The website www.jellynote.com is provided to you by Orphee Music SAS, a company registered in France with its registered office at 12 rue Anselme, 93400 Saint Ouen, France (“Jellynote”, “us”, “we” or “our”). You can reach is at the above address or [firstname.lastname@example.org]. Jellynote is committed to protecting the privacy of its users.
The term Data Controller and Personal Data have the meanings set out in the Data Protection Act 1998. References to the Data Protection Act 1998 shall include references to any statue that replaces or amends the Data Protection Act 1998.
Orphee Music SAS is the data controller (“Data Controller”) for the purposes of the Act. If you would like to contact us, please write to email@example.com
When creating an account with us, we will ask you for the following Information:
- Your full name;
- [address]; and
- Your email address.
Jellynote also automatically collects certain technical information about your computer hardware and software, this includes:
- Your IP address;
- Browser type;
- Operating system;
- The language that you use to access our Website;
- Screen resolution and size; and
- Access time and location.
You may also, voluntarily, provide us with the following information for our own internal use:
- Your gender; and
- Your date of birth.
Please note that you can choose not to provide us with certain Information, but this may limit the extent to which you can benefit from our Website and services.
How your Information is used
Jellynote may use your Information in the following ways:
- To occasionally email you with offers or information about our products. If you would prefer not to receive any marketing emails from us, please email us at firstname.lastname@example.org with the subject line “Unsubscribe”;
- To ensure that the content on our Website is presented in the most effective manner for you and your computer;
- To enable you to use the interactive features of our Website;
- To provide the products and services that you have requested;
- For internal profiling in order to develop and improve our products and services;
- For our internal record keeping;
- To contact you to answer any queries you may have; and
- To contact you for marketing purposes where you have given us permission to do so.
Jellynote may, in limited circumstances, disclose your Information to the following third parties:
- In the event that Jellynote sells or buys any business or asset, we may disclose your Information to the prospective seller or buyer; or
- If Jellynote is under a duty to disclose or share your Information to comply with any legal obligation or in order to enforce or apply Jellynote’s terms and conditions and other agreements or protect the rights, property, or safety of our customers, or others. This includes exchanging Information with other companies and organisations for fraud protection and credit risk reduction.
When we collect your Information, we may obtain your consent to collect and use the data for certain specified purposes. We will only process your Information for these specific purposes, or for any other purposes specifically permitted by the Act.
Your right to withdraw consent
Where we are processing your Information based upon your consent, you may withdraw that consent at any time by contacting our Data Controller (contact details above).
Links to other websites
Storing your Information
Jellynote is a worldwide service. By using Jellynote, you authorize us to transfer and store your information outside your home country, including in the United States, for the purposes described in this policy. The privacy protections and the rights of authorities to access your information in these countries may not be the same as in your home country.
We take additional measures when information is transferred from the European Economic Area (EEA). This includes having standard clauses approved by the European Commission in our contracts with parties that receive information outside the EEA. We also rely on European Commission adequacy decisions about certain countries, as applicable, for data transfers to countries outside the EEA.
Our retention of your Information
We take all reasonable steps to retain your personal Information only for as long as reasonably necessary. The period for which your Information should be retained varies according to the nature of that Information. The period of retention commences when the Information has been used for its original purpose and has been stored, whether electronically or in paper form. If you no longer want us to store your Information, you may request that it be removed from our records, please see paragraph 10 for details of how to request removal. Please note that such removal may prevent us from supplying certain services to you.
Accessing, correcting, updating and removing your Information
One of the GDPR's main objectives is to protect and clarify the rights of EU citizens and individuals in the EU with regards to data privacy. This means that you retain various rights in respect of your data, even once you have given it to us. These are described in more detail below.
To get in touch about these rights, please contact us. We will seek to deal with your request without undue delay, and in any event within one month (subject to any extensions to which we are lawfully entitled). Please note that we may keep a record of your communications to help us resolve any issues which you raise.
Right to object: this right enables you to object to us processing your personal data where we do so for one of the following four reasons: (i) our legitimate interests; (ii) to enable us to perform a task in the public interest or exercise official authority; (iii) to send you direct marketing materials; and (iv) for scientific, historical, research, or statistical purposes.
The "legitimate interests" and "direct marketing" categories above are the ones most likely to apply to our Website Users. If your objection relates to us processing your personal data because we deem it necessary for your legitimate interests, we must act on your objection by ceasing the activity in question unless:
- we can show that we have compelling legitimate grounds for processing which overrides your interests; or
- we are processing your data for the establishment, exercise or defence of a legal claim.
If your objection relates to direct marketing, we must act on your objection by ceasing this activity.
Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, for our marketing arrangements or automatic profiling), you may withdraw this consent at any time and we will cease to carry out the particular activity that you previously consented to unless we consider that there is an alternative reason to justify our continued processing of your data for this purpose in which case we will inform you of this condition.
Data Subject Access Requests (DSAR): You may ask us to confirm what information we hold about you at any time, and request us to modify, update or Delete such information. We may ask you to verify your identity and for more information about your request. If we provide you with access to the information we hold about you, we will not charge you for this unless your request is "manifestly unfounded or excessive". If you request further copies of this information from us, we may charge you a reasonable administrative cost where legally permissible. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.
Please note that in certain of the jurisdictions in which we operate, we comply with additional local law requirements regarding data subject access requests and may refuse your request in accordance with such laws.
Right to erasure: You have the right to request that we erase your personal data in certain circumstances. Normally, the information must meet one of the following criteria:
- the data are no longer necessary for the purpose for which we originally collected and/or processed them;
- where previously given, you have withdrawn your consent to us processing your data, and there is no other valid reason for us to continue processing;
- the data has been processed unlawfully (i.e. in a manner which does not comply with the GDPR);
- it is necessary for the data to be erased in order for us to comply with our legal obligations as a data controller; or
- if we process the data because we believe it necessary to do so for our legitimate interests, you object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.
Please note that in certain of the jurisdictions in which we operate, we comply with additional local law requirements regarding data subject right to erasure and may refuse your request in accordance with local laws.
We would only be entitled to refuse to comply with your request for one of the following reasons:
- to exercise the right of freedom of expression and information;
- to comply with legal obligations or for the performance of a public interest task or exercise of official authority;
- for public health reasons in the public interest;
- for archival, research or statistical purposes; or
- to exercise or defend a legal claim.
When complying with a valid request for the erasure of data we will take all reasonably practicable steps to Delete the relevant data.
Right to restrict processing: You have the right to request that we restrict our processing of your personal data in certain circumstances. This means that we can only continue to store your data and will not be able to carry out any further processing activities with it until either: (i) one of the circumstances listed below is resolved; (ii) you consent; or (iii) further processing is necessary for either the establishment, exercise or defence of legal claims, the protection of the rights of another individual, or reasons of important EU or Member State public interest.
The circumstances in which you are entitled to request that we restrict the processing of your personal data are:
- where you dispute the accuracy of the personal data that we are processing about you. In this case, our processing of your personal data will be restricted for the period during which the accuracy of the data is verified;
- where you object to our processing of your personal data for our legitimate interests. Here, you can request that the data be restricted while we verify our grounds for processing your personal data;
- where our processing of your data is unlawful, but you would prefer us to restrict our processing of it rather than erasing it; and
- where we have no further need to process your personal data but you require the data to establish, exercise, or defend legal claims.
If we have shared your personal data with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal data.
Right to rectification: You also have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. Where appropriate, we will also tell you which third parties we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.
Right of data portability: If you wish, you have the right to transfer your personal data between data controllers. In effect, this means that you are able to transfer your Hays account details to another online platform. To allow you to do so, we will provide you with your data in a commonly used machine-readable format that is password-protected so that you can transfer the data to another online platform. Alternatively, we may directly transfer the data for you. This right of data portability applies to: (i) personal data that we process automatically (i.e. without any human intervention); (ii) personal data provided by you; and (iii) personal data that we process based on your consent or in order to fulfil a contract.
Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with your local supervisory authority. Details of how to contact them can be found here.
If you would like to exercise any of these rights, or withdraw your consent to the processing of your personal data (where consent is our legal basis for processing your personal data), please contact us at email@example.com. Please note that we may keep a record of your communications to help us resolve any issues which you raise.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during the period for which we hold your data.
Security of your Information
We will put in place procedures and technologies to maintain the security of your Information from the point of collection to the point of destruction. Your Information will only be transferred to another party where it agrees to comply with our procedures or policies, or puts equivalent procedures in place itself.
Personal data breaches
If, whilst your Information is being transferred, stored or otherwise processed in some way by us, there is a breach of our security procedures which means that your Information is accidentally or unlawfully destroyed, lost, altered, disclosed or accessed without authorisation in a way that is likely to harm your rights and freedoms, we shall notify the Data Controller without undue delay. In any event, we will endeavour to notify the Data Controller within 72 hours of becoming aware of the breach.
Where there is a high risk that the breach will harm your rights and freedoms, we will also notify you of the breach as quickly as we can, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
We are committed to ensuring that your Information is secure. As part of our efforts to protect your Information, Jellynote will never send you emails asking for your personal Information or for your registered password (if you are a registered user).
If you do receive such an email, or are asked to disclose this information by someone claiming to work for Jellynote, please report the communication to us immediately.