Privacy Policy

This Group Privacy Policy (“Privacy Policy”) concerns PRIAM DIGITAL SHPK, an Albanian registered company with its main office located Robert Shvarc Street, Tirana, Albania, 1022 (“Priam Digital SHPK”) and its subsidiaries around the World, hereafter collectively referred to as “Priam Digital”, “We“, or “Us“.

This Privacy Policy describes Priam Digital’s personal data processing practices for the digital distribution of music, the supply of products (“Products”) and services (“Service(s)”), in general, or through our websites and/or other electronic communications services (widgets, mobile applications or API), collectively or individually “Site(s)”). Priam Digital SHPK acts as the data controller and its subsidiaries as data processor

We attach particular importance to the secure processing of data, their confidentiality, the protection of privacy, and associated rights. Please take time to read our Privacy Policy carefully. 

By visiting this Website, providing Priam Digital with Your personal data or other information on the Sites, or by subscribing to the Services, or by entering into a contract with Us, you expressly acknowledge that you have read and agreed to the terms of this Privacy Policy.

This Privacy Policy is independent of other privacy, confidentiality policies, or any other service practices published by third-party companies, such as Facebook Inc., Apple Inc., Google LLC, Microsoft Corp., Twitter, TIK TOK, or any mobile service operator or any third party operating a site or an application or service to which the Site(s) or Services refer to or redirect(s) to, notably by hypertext link, which We do not publish. We assume no liability in this respect.

If you are a performing artist, an artist representative (producer, manager, independent label), a customer, visitor of the Sites (“User(s)”), a service provider, supplier, partner, or processor who has entered into a contract with Us (collectively or individually “You”“Your”), this Privacy Policy applies to You. 

Minors (as defined by law in various countries) (“Minors”) cannot subscribe to the Services or purchase Products on the Sites without first having their parents or legal guardians’ consent and accept this Privacy Policy. Parents and legal guardians are responsible for the use that is made of the Services, Products, Sites by their Minors.

According to the General Data Protection Regulation 2016/679 (“GDPR”) and other data protection laws, We reserve the right to amend this Privacy Policy at any time.  A notification on the Site(s)’ home page will alert You, or a message will be posted in Service(s), or specific cases, You will receive an e-mail.

  1. What information or personal data do We collect from You and why?

We may collect and process personal data and other information as listed below (collectively referred to as “Data“) to perform our obligations under the contract You signed with us or provide products or services to you. 

Please note that We do not collect or process any sensitive personal data (i.e., data which directly or indirectly reveals racial or ethnic origins, political, philosophical or religious opinions or trade union membership, as well as genetic, biometric data to identify a single natural person or which relates to health or sexual life, and for any such purpose). Therefore, We ask You to abstain from sending any such data over to Us.

Our contracts and registration forms indicate any specific Data which You are required to provide. 

1.1 Personal Data

Personal Data means information that directly or indirectly relates to You as an identified or identifiable natural person. This may concern, depending on the contract, the Sites, the Products or Services, Your status and/or the means of collection, all or part of the following Personal Data:  

  • Name(s) and surname;
  • Postal address (invoicing or delivery); 
  • Landline or mobile (personal or professional) phone number;
  • Email address;
  • Banking information (bank or other account information, bank account details, credit/charge card information, number, expiry date, visual cryptography);
  • Passport number or ID number; 
  • Spoken language or chosen language for the Sites or Services
  • Any confidential information to help You recall Your personal identifiers or passwords;
  • For Minors: their parents or legal guardian’s last name, first name, and email address; 
  • For performing artists or their representatives only: their stage name, textual, graphic, photographic or video elements or sound and date elements related to a sound recording reproducing the performance (“Recording“) or videos reproducing an audio-visual work produced by setting images to illustrate the interpretation of a musical work and dates that is the subject of a Recording (“Music Video”); sleeves, words, videos, titles of works (compositions with or without words), dates, names, stage names, pseudonyms, biographies, videos, and photos of performing artists, names of songs and albums and associated artists, the year of release of songs and albums and the name of the person or entity that holds the rights to album songs, arrangements, and/or illustrations;
  • necessary metadata to identify the works fixed on the Recordings and Music Videos, and their assigns, in particular the authors’, composers’, publishers’ names, or all assigns, ISWC, ISRC, UPCs, etc ;
  • only in case of registration for Services requiring the collection of such information: the tax identification number;
  • Content of the cart of Products or Services;
  • IP address (a number automatically assigned by your Internet Access Service Provider or the MAC address of your electronic devices from which access to the Site(s) is made and which are subject to automatic identification and recording for each use of the Site(s);
  • Demographic data on Users (e.g. age, gender, place of residence); 
  • Data on Users’ tastes, musical preferences (playlists), or other shared data collected from music platforms;
  • Technical information, such as cookies (for more information Cookie Policy (insert link) 
  • Geolocation data, in particular through GPS signals sent by mobile phone devices: when Users use geolocation services offered by the Sites, for example, to offer them personalized advertisements, We will first collect their express authorization (opt-in). Users may in that case, at any time, revoke such authorization (opt-out);
  • Third party’s data (i.e., contacts, friends) provided by Users. You must obtain such a third party’s express consent before You share their data with Us.

1.2 Other information

We also collect other data that does not necessarily lead, directly or indirectly, to Your identification as a natural person (“Other Information“). 

In such a case, We will process it following the conditions described and for the purposes set out in section 3 below. This Other Information may be: 

  • Information on the Users’ Internet browser and devices to access the Sites, such as the type of device, screen resolution, version of an operating system, type and version of the Internet browser, as well as the type and version of the Service used. A unique identifier may be assigned to the device from which Users access the Service(s) delivered by Us or its service providers;
  • Data relating to Users’ use of widgets, mobile applications, or other communication services: within this context, We may collect the unique identifier, as well as Other Information relating to the connecting device to provide content and advertising to the devices. It may also collect the date and time of access to the servers, as well as the downloaded files and information;
  • Server-Logfiles to calculate the Services rate of use, manage the Services, diagnose problems affecting the servers, or determine Users’ geolocation data;
  • Information collected using cookies, clear gifs, web beacons, pixel tags, or other similar technologies (for more information, please read our Cookie Policy (insert link))
  • Demographic or Other Information as long as it does not allow the person’s identification;
  • Information on the Services’ use via analytical tools enabling Us to provide You with enhanced performance level. The information thus collected may provide Us with information regarding the most used services and functions, the type of equipment used, its characteristics, country, and downloading language;
  • Information cross-referencing to create User profiles;
  • Responses to a survey or questionnaire submitted by Us on the use of the Products, Services, or the Sites.
  1. 2. How do we collect Your Data? 

We collect Your Data from:

  • The contract You entered into with Us;
  • The account You created or Services You subscribed to;
  • Viewing, downloading, or using a Site;
  • Your purchases;
  • Your subscription to newsletters or other types of communications;
  • Your claims regarding a Product or Service;
  • Your concert or event tickets purchase;
  • Public databases;
  • Commercial or media partnerships for marketing or promotional operations related to our activity;
  • The use of Your User’s personal account via one of the social networks, a platform, or a third-party service to connect to one or more of its accounts on the Sites. In such a case, certain Personal Data from the Your social network or other third-party service’s personal account may be shared with Priam Digital(i.e., the name, e-mail address, photos, contact list, listening history, songs or favorite artists, and any Other Information to which PRIAM DIGITALhas access when You log on through Your personal account on a social network or any other third party service);
  • Your participation via Your personal account to a social network, a third-party platform or service, or directly on Sites hosting games, competitions, lotteries, quizzes, or any other promotional operation organized by Us.

We collect Your Other Information via: 

  • Browsers, devices, and widgets and other digital applications’ use on such devices;
  • Server log files; 
  • Cookies (for more information, please read our Cookie Policy (insert link)
  • Geolocation when Users have given their express consent to Us; 
  • The sharing of information and data.
  1. What do We process Your Data for? 

We process Your Data to: 

  • Create and administer Your personal accounts; 
  • Perform contractual obligations,
  • Provide Services or deliver purchased Products;
  • Conduct and process various payment transactions;
  • Respond to Your requests or inquiries, or provide and improve customer support;
  • Organize, implement and manage Your participation in games, contests, lotteries, quizzes, or other similar promotional campaigns, surveys, or other features; 
  • Communicate with You (e.g., administrative, promotional, or commercial communications);
  • Provide, improve, optimize and customize Your User experience and make it easy for You to share functions on social media; 
  • Implement, ensure and improve Sites or Services security, combat fraud, and prevent data security breaches as defined by the GDPR;
  • Analyze, identity, improve and understand the Services and Sites functioning and the trends of the use of the Sites or Services; 
  • Determine, customize, and improve marketing and promotion techniques efficiency and adapt promotional and advertising campaigns to Your purposes and needs;
  • Send, purchase or share gifts or links to albums or songs, music information, videos, or other Services with contacts, friends, and family members or other Users
  • Fulfill our legal obligations 
  • Manage and administer Your Personal Data in compliance with GDPR
  1. On what legal ground can We process Your Data? 

We may process Your Data based on:

  • Your consent;
  • A contract You entered into with Us;
  • A legal obligation;
  • Our legitimate interest (for example, to improve our Products and Services, to prevent fraud, to secure Sites and Services, or to customize our communication.
  1. Who receives Your data?

The Data You send to Us, directly or indirectly, is accessed exclusively by authorized individuals, only when necessary, and for the sole purposes referred to in Section 3 above. We make sure that such access complies with the security measures that We implement. 

Data recipients may be: 

  • Our subsidiaries;
  • Third-party providers with whom We work to facilitate the Services’ provision or access to Sites, such as but not limited to hosting services, data analysis, processing of payment transactions and repayment of royalties or orders of Products and Services, providing infrastructure services, information technology services, customer services, e-mail distribution services, audit or other similar services;
  • For performing artists or their representatives only: the provided information may, amongst others, be used to track how certain Recordings sell for ranking purposes. By using our Services, they agree that Priam Digital may provide sales’ Records or Music Videos information to third parties (e.g. platforms), aggregate this information in diagrams, charts, and/or other comparative information support materials, and also release it following the General Terms and Conditions of Sale of the Services.
  • Third-party providers or performing artists or managers, producers, or labels may send advertising and promotional communications to Users, subject to the contract they entered into with Us. In that case, Users will be deemed to have agreed to receive such content via traditional, digital media, or other means of communication;
  • Third-party organizers or managers of promotional campaigns, such as games, contests, lotteries, etc.

Priam Digital may also communicate Your Data to duly authorized individuals, only when necessary for the sole purposes referred to in Section 3 above, in the following cases: 

  • To comply with applicable law, including the law of countries outside Your place of residence;
  • To respond to injunctions or requests from public or governmental authorities, including those outside Your country of residence;
  • To perform under or enforce the contract, the General Terms, and Conditions of Sale and Use of our Services, or to protect our activities or those of our subsidiaries or our performing artists, managers’, labels’ and producers’ activities;
  • To protect the rights, security, and property of Priam Digital or those’ subsidiaries, artists, labels, managers, or producers;
  • To exercise or defend our legal rights or to have such rights recognized;
  • To make any necessary recourse or to limit damages or any sentences that may be pronounced against Priam Digital or its subsidiaries;
  • For a reorganization, merger, acquisition, joint venture, or any other form of transfer of all or part of Priam Digital or its assets to any such third party;
  • To perform specific data transfers upon receiving Your explicit consent;
  • To satisfy a public interest;
  • To protect You, or third parties, from fraud, abuse, illegal acts or breach of contract, or of the general terms of use of the Sites or Services or sale of Products;
  • You may also decide to communicate Your Data by using the available features on message boards, discussion forums, chats, share profiles on social networks, blogs, or via any other means proposed by service providers. In that case, such service providers will be responsible for processing Your Data and You will need to carefully read their privacy or confidentiality policies. 
  • Information, documents, or data published or communicated by You in connection with the Services become public domain information and may therefore be made available to other users of the Services or generally distributed on the Internet or on other communication networks. Under no circumstances whatsoever should We be held liable for the consequences arising from using or communicating any information or data that was the subject of a voluntary communication by You through any of the Services. We may use and communicate such data in accordance with the general terms and conditions of use of Services or Products.
  1. How long do We use Your Data? (data retention period)

We keep Data only for the time necessary to execute the contract, achieve the objective pursued, meet Your needs, execute the contract or meet our legal obligations.

The data retention criteria We established include: 

  • The term of the contract entered into by You with Us;
  • The retention period required by applicable law (i.e., accounting or archiving obligations);
  • The duration of the Your consent for a specific use;
  • For prospects (in the absence of any subscription to a Service or purchase of a Product): 1 year or less from the day of the Data collection;
  • 6 months or less for cookies or 13 months in specific cases (for more details, please read our Cookie Policy (insert link)) 

When We no longer need to process Your Data, We delete it from our systems and databases or anonymize it so that You can no longer be identified.

  1. Hosting-storage and transfer of your data outside the European Union

Our Services and Sites are controlled and operated from Albania. This Privacy Policy is subject to French law. We take all necessary measures to host and store Your Data on servers located in the European Union.

Due to our global presence, certain Data may be collected, transferred, hosted, and/or more generally processed outside Your country or jurisdiction of residence. Data protection and data security requirements differ from place to place and may not offer the same level of protection as those of Your country or jurisdiction of residence or of origin. However, Priam Digital and its subsidiaries take appropriate measures to protect the transfer of Your Data. Such measures include the user data transfer methods approved by the European Commission and written agreements with our processors to ensure they process the Data they receive from Us according to the law.

In light of the above, User Data may be accessed by law enforcement and/or regulatory authorities according to the applicable laws of such foreign jurisdictions.

We may, as specified in section 5 above, when needed, disclose Your Data to third parties’ partners in order to ensure the Sites’ or Services’ maintenance and security, offer certain features, or to improve the Sites’ and Services’ functioning and appearance or create new features. 

We require such third parties to provide adequate confidentiality and security guarantees, to take the necessary physical, organizational and technical measures to protect and secure Your Data, in accordance with applicable law. Any transfer of data outside the European Union shall be governed by guarantee mechanisms approved by the European Commission and/or the local competent authorities.

  1. Security measures

We implement appropriate physical, technical, administrative, and organizational security measures in order to best protect, Your Data against loss, theft, misuse, abusive use, fraudulent access, disclosure, alteration, and destruction. 

No data transmission on the Internet can be 100% secure but We are committed to implementing security standards recognized in our industry and designed to protect and prevent unauthorized access, disclosure, and use of Data. 

These measures include but are not limited to: 

  • Storage on secure servers within the European Union;
  • Protection, including through data encryption processes, such as Secure Sockets Layer (“SSL”) for credit card transactions and other bank payment transactions that require the use by Users of an SSL-enabled browser, such as Safari, Netscape Navigator 3.0 (or later version), Chrome, Firefox or Internet Explorer;
  • Limited access of employees or third-party staff to databases containing the Data;
  • Contractual obligations for our staff handling Data which impose confidentiality requirements they must fulfill. 

In addition, You have the opportunity, on the Sites or when using the Services, to create an access account or user account containing an identifier and password that You only are deemed to know to protect access to Your account. To further protect Your Data, We recommend that You periodically change your password, and under no circumstances should You disclose Your identifiers to anyone. 

  1. Your rights 

If You reside in Albania you benefit from the protection of the law of 6 January 1978, known as the French Data Protection Act. Residents of the European Union/European Economic Area benefit from the GDPR as follows: 

  • Right to Information: the right to obtain clear, transparent, and understandable information on how We use Your Personal Data;
  • Right of access: the right to access Your Personal Data held by Us about You;
  • Right of rectification, opposition, or limitation: the right to have Your Personal Data corrected if they are inaccurate or incorrect and/or to complete them;
  • Right to erasure/right to be forgotten: right to request the erasure or deletion of Your Personal Data. However, this right may be limited by Us by legal grounds or legitimate interest in maintaining said Personal Data. Such a request will result in the termination of the User’s customer/user account and the User will no longer be able to access the Sites or Services;
  • Right to object to direct marketing: the right to request or modify Your choice at any time to no longer receive communications relating to the offers of Services, Products, news, or events from Us or third-party partners. In this case, You may use the hyperlink provided for this purpose in each email or promotional communication received or the STOP SMS in each promotional SMS received. Users may also request to receive non-personalized communications on the Products and Services. We will then use our best efforts to inform our third-party partners unless such communication proves impossible or requires disproportionate efforts. In this case, You will be responsible for contacting the third party in question directly to request de-registration/ unsubscribing/ withdrawal from the receipt of said communications;
  • Right to withdraw consent at any time for consent-based data processing: the right to withdraw Your consent to the processing of Your Personal Data when such processing is based on consent;
  • Right to data portability: the right to request copying, transferring Your Personal Data to another database. This right applies only to Personal Data provided by Users and provided that the processing is based on an agreement or consent and made using automated processes. We will return to Users the Data in a structured manner and a legible format.

To exercise these rights, please contact us directly at [email protected]

If we do not satisfy Your request, You may contact Your local data protection authority.

  1. What if a data breach occurs?

Per articles 33, 34, and 55 of the GDPR, if We are victims of a data breach or are aware of such breach, We will report it to the competent local authority and when legally required, notify You of such breach. 

PRIAM DIGITAL will comply with other applicable laws containing information security breach reporting/notification requirements, as applicable, depending on the location of the data subjects and other relevant factors.

  1. How can You contact us?

You can contact us via our contact form https://priam.al/contact