help the Provider to know which pages and areas of the Service are the most and least popular and to see how visitors are interacting with the Service. If you do not allow these cookies the Provider will not be able to monitor the performance of the Service.
-Functional Cookies: The Provider uses these cookies to operate certain functions of the Service in line with the choices You make. These cookies mean that when You continue to use or come back to the Service, it is provided as You have previously requested, e.g. remembering Your username and how You have customised the Service.
HOW CAN YOU DELETE AND MANAGE COOKIES?
3. Most web browsers allow You to manage Your cookie preferences. You can set Your browser to refuse cookies, or delete certain cookies. Generally You should also be able manage similar technologies by using Your browsers preferences. In order to do this, follow the instructions provided by Your browser (usually located within the “Help”, “Tools” or “Edit” menu). You will need to do this by yourself from within Your Browser by choosing the option to delete cookies.
3.1 Please note that if You choose to disable or block cookies, we may still use Your information collected from cookies prior to Your disabled preference being set, however Provider will stop using the disabled cookie to collect any further information.
3.2 Please be aware, if You use Your browser settings to block all cookies this may impair or prevent due functioning of the Service.
COOKIE AND PRIVACY PRACTICES OF THIRD PARTIES
4. The Provider uses third party services to track activity related to the Service, e.g. by placing cookies. You can install an opt-out in Your web browser if You do not want any information to be collected and used by this analytic service.
4.1 When you are using the service, you may notice that there are third-party cookies from other websites. Namely, Square-Space. Provider collects from and sends visitor analytics data to them. The details about these cookies are in the table under section 2 Provider does not respond to “Do Not Track” signals.
CONTACT DETAILS
5. If you have questions or complaints about this Privacy Policy, how Provider collects or processes Your personal data, or would like to have You personal data removed, or have questions or comments regarding the website, the Service, or Provider’s products please contact Session at: support@sessionstudio.com. The regulator of data protection in the UK is the Information Commissioner’s Office which can be contacted here. If You are based in the EU, please contact our EU office, Session Alvtomtagatn 12-14 703 44 Orebro, Sweden or via email at eusupport@sessionstudio.com.