Data protection policy:

simfy AG, Vogelsanger Str. 187, 50825 Köln (hereinafter: “simfy” or “we“) complies strictly with all data protection laws and regulations. These include, in particular, the German Telemedia Act (TMG), the Federal Data Protection Act (BDSG), the data protection regulations of the Telecommunications Act (§§ 85 et seq. TKG) and legislative requirements at EU level.

In this data protection policy,we inform our users about the types of data collected and how simfy guarantees the protection and security of all personal data in accordance with current regulations:

  1. What data are collected?
    1. In order to register with simfy, a valid email address and a password are required as the minimum information. Payment information is also required in order to register for the fee-based areas.
    2. All information provided by the user is treated as confidential. It is transmitted and stored in encrypted form and used only to implement and manage the agreement.
    3. Our users also have the option of providing voluntary information about themselves. In this regard, they can determine in the settings of their simfy account the type and amount of information they would like to disclose.
    4. By using the simfy website or the simfy applications, automatic information on the use of the website and the applications is automatically transferred to simfy, as well as personal data and the content used (tracks played), search enquiries, date and time, the IP address and the operating system of the terminal used by the respective user, the version number of the simfy application used as well as the type and version number of the Internet browser used by the user to access the simfy website.
    5. If our users register with simfy via “Facebook Connect”, we will receive and store their Facebook user names.
  2. Why are the data processed?
    1. The collection, storage, processing and use of the aforementioned data is executed by simfy in accordance with the legal regulations.
    2. The collection, storage, processing and use of data serve the purpose of making the products and services of the simfy music service via the simfy website and the simfy applications available to our users, as well as helping to process enquiries sent to customer support.
    3. Furthermore, the data is used to determine the usage of the music heard and offered by simfy vis-à-vis our licensors.
    4. simfy continually analyses the behaviour of its users in the network in order to improve the services and technical functionality of simfy and better adapt to the needs of its users. In that respect anonymous user profiles are created. When evaluating these profiles, the identity of the user will remain unknown. simfy guarantees, from a technical, personnel and organisational viewpoint, that such anonymous user profiles cannot be linked with the user’s personal data.
  3. No transfer of data to third parties
    1. simfy will not transfer users’ personal data to third parties. This will only happen if the user has expressly granted his prior consent.
    2. This excludes transfer for reasons of due fulfilment of the agreement and in the event of a legal obligation to transfer data. Any and all consent of the user may be revoked by the user at any time with immediate effect by means of a simple notification (email, fax, letter).
  4. Cookies
    1. Current Web browsers have a cookie database. There the Web server of a visited website may file information in the form of HTTP cookies and search it when the site is visited again. In placing cookies, anonymous user IDs are assigned to users. On no account are programs executed on the user’s computer or any computer viruses transferred.
    2. simfy uses so-called session cookies to authenticate users during login. This makes it easier for the user to log in to simfy. In other words, cookies are also solely used to guarantee the trouble-free operation and improvement of simfy services.
    3. Furthermore, each user may choose whether or not to accept cookies, to be notified when placing cookies or to reject all cookies in general via the settings in his Web browser. However, if cookies are generally rejected, it is not possible to use the services offered by simfy.
  5. Server Log Files
    1. For each visit to the simfy website, the user’s web browser transmits access data, which is automatically stored by simfy in log files (so-called “server log files”). These log files contain the following information:
      1. IP address, used to identify the computer
      2. Remote Host (name and IP address of the computer requesting the site)
      3. Time, status, quantity of data transferred and the Internet site from which the user was referred to the requested site (referrer)
      4. Product and version information of the browser used (user agent).
    2. For this purpose simfy uses the standardised “combined” log file format of the Apache web server.
    3. The log files are analysed for statistical purposes, i.e. to detect broken links and then deleted.
    4. In principle, this data is not combined with other data sources, in particular with personal user data. Moreover, simfy reserves the right in the event of a specific legal or contractual breach by a user, to check log files still stored on the last known IP address of this user. This primarily serves the purpose of protecting simfy users and the security of simfy user data.
  6. Data security (backup, firewalls, anti-virus technology etc.)
    1. simfy regularly makes backups of its databases (backups); these are overwritten at regular intervals (approx. every 4 weeks), erasing existing data permanently. In case of complete deletion of a user profile, backups of the user profile will also be deleted.
    2. simfy uses constantly updated firewalls and other security systems. These are intended to best protect users against viruses and unauthorised external access to simfy. simfy makes every effort to maintain a reasonable level of protection. The security technology used is continually adapted to the current standards in technical development. Nevertheless, full protection against attack cannot be guaranteed. simfy is not responsible for virus protection outside the network. Nor is simfy liable for damage and destruction of data by unknown viruses.
  7. Information
    1. Each user may, at no cost, obtain from simfy information on the personal data stored about him. The person requesting such information must be able to identify himself clearly, e.g. with a copy of an identity document. The information is then sent by post to the address specified on the user’s ID card.
    2. Without the trust of our users, simfy would not be able to exist. Due to this, simfy is held to account by its users regarding the processing of personal data. Should questions arise that this data protection statement and the data protection information cannot answer, users can contact us at: 
simfy AG,
Vogelsanger Str. 187, 50825 Köln,
privacy[at]simfy.com.
  8. Corrections, deletion and barring
    1. Where a user amends or corrects personal information provided at an earlier stage, such information is deleted automatically or overwritten in full. A request for correction or deletion is therefore not required.
    2. The user has the right to request at any time that inapplicable personal data stored by simfy be corrected. However, the simplest way to do this is for the user to amend the respectiveentries himself.
    3. As soon as the user definitively deletes his profile and thereby cancels his membership with simfy, all personal data entered previously by him will automatically be deleted in full. A request for deletion is not necessary.
    4. Nevertheless, the user remains entitled to request at any time the deletion of all personal data stored by simfy relating to. The simplest way to do this is for the user to delete his entries himself- in other words, to cancel his membership with simfy.
    5. Users may request the amendment, correction or deletion of their personal data via email, fax or letter. To aid correct identification, the request must nonetheless contain at least the following information:
      1. First name and surname
      2. E-mail address
      3. Postal address
      4. Identification by means of a copy of an identity document (valid passport or ID card)
    6. simfy advises that deleted data may still be possible to download for up to 3 days due to caching systems and the interconnection of proxy servers.
  9. Google Analytics
      10. simfy’s websites use Google Analytics, a web analysis service of Google Inc. (“Google“). Google Analytics uses so-called “Cookies“- text files stored on your computer, which allow for an analysis of your use of the website. Information generated by the cookie on your use of the website (including your IP address) is transferred to and stored on a Google server in the USA. Google uses this information to evaluate its use of the websites, to compile reports on the website activities for website operators and to provide additional services associated with website use and Internet use. Google may also transfer this information to third parties, if and to the extent that this is required by law or if third parties process this data on Google’s behalf. On no account will Google associate your IP address with other Google data. You can prevent cookies from being installed by changing the settings of your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of these websites in their entirety. By using these websites, you accept that Google may process the data collected from you in the aforementioned manner and for the aforementioned purpose.
  10. Facebook Plugins ("Like" button)
      11. Plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, are integrated on our sites.
Facebook plugins on our site can be identified by the Facebook logo or the “Like”button. You can find an overview of Facebook plugins here:
http://developers.facebook.com/docs/plugins/.

      If you visit our sites, a direct connection is established between your browser and the Facebook server via the plugin. Facebook is thereby notified that you have visited our site with your IP address. If you click on the Facebook “Like” button while logged into your Facebook account, you can link the content of our sites to your Facebook profile. Facebook can thereby allocate visits to our sites to your user account. We would like to point out that we, as the service provider of the sites, do not have any knowledge of the content of the data transferred or the use of such by Facebook. You can find further information on Facebook’s data protection policy under:
      http://www.facebook.com/policy.php

      If you do not want Facebook to be able to allocate the visit of our sites to your Facebook user account, please log out of your Facebook user account.
  11. Google Analytics
      12. This website use Google Analytics, a web analysis service of Google Inc. (“Google“). Google Analytics uses so-called “Cookies“, text files stored on your computer which allow for an analysis of your use of the websites. The information generated by the cookie on your use of said websites (including your IP address) is transferred to and stored on a Google server in the USA.

      Google will use this information to analyse your use of the website, to compile reports on website activities for the website operators and to provide additional services associated with website use and Internet use. Google may also transfer this information to third parties, if this is required by law or if third parties process this data on Google’s behalf. On no account will Google associate your IP address with other Google Inc. data.

      You can prevent cookies from being installed by changing your browser settings accordingly; however, we would like to point out that, in this case, you may not be able to use all the functions of this website in their entirety. By using these websites, you accept that Google may process the data collected from you in the aforementioned manner and for the aforementioned purpose.
  12. Google +1
    1. Collection and circulation of information:
      Using the Google +1 button, you can publish information worldwide. By clicking the Google + 1 button, you and other users will receive personalised content from Google and our partners. Google stores both information you provide for content to which you apply the +1 button and information on the site that you viewed by clicking on +1. Your +1 content may be displayed together with your profile name and your photo in Google services (such as in search results or in your Google profile), or in other places on websites and advertisements on the Internet.

      Google records information on your +1 activity in order to improve Google services for you and others. In order to be able to use the Google +1 button, you require a globally visible, public Google profile which must contain the name for the selected profile. This name is used in all Google services. In many cases, this name may also replace another name which you used when sharing content via your Google account. The identity of your Google profile may be shown to users that know your e-mail address or have other identifying information about you.
    2. Use of the information collected:
      Beyond the purposes explained above, the information which you provide will be used in accordance with current Google data protection regulations. Google may publish centralised statistics on user +1 activities or forward these to users and partners such as publishers, advertisers or related websites.
  13. Twitter
      14. Functions provided by the Twitter service are embedded in our sites. These functions are offered by Twitter Inc., 795
Folsom St., Suite 600, San Francisco, CA 94107, USA. By using Twitter and the function “retweet” (also “RT”), websites that you have visited with your Twitter account are connected and made known to other users. Data is also transferred to Twitter in the process.

      We would like to point out that we, as the service provider of the sites, do not have any knowledge of the content of the data transferred or the use of such by Twitter. You can find further information on Twitter’s data protection policy under: http://twitter.com/privacy

      You can adjust your data protection settings from your Twitter Account Settings, under:
http://twitter.com/account/settings.
  14. Execution of, and compliance with this data protection statement
      15. simfy undertakes to comply with the standards specified in this data protection statement and to work constantly in the interest of its users to improve data protection.
  15. Amendment to the data protection statement
      16. Since the services offered by simfy are subject to constant amendment, it may be necessary in certain cases to update this data protection policy and data protection information. This also applies to changes to the relevant legal provisions that may require modification of the data protection policy. The current version of the data protection policy and data protection information may be viewed at any time at http://corporate.simfy.de/infos/privacy.

Version: September 2011