DATENSCHUTZ
We are very pleased with your interest in our company.
​
Data protection is particularly important to managing Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music. Use of the Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music website is generally possible without providing any personal data. However, if an individual wishes to use our company's specific services via our website, processing personal data may be necessary. If processing of personal data is required and there is no legal basis for such processing, we generally seek consent from the person involved.
The processing of personal data, for example, the name, address, email address, or telephone number of a person, is always carried out by the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music. Through this data protection declaration, our company aims to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, individuals are informed of their rights under this data protection declaration.
Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music has implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed through this website. Nonetheless, Internet-based data transmissions can have security gaps, so absolute protection cannot be guaranteed. For this reason, every person is free to submit personal data to us by alternative means, for example, by telephone.
1. Definitions of Terms
The privacy policy of Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music is based on the terms used by the European directives and regulations when issuing the General Data Protection Regulation (GDPR). Our privacy policy aims to be easy to read and understand for both the public and our customers and business partners. To ensure this, we would like to explain the terms used in advance.
In this privacy policy, we use, among other things, the following terms:
A) Personal Data
Personal data is all information that relates to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
B) Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
C) Processing
Processing is any operation or set of operations that is performed on personal data, with or without automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
D) Restriction of Processing
Restriction of processing is the marking of stored personal data to limit its future processing.
E) Profiling
Profiling is any form of automated processing of personal data that involves using personal data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning that natural person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
F) Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures that ensure that the personal data is not attributed to an identified or identifiable natural person.
G) Controller or Data Controller
The controller is the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law.
H) Processor
A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
I) Recipient
A recipient is a natural or legal person, public authority, agency, or other body to whom personal data is disclosed, whether a third party or not. However, authorities who may receive personal data in the framework of a particular inquiry under Union or Member State law shall not be regarded as recipients.
J) Third Party
A third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
K) Consent
Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by clear affirmative action, signify agreement to the processing of personal data relating to them.
​
2. Name and Address of the Data Controller
The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union, and other regulations related to data protection is:
​
Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music
Rechbergstraße 5/2
8102 Semriach
Austria
Email: info@meltdown-studios.com
Website: www.meltdown-studios.com
​
3. Collection of General Data and Information
Each time the website of Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music is accessed by an individual or an automated system, a series of general data and information is collected. This general data and information are stored in the server log files. The data and information collected may include (1) the types and versions of browsers used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the sub-websites accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the internet service provider of the accessing system, and (8) other similar data and information used for protection against attacks on our IT systems.
Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music does not draw any conclusions about the individual from this general data and information. Instead, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website and any advertisements, (3) ensure the continued functionality of our IT systems and the technology of our website, and (4) provide law enforcement authorities with the necessary information for prosecution in case of a cyberattack. Therefore, this anonymously collected data and information are evaluated by Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music both statistically and to enhance data protection and security at our company to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data from the server log files are stored separately from any personal data provided by an individual.
​
4. Contact Option via the Website
The website of Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music, by legal regulations, provides information that enables quick electronic contact with our company and direct communication with us, including a general address for what is known as electronic mail (email address). If an individual contacts the controller via email or through a contact form, the personal data transmitted by the individual is automatically saved. Personal data transmitted voluntarily by an individual to the controller are stored for purposes of processing or contacting the individual. This personal data is not transferred to third parties.
​
5. Routine Deletion and Blocking of Personal Data
The controller processes and stores the personal data of the individual only for the period necessary to achieve the purpose of storage, or as long as required by European directives and regulations or other laws to which the controller is subject.
If the storage purpose ceases to apply, or if a storage period prescribed by the European directives and regulations or another relevant legislator expires, the personal data is routinely blocked or deleted by legal regulations.
6. Rights of the Data Subject
A) Right to Confirmation
Each data subject has the right, granted by European legislators and regulators, to request confirmation from the data controller as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they can contact an employee of the controller at any time.
B) Right of Access
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, to obtain at any time from the controller, free of charge, information about the personal data stored about them and a copy of this information. Additionally, the European legislators and regulators grant the data subject access to the following information:
-
The purpose of processing
-
The categories of personal data processed
-
The recipients or categories of recipients to whom personal data has been or will be disclosed, especially recipients in third countries or international organizations
-
If possible, the planned storage duration of the personal data or, if that is not possible, the criteria used to determine that duration
-
The existence of the right to rectification or erasure of personal data, or to restriction of processing by the controller, or the right to object to this processing
-
The existence of a right to lodge a complaint with a supervisory authority
-
If the personal data was not collected from the data subject: all available information about the data’s origin
-
The existence of automated decision-making, including profiling under Article 22(1) and (4) GDPR, and, at least in these cases, meaningful information about the logic involved, as well as the significance and intended consequences of such processing for the data subject.
The data subject also has the right to know if personal data has been transferred to a third country or to an international organization. If so, the data subject has the right to be informed of the appropriate safeguards related to the transfer. If a data subject wishes to exercise this right of access, they can contact an employee of the controller at any time.
C) Right to Rectification
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, to request the immediate rectification of inaccurate personal data concerning them. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement. If a data subject wishes to exercise this right to rectification, they can contact an employee of the controller at any time.
D) Right to Erasure (Right to be Forgotten)
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, to request from the controller the erasure of personal data concerning them without undue delay if one of the following reasons applies and as long as the processing is not required:
-
The personal data was collected or otherwise processed for purposes for which it is no longer necessary.
-
The data subject withdraws the consent on which the processing is based, according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, and there is no other legal basis for the processing.
-
The data subject objects to the processing under Art. 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing under Art. 21(2) GDPR.
-
The personal data was processed unlawfully.
-
The erasure of personal data is required to fulfill a legal obligation under Union or Member State law to which the controller is subject.
-
The personal data was collected concerning services offered by an information society pursuant to Art. 8(1) GDPR.
If any of the above applies and a data subject wishes to request the erasure of personal data stored by Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music, they can contact an employee of the controller at any time. The employee will ensure that the erasure request is acted upon immediately.
If Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music has made the personal data public and, as the controller, is obligated to erase it according to Art. 17(1) GDPR, then, considering available technology and implementation costs, it will take reasonable steps, including technical measures, to inform other controllers processing the published personal data that the data subject has requested that all links, copies, or replications of this data be erased, provided the processing is no longer necessary. The employee will handle the necessary arrangements in each case.
E) Right to Restriction of Processing
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, to request the controller to restrict processing if one of the following conditions applies:
-
The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
-
The processing is unlawful, the data subject objects to the erasure of the personal data, and instead requests the restriction of its use.
-
The controller no longer needs the personal data for processing, but the data subject requires it to assert, exercise, or defend legal claims.
-
The data subject has objected to processing under Art. 21(1) GDPR, and it is not yet clear whether the controller's legitimate grounds override those of the data subject.
If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored by Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music, they can contact an employee of the controller at any time. The employee will arrange the restriction of processing.
F) Right to Data Portability
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit this data to another controller without hindrance by the controller to whom the data was provided, as long as the processing is based on consent according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract according to Art. 6(1)(b) GDPR and the processing is carried out by automated means unless the processing is necessary for performing a task in the public interest or in the exercise of official authority assigned to the controller.
To exercise the right to data portability, the data subject may contact an employee of Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music at any time.
G) Right to Object
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, to object at any time, on grounds relating to their particular situation, to processing of personal data concerning them based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions. Meltdown Metal Studios – Professional Mixing & Mastering For Heavy Music will no longer process the personal data in the event of an objection unless we can demonstrate compelling legitimate grounds for processing that override the interests, rights, and freedoms of the data subject, or the processing is for the establishment, exercise, or defense of legal claims.
H) Automated Decisions in Individual Cases, Including Profiling
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, not to be subject to a decision based solely on automated processing—including profiling—that produces legal effects concerning them or similarly significantly affects them, unless the decision (1) is necessary for entering into or performing a contract between the data subject and the controller, or (2) is authorized by Union or Member State law applicable to the controller and which also lays down suitable measures to safeguard the data subject’s rights, freedoms, and legitimate interests, or (3) is based on the data subject’s explicit consent.
To assert rights related to automated decisions, the data subject can contact an employee of the controller at any time.
I) Right to Withdraw Data Protection Consent
Each data subject affected by the processing of personal data has the right, granted by European legislators and regulators, to withdraw consent to the processing of personal data at any time. If the data subject wishes to exercise their right to withdraw consent, they may contact an employee of the controller at any time.
7. Legal Basis for Processing
Article 6(1)(a) GDPR serves as the legal basis for our company when we obtain consent for a specific processing purpose. If processing personal data is necessary to fulfill a contract to which the data subject is a party, as in cases involving the delivery of goods or other services, the processing is based on Article 6(1)(b) GDPR. The same applies to processing required for pre-contractual activities, such as inquiries about our products or services. If our company is subject to a legal obligation that necessitates processing personal data, such as fulfilling tax obligations, the processing is based on Article 6(1)(c) GDPR. In rare instances, processing may be required to protect the vital interests of the data subject or another natural person, such as when a visitor to our business is injured and requires their name, age, health insurance details, or other essential information to be shared with a doctor, hospital, or other third parties. In such cases, processing would be based on Article 6(1)(d) GDPR. Finally, processing may also be based on Article 6(1)(f) GDPR. This legal basis applies to processing not covered by any of the above grounds when processing is necessary to safeguard a legitimate interest of our company or a third party, provided the interests, fundamental rights, and freedoms of the data subject do not outweigh those interests. This is particularly permitted by European legislators, who explicitly recognize that a legitimate interest may be assumed when the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).
​
8. Legitimate Interests in Processing Pursued by the Controller or a Third Party
When processing personal data is based on Article 6(1)(f) GDPR, our legitimate interest is to conduct our business in the best interests of all our employees and shareholders.
​
9. Duration for Storing Personal Data
The criterion for determining the duration of personal data storage is the respective statutory retention period. After this period expires, the data is routinely deleted unless it is still necessary for fulfilling a contract or initiating a new contract.
​
10. Statutory or Contractual Requirement to Provide Personal Data; Necessity for Contract Conclusion; Obligation of the Data Subject to Provide Personal Data; Possible Consequences of Non-Disclosure
​
We inform you that the provision of personal data is partly required by law (e.g., tax regulations) or may also result from contractual obligations (e.g., information about the contracting party). In some cases, it may be necessary for a data subject to provide us with personal data to conclude a contract, which will subsequently be processed by us. For example, the data subject is obligated to provide us with personal data if our company enters into a contract with them. Failure to provide personal data would result in the contract not being concluded with the data subject. Before providing personal data, the data subject may contact one of our employees, who will clarify whether the provision of personal data is required by law or contract or necessary for contract conclusion and inform the data subject of the consequences of not providing the data.
​
11. Existence of Automated Decision-Making
As a responsible company, we do not engage in automated decision-making or profiling.
This privacy policy was created using the privacy policy generator of the DGD (German Association for Data Protection GmbH), which serves as an external data protection officer in Lower Bavaria, in cooperation with the data protection lawyers of the law firm Wilde Beuger Solmecke | Rechtsanwälte.