Effective from: 25 May 2018
It is inevitable in a journalistic endeavour such as writing music reviews that personal data will be collected. Recent changes in EU data protection legislation – usually referred to as GDPR – require us to document how we collect, use and protect your personal data. Article 85 of the European GDPR legislation provides for journalistic use of personal information but it is nonetheless worthwhile to state how any personal information is collected and used.
Who we are
Bluesbunny is a music reviews website (www.bluesbunny.com). We can be contacted at the following mailing address:
c/o Taur Productions Limited
98 Woodlands Road
Any questions regarding data protection should be addressed to email@example.com
Websites within scope for this policy
Bluesbunny Music Reviews (www.bluesbunny.com)
This website is based in the UK.
Collection of personal data
The legitimate purpose of the collection of personal data is to permit the production of reviews, ensure the security and safe operation of the website and to manage communications with you. Personal data used in the production of reviews may be collected in several ways:
- Press releases
- Email contact
- Telephone contact
- Social media
Personal data collected
In order to facilitate the production of reviews and to manage any communications required to complete that task, we collect some or all of the following:
- Contact address
- Email address
- Website address
- Telephone number
- Social media contact details
- Browser type and version
- Geolocation data
- Operating system version
- IP address used for connection
- Time of connection
Storage of personal data
Bluesbunny is UK based.
A cloud service provider is used to deliver the Bluesbunny website. This cloud service provider is based within the EU. All processing to provision the Bluesbunny website is therefore within the EU.
A cloud service provider is used for email. This cloud service provider is not based within the EU.
By their very nature, the reviews on the Bluesbunny website have no expiry date. Email, however, is routinely deleted after 3 calendar months.
Security of personal data
All databases and content used in the production of the website are located in secure data centres and the databases use at rest encryption. All access to the website uses TLS encryption (HTTPS). Email is also accessed using TLS encryption (HTTPS).
Your rights as a data subject
A data subject is you in case you were wondering. As an EU based data subject whose personal information we hold, you have certain rights. If you are an EU citizen and wish to exercise any of these rights, please email firstname.lastname@example.org or use the form on the Contact page of the website section below to contact us. To process your request, we will ask you to provide two valid forms of identification for verification purposes.
If you have a data protection complaint, please contact us in writing or using the email address provided above. All complaints will be treated in a confidential manner. If you are unsatisfied with our handling of your data, or about any complaint that you have made to us about our handling of your data, you are entitled to escalate your complaint to a supervisory authority within the European Union. For the United Kingdom, this is the Information Commissioner’s Office (ICO), who is also our lead supervisory authority.
Last updated: 21 February 2020