IAMIC2020 cancelled due to CoViD19 pandemic. More information

Automated mass downloading or any other form of mass copying of the data in the databases provided by MIZ is expressly prohibited.

Privacy policy

Thank you for your interest in our Internet presentation. We regard the protection of your personal data (hereinafter referred to as “data”) as a very serious and important matter. We therefore wish to inform you below in detail about the data that is collected when you access our website and use its services and how we process and use the data. We also wish to inform about the relevant security measures of a technical and organisational nature that we have put in place.

Please note that this privacy policy may be updated occasionally due to the implementation of new technologies and/or legal amendments. We shall draw your attention to this in the appropriate manner. We shall, of course, always duly take into account your interests in any changes that are made.

N.B.

Irrespective of the legal rights and law requirements on which they are based, we shall, of course, always respect your right as data subject to require the rectification or erasure of personal data concerning you published in our databases.

Data Controller, Point of Contact, Data Protection Officer

Pursuant to Article. 4, Paragraph 7 of the EU General Data Protection Regulation (GDPR) the data controller is the

Deutscher Musikrat gemeinnützige Projektgesellschaft mbH
Deutsches Musikinformationszentrum (MIZ)
Weberstraße 59
53113 Bonn
Germany

Tel: +49 (0)228/2091-180
Fax: +49 (0)228/2091-280
Email: info@miz.org

The latter shall be represented by its Managing Director Stefan Piendl.

MIZ is an institution of the German Music Council.

If you have any questions or comments about this privacy policy or data protection in general, please contact our data protection officer by email at datenschutz@musikrat.de or confidentially by post to the above address for the personal attention of our data protection officer. Please also refer to our contact details in the site notice.

Legal bases for the processing of your data

Should the legal basis not be specified in the privacy policy the following shall apply:

  • Should we seek the consent of the data subject to process their personal data, Article 6, Paragraph 1, Sentence 1, Letter a of the EU General Data Protection Regulation (GDPR) will serve as legal basis.
  • Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR will serve as legal basis for the processing of personal data that are required to fulfil a contract. This will also apply to processing activities that are necessary to carry out pre-contractual steps.
  • If processing personal data is required to fulfil a legal obligation to which our company is bound Article 6, Paragraph 1, Sentence 1, Letter c of the GDPR will serve as legal basis.
  • Should the vital interests of the data subject or another natural person require that personal data be processed, Article 6, Paragraph 1, Sentence 1, Letter d of the GDPR will serve as legal basis.
  • Should processing be required to protect a legitimate interest of our company or a third party and should this interest not be overridden by the interests or fundamental rights and freedoms of the data subject, Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR will serve as legal basis.

Your rights

Irrespective of the legal rights and law requirements on which they are based, we shall, of course, always respect your right as data subject to require the rectification or erasure of the personal data concerning you that we hold or that are contained in our databases.

Your legal rights pursuant to the General Data Protection Regulation are:

  • right to information (Article 15 of the GDPR);
  • right to rectification and erasure (Articles 16 and 17 of the GDPR);
  • right to restriction of processing (Article 18 of the GDPR);
  • right to data portability (Article 20 of the GDPR);
  • right to object to processing (Article 21 of the GDPR).

You are also entitled to lodge a complaint with a data protection supervisory authority about the processing of your personal data by the controller.

In this connection we wish to emphasise the following rights:

a)      Right to information

You can demand a confirmation from the controller as to whether personal data concerning you are being processed by us.

If processing of this nature is going on, you can require the controller to provide information about the following subjects:

(1)         the purposes for which the personal data are being processed;

(2)         the categories of personal data which are being processed;

(3)         the recipients or categories of recipients to whom personal data concerning you have been or are still to be disclosed;

(4)         the envisaged period for which the personal data concerning you will be stored or, if not possible, the criteria used to determine that period;

(5)         the existence of a right of rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to said processing;

(6)         the existence of a right to lodge a complaint with a supervisory authority;

(7)         where the personal data are not collected from the data subject, any available information as to their source;

(8)         the existence of automated individual decision-making including profiling, referred to in Article 22, Paragraphs 1 and 4 of the GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to demand information about whether your personal data are being transferred to a third country or to an international organisation. In this connection you can demand to be informed of the appropriate safeguards pursuant to Article 46 of the GDPR pertaining to the transfer.

b)        Right to rectification

You have the right to obtain from the controller the rectification and/or completion of your personal data if they are inaccurate or incomplete. The controller must perform rectification without undue delay.

c)      Right to erasure

You can demand that the controller erase the personal data concerning you without undue delay and the controller will be obliged to erase said data without undue delay where one of the following grounds applies:

(1)         The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

(2)         You withdraw your consent on which the processing is based according to Article 6, Paragraph 1, Letter a or Article 9, Paragraph 2, Letter a of the GDPR, and where there is no other legal ground for the processing.

(3)         You object to the processing pursuant to Article 21, Paragraph 1 of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21, Paragraph 2 of the GDPR.

(4)         The personal data concerning you have been unlawfully processed.

(5)        The personal data concerning you have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

(6)         The personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8, Paragraph 1 of the GDPR.

d)        Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, in line with Article 6, Paragraph 1. Letter e or f of the GDPR.

The controller will no longer process your personal data unless they demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

e)        Right to withdraw your consent

You have the right to withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

f)        Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

Retention periods

In line with statutory provisions, in particular Articles 17 and 18 of the GDPR, the data processed by us will be erased or our processing of them restricted. Unless expressly stated in this privacy policy, we will erase the data stored by us as soon as it is no longer required for the intended purpose. Data will be retained beyond the time at which the intended purpose ends only if such data is necessary for other, legally permissible purposes or if the data must continue to be retained due to statutory retention periods. In these cases, processing is restricted, that is blocked, and will not be processed for other purposes. Please observe our policies relating to the public directories we provide.

Server log data

When you access our websites information of a general nature is automatically collected by means of cookies. This information (server log files) contains, for instance, the type of web browser, the operating system used, the domain names of your Internet service providers and so forth. The information is only of a nature that does not allow any conclusions to be drawn about your person. This information is required for technical purposes so that we can supply you with the website content you requested; its collection is compulsory when you use the Internet. It is processed for the following purposes in particular:

  • to ensure problem-free access to the website,
  • to ensure efficient use of our website,
  • to evaluate system security and stability and
  • for other administrative purposes.

The log files created are also stored to ensure the security of our information systems. A personal evaluation of data, in particular for marketing purposes, does not take place. The processing of your personal data is based on our legitimate interest arising from the aforementioned data collection purposes, Article 6, Paragraph 1, Sentence 1, Letter f) of the GDPR. We do not use your data to draw conclusions about your person. The controller and any processor commissioned by them are the sole data recipients.

Anonymous information of this nature may be evaluated by us statistically in order to optimise our Internet presentation and the technology underpinning it.

Published institutions related to musical life

As the central information and documentation institution of the German Music Council the German Music Information Centre (Deutsches Musikinformationszentrum (MIZ)) records structures and developments on the musical scene in Germany. Aimed at achieving as full a documentation as possible of the individual areas, this serves as information about musical life in Germany for many stakeholder groups. With the exception of the names of (legal) representatives, no personal data is published under the “Institutions” category. Should we nevertheless publish personal data, such as that of contact persons, as in the case of the names of representatives, this will be conducted either on the basis of the data subject’s consent in line with Article 6, Paragraph 1, Sentence 1, Letter a of the GDPR or on the basis of our and the general public’s legitimate interest in maintaining and publishing a full and current account of musical life in Germany, Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR. The latter applies, for instance, should we not have directly sourced the data from the data subject. However, on no condition will your data be passed on to third parties or processed in pursuit of commercial or marketing purposes. As a non-profit-making institution we do not primarily pursue our own economic purposes.

Should you not wish your personal data to be published or should you have information on the source or relevant legal basis for your particular circumstances, please do not hesitate to contact us. We also draw your attention to the section on your rights.

Login areas

Courses offered at kurse.miz.org

You can view available courses without having to log in. If you wish to offer courses on our platform, you must first complete registration. To do so, you must enter your email address, a password, and user name of your choice. We also require the name of the organiser and their postal address. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. Other details are optional and can be withdrawn at any time. We use a so-called double opt-in procedure for registration, which means that your registration is only complete once you click on and confirm the link in the confirmation email sent to you for the purpose of confirming your registration.

If you wish to offer courses on our platform, you must log into the platform first. Aside from saving your login data, we also save your IP address and other metadata in log files in order to ensure the security and stability of our systems. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter c of the GDPR. Aside from published content, we also save other usage and communication data. This is necessary in order to operate the service. The legal basis for saving your communication and usage data is Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. The entering of optional data is based on Article 6, Paragraph 1, Sentence 1, Letter a of the GDPR. You can withdraw your consent to the processing of this data at any time.

Please note that courses published by us can also be published at InfoWeb Weiterbildung if you so wish. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter a, Article 7 of the GDPR. You can withdraw your consent to this at any time. The body responsible for the iwwb.de portal is: Deutsches Institut für Internationale Pädagogische Forschung (DIPF), Schloßstr. 29, D-60486 Frankfurt am Main. You can find further information at https://www.iwwb.de//weiterbildung.html?seite=53.

In addition, we want to inform you of relevant MIZ news from time to time using the email address you entered. The processing required for this purpose is to protect our and third-party legitimate interests in achieving as wide a circulation as possible of information relevant for all those involved, Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR. You can object to the sending of emails at any time.

If you delete your account, your public statements, in particular the published courses you offered, will continue to be visible to all readers unless you already erased them via your account management. Courses already held are not erased. Users will be able to locate them by using a targeted search for past dates. However, they are no longer displayed prominently.

If you wish your public contributions to be erased at a later date as well, please contact the controller using the contact details above. We will in any case ensure that the entries are also removed from the database maintained on www.iwwb.de.

Projects presented at integration.miz.org

You can read project descriptions without having to log in. If you wish to place project descriptions on our platform, you must first complete registration. To do so, you must enter your email address, a password, and user name of your choice. We also require the name of the organiser and their postal address. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. Other details are optional and can be withdrawn at any time. We use a so-called double opt-in procedure for registration, which means that your registration is only complete once you click on and confirm the link in the confirmation email sent to you for the purpose of confirming your registration.

If you wish to place project descriptions on our platform, you must log into the platform first. Aside from saving your login data, we also save your IP address and other metadata in log files in order to ensure the security and stability of our systems. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter c of the GDPR. We also save all published contributions and other usage and communication data. This is necessary in order to operate the service. The legal basis for saving your usage data is Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. The entering of optional data is based on Article 6, Paragraph 1, Sentence 1, Letter 1 of the GDPR. You can withdraw your consent to the processing of this data at any time.

In addition, we want to inform you of relevant MIZ news from time to time using the email address you entered. The processing required for this purpose is to protect our and third-party legitimate interests in achieving as wide a circulation as possible of information relevant for all those involved, Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR. You can object to the sending of emails at any time.

If you delete your account, your public statements, in particular the published project descriptions, will continue to be visible to all readers unless you already erased them via your account management. If you wish your public contributions to be erased at a later date as well, please contact the controller using the contact details above. Alternatively, you can erase the published projects via account management in the login area.

MyMIZ

In our login area, you can create an account in order to make best use of our MyMIZ services. To do so, please contact the persons listed on our Contact page.

You must also enter registration details in order to use this service. Processing of the data entered in the compulsory boxes for registration is performed in line with Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. Processing of data entered voluntarily is based on Article 6, Paragraph 1, Sentence 1, Letter a of the GDPR. Compulsory boxes are denoted as such. Please contact the persons in our contact area if you wish to delete your account. Data that we are obliged by law to store or which are essential for contract fulfilment will not be erased, providing a contractual relationship continues to exist irrespective of the running of the account. Please note that for security reasons we create log data on logins and login attempts. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter c of the GDPR.

Contacting

The processing of your data in cases where you get in touch by email or telephone takes place on the basis of your (presumed) consent in accordance with Article 6, Paragraph 1, Letter a) of the GDPR or Article 6, Paragraph 1, Letter b) of the GDPR depending on whether the content of the enquiry is related to purely information-related queries or the contact is connected to pre-contractual fulfilment obligations.

You can withdraw your consent to the processing of your personal data at any time without the legitimacy of the preceding processing conducted on the basis of your consent until it was withdrawn being affected. If you contact us via email to request information you can object to the storage of your personal data at any time. In said case, it will not be possible to continue the conversation.

After processing all contact requests we erase them from our active systems unless there are legal grounds or retention obligations that permit or require their continued storage.

Commissioned processing and data recipients

In some cases we use external service providers to process your data in accordance with our instructions. We carefully select and commission these service providers and perform regular checks. Commissioning is based on the agreements relating to commissioned processing in line with Article 28 of the GDPR. No independent processing for their own purposes is conducted by commissioned processors.

We use a hosting provider based in Germany to operate this web service. They process the master, contact, content, contract, usage, meta and communication data of visitors who access this website on our behalf and on the basis of our legitimate interest in the efficient and reliable provision of this online service in line with Article 6, Paragraph 1, Sentence 1, Letter f), and Article 28 of the GDPR.

Cookies and linked third party-services

Our own cookies

We use cookie technology for our Internet presentation. Cookies are small text files sent from web server to your browser when you access our websites and which are stored by it on your computer for subsequent retrieval. You can configure the settings in your browser to define whether and to what extent cookies can be stored and retrieved. Permanent cookies can be saved on your computer after you access our website and whenever you visit our websites again in the future, our website can access these so-called ID cookies. We also use so-called session cookies (or temporary cookies) that are only stored temporarily during your use of one of our websites. Allowing these session cookies is necessary to enjoy all the functions available on our website, as they are used to identify you when you switch from one of our websites to another and also to identify when you leave them. Persistent cookies expire automatically after a certain period, which can vary according to the cookie. You can delete cookies in your browser security settings at any time. The legal basis for the use of our cookies is Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR.

Third-party cookies and services

Unless stated otherwise, we process or commission third parties to process your data on the basis of our legitimate interest in the analysis, compilation of statistics and improvement of our service in line with Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR. When using third-party services it is necessary for technical reasons to send your IP address to the provider of the services. Please heed the information contained below about third-party cookies. You can configure your browser settings as you like and, for instance, reject third-party cookies or all cookies.

1. Google Analytics

Google Analytics is a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google uses cookies for this service. The information accrued by cookies on usage of the online service by users are usually sent to a Google server in the USA and stored there.

Google is certified under the Privacy Shield agreement and therefore guarantees its compliance with European data protection law https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

Please note that on this website Google Analytics has been extended by the "anonymizeIp" code to ensure the anonymised collection of IP addresses (known as IP masking). Activation of IP masking on our website ensures that your IP address is truncated by Google within the member states of the European Union or in other states party to the Agreement on the European Economic Area (EEA). Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there. On our instructions, Google uses this information to evaluate your usage of the website, to compile reports about website activities and to perform additional services connected with usage of the website and the Internet for the website provider. Google will not associate the IP address sent by your browser as part of Google Analytics with other data held by Google. Pseudonymised usage profiles for the user may be created from the data. Google will not associate the IP address sent by your browser with other data held by Google.

You can prevent collection and processing of the data generated by the cookie relating to your usage of the online service by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Additional information on Google’s use of data, configuration and objection options can be found on the Google websites at https://www.google.com/intl/de/policies/privacy/partners, http://www.google.com/policies/technologies/ads and http://www.google.de/settings/ads.

2. Social media

Based on our legitimate interests (i.e. that of analysis, optimisation and the economic operation of our online service within the meaning of Article 6, Paragraph 1, Letter f of the GDPR) we use the plugins of the social networks listed below. The plugins let you share content from our websites with other network members within the social networks. If you call up a function (such as detailed views of courses at kurse.miz.org) that contains a plugin, your device will establish a direct connection to the servers of the network providers. Usage profiles may be created on the basis of the processed data. We regret that we have no influence on the scope of the data that the network providers can collect with the help of plugins.

As far as we know network providers receive the information that you have accessed a page on our website (URL transmission). If you have logged in via your account with social networks, they may be able to associate and store your access to our websites to your account. Even if you are not a member of social networks, they may still be able to retrieve and store your IP address. As a network member you can log out of your accounts to prevent the above processing or configure an opt-out cookie. Additional details are supplied below.

All network providers are certified under the Privacy Shield agreement and therefore guarantee their compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

You can perform settings via the following websites regardless of the platform used

3. YouTube

On occasion, we incorporate videos from the "YouTube" platform of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you access one of our websites with a YouTube plugin a connection will be established to the YouTube servers. The YouTube server will be notified of which of our websites you have accessed.

If you are logged into your YouTube account, you enable YouTube to directly associate your surfing behaviour with your personal profile. You may prevent this by logging out of your YouTube account.

Google is certified under the Privacy Shield agreement and therefore guarantees its compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

The privacy policy is available at https://www.google.com/policies/privacy/.

The opt-out option can be selected at https://adssettings.google.com/authenticated.

4. Google Maps

We incorporate maps from the “Google Maps” service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Your IP address in particular and also your location data may be processed in this connection. You can deactivate processing of location data in your browser and/or operating system settings (generally in the case of mobile devices). The data may be processed in the USA. Google is certified under the Privacy Shield agreement and therefore guarantees its compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

Data security

We also use technical and organisational security measures to protect personal data, accrued or collected, in particular from accidental or intentional manipulation, loss, destruction or from attack by unauthorised persons. Our security measures are continuously improved in line with technological developments.

For this purpose, this site uses, among other things, SSL encryption for secure data transmission. The common SSL (Secure Socket Layer) procedure is used in connection with the highest encryption level supported by your browser. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the locked key or lock symbol in the lower or upper status bar of your browser.

Processing of personal data for ordering printed products

1. Description and scope of data processing

The German Music Information Centre offers printed products. Users can place chargeable orders online for them via an order form. The following data are sent via order forms:

(1) Title
(2) Name (first and last name)
(3) Company/institution (optional)
(4) Address (street, street number, postcode, town, country)
(5) Email address
The order confirmation is sent to the email address specified here.
(6) Telephone number (optional)

The customer details are required for processing and carrying out the order.

The customer data are forwarded to ConBrio Verlagsgesellschaft mbH, Brunnstr. 23, 93053 Regensburg, Germany, www.conbrio.de for processing. They are responsible for order processing, dispatch of the ordered goods, invoicing and collection. We have concluded an agreement with ConBrio Verlagsgesellschaft mbH relating to the commissioned processing of personal data, Article 28 of the GDPR.

2. Legal basis for data processing

The legal basis for the processing of the customer details collected for the fulfilment of the contract is Article 6, Paragraph 1, Letter b of the GDPR.

3. Purpose of data processing

The customer details are collected, sent, processed and stored for the purpose of carrying out the order and fulfilling the contractually agreed services (administration, planning and carrying out of business relations, drawing up offers, processing complaints, communication and for the identification of customers).

4. Storage period

In the case of chargeable orders, on account of retention periods under commercial and tax law all data are stored for up to ten years.