Oct 24, 2019
Sonarworks True-Fi privacy statement
Our mobile application uses the Facebook Customer’s remarketing feature Custom Audience. This allows you to receive interest-based advertisements as part of your visit to the social network Facebook, if you are registered with a service of Facebook.
You can disable Facebook Custom Audience by disabling this feature in your application settings.
When you use Sonarworks mobile application, we collect personal data about your music preferences, including the songs you have listened to, the duration and the frequency of their listening.
Sonarworks does not process data about your music preferences for marketing purpose and in no circumstances transfers information about your music listening habits to third parties.
We, SIA “Sonarworks”, the limited liability company registered in the Republic of Latvia under registration No 40103611667, with its registered address at Smerla Street 3, Riga, LV-1006, Latvia, (“Sonarworks”, “we”, “us”, or “our”), consider the protection of your privacy and personal data as an important business value. Therefore, we only process your personal data in accordance with this privacy statement (“Privacy Statement”) and applicable legislation, including the General Data Protection Regulation (the "GDPR").
In the Privacy Statement we describe why and how we collect and use personal data related to the use of our website, mobile application, online purchases of True-Fi products as well as the use of a trial.
Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
When we use “you” or “your” in this Privacy Statement, we are referring to the relevant individual who is the subject of the personal data.
Website visitors and mobile application users
Each time you access us online or by using mobile application, we collect the following information about the device you are using: IP address, the request from your browser, the date and time of this request and the status and the amount of data transferred by the request. We also collect information about the browser used, the operating system of the device and the Internet service provider.
Cookies are small text files that are dropped on a user's web browser by a website that the user was viewing. Each cookie contains a small amount of information such as a unique identifier that links a user to a specific website. Our website may use them to track the number of times you have visited the website, to track the number of visitors to the website, to determine and analyze visitors' use of our websites, to store data that you provide (such as your preferences), and to store technical information related to your interactions with our website. We may also use session cookies, which are deleted when you close your browser, to store your user ID, to facilitate your movement around our websites (particularly in connection with information searches and order placement) and other information used in administering the session.
If you use our website without revealing your identity or without providing any personal data, the processing of the above-mentioned information is not considered as processing of personal data within the meaning of the GDPR. If, on the other hand, you perform activities on our website that requires the provision of identifiable personal data, then we process your data for the purposes and legal basis listed below.
The purpose of the aforesaid data processing is to enable appropriate operation of our website and mobile application, to enable the content of our website and mobile application be displayed on your device, to detect and eliminate errors, to determine the use of the website and mobile application, to make adjustments and improvements of our products, our website and mobile application, to personalize your browsing experience by displaying content that is more likely to be relevant and of interest to you.
The legal basis for processing your personal data for the purposes mentioned above is our legitimate interests, namely, the demand-oriented design of the website, provision of network and information security.
Registration for a user account
You can sign up as a user for our website offers and for use of our mobile application. To do this you have to enter you name and e-mail address. We also record and process the date and time of registration and the IP address. As part of the registration process, we obtain your consent regarding the use of your data.
The purpose of the processing these data is to offer a personalized service, conduct quality and risk management and to prevent unauthorized access to restricted areas of the website or restricted content.
The legal basis for the processing your data for registration is your consent. If you register for the initiation or fulfilment of a contract with us, the legal bases for the processing of your data is also the performance of a contract or to take steps prior to entering into a contract.
You can communicate with us via request form on our website or by e-mail. When you use one of these contact points to contact us, we collect the personal data you provide us via selected contact point. It can be your name, e-mail address, postal address, phone number and information you provide in communication with us.
The purpose of the data processing is to answer your question or request, to identify users who have difficulties using the program, to offer support for our products and services as well as to analyze the nature and the regularity of questions and reported issues.
The legal basis for the processing of the data is our legitimate interests, namely, to distribute actual and detailed information about our products, to summarize more frequent questions, to identify problems and necessity for improvements of our products.
If you contact us for the initiation or fulfilment of a contract, the legal bases for the processing of your data is also performance of a contract or to take steps prior to entering into a contract.
You can subscribe to our newsletter in our website or mobile application. When you sign up for our newsletter, your e-mail address will be used to send you regular information on our current topics and other advertising materials. You can opt out of receiving the newsletter at any time sending an e-mail to firstname.lastname@example.org.
The purpose of the data processing is to distribute the latest information about our products.
The legal bases for the processing of the data for the purposes mentioned above is your consent, if you have explicitly registered for the newsletter. You can also receive the newsletter from us without explicit consent in case you have ordered our products or services and have not objected to receiving the information by e-mail. In this case, the legal bases for the processing your data is our legitimate interests to inform our clients and newsletter subscribers about our new, up-to-date and/or personalized products, our services or special offers (e.g. discounts).
Sound preference research: our website and mobile application offer the opportunity to participate in the research of hearing and music preferences. By choosing to participate in this project, data on your age, gender, musical preferences and other data you enter in the application form, as well as your hearing threshold measurements, are processed.
The purpose of the data processing is to improve the quality of our products and services to make them more relevant to the clients or potential clients’ sound preferences.
The legal basis for the processing your personal data for the purposes mentioned above is your consent.
Use of Sonarworks mobile application
When you use Sonarworks mobile application for the first time: using our mobile application for the first time you are asked to enter your gender, age and headphones.
The purpose of the processing these personal data is to analyze the sound preferences of users of our mobile application depending on age, gender and headphones in order to offer a sound setting that improves your listening experience.
The legal basis for the processing your personal data for the purposes mentioned above is our legitimate interests, namely, to improve the quality of our mobile application and our products.
When using mobile applications: when you use Sonarworks mobile application, we collect personal data about your music preferences, including the songs you have listened to, the duration and the frequency of their listening.
You have the right to object to the processing of your aforementioned personal data at any time by sending an e-mail to: email@example.com.
The purpose of the processing these personal data is to find out and analyze Sonarworks mobile application users' sound preferences in order to customize and personalize our products.
Sonarworks does not process data about your music preferences for marketing purpose and in no circumstances transfers information about your music listening habits to third parties.
The legal basis for the processing your music listening habits is our legitimate interests, namely, to improve our software through adapting it to the listeners' preferences.
Facebook Custom Audience: our mobile application uses the Facebook Customer’s remarketing feature Custom Audience. This allows you to receive interest-based advertisements as part of your visit to the social network Facebook.
The process of integrating your data from our mobile application with Facebook can be briefly described as follows: True-Fi application automatically establishes a brief direct connection to the Facebook server. Facebook receives the information that you have accessed via our mobile application. If you are registered with a service of Facebook, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that that Facebook will find out and store your IP address and other identifying features.
You can disable Facebook Custom Audinece by disabling this feature in your application settings.
For more information about the data processing through Facebook, please visit: https://www.facebook.com/about/privacy
The purpose of using the Facebook Custom Audience is to show you exactly the ads you may be interested in and make our product closer to you.
The legal bases for the processing of your data is our legal interests to raise our customer awareness about our products and services.
We will retain your personal data collected via our website and/or mobile application as long as it is necessary for communicating with you and for legitimate and essential business purposes, such as maintaining the performance of our products and services, making data-driven business decisions about new features and offerings, but not longer than five years.
Customers, potential customers and software users
To ensure the conclusion of the contract and the performance of the contract we may process the following personal data:
- your name, phone number, email address, postal address;
- computer ID (CID), IP, computer name, computer type, headphone name, headphone profile, microphone profile name, input/output device name and ID, calibration profile name;
- specific information, such as student or teacher certificate, personal identification number, educational establishment where you work or study, to get discounts offered by Sonarworks;
- payment information;
- data you provide to Sonarworks to be able to provide services, resolve issues;
- other information you have provided to us.
The purposes of the data processing collected prior to the conclusion of the contract or during the performance of the contract are:
- providing of products and services that you have requested and performing of deliveries in accordance with the Terms and Conditions and/or the End User License Agreement (“EULA”);
- communicate information that is relevant for our deliveries in particular and our customer relations in general;
- process orders, invoices, payments and perform financial follow-ups;
- carry out security activities, including detecting and preventing security threats and malicious use of our products and services;
- identifying users who have difficulties using the program;
- offer support for our products and services;
- carry out quality and risk management activities;
- administer, manage and develop our products and services and improve quality of our products, services by analyzing data;
- inform you about our products and services that are closely related to the products and services you already use or have tried to use;
- publish your review if your consent for that is received;
- comply with legal obligations we are subject to.
The legal basis for the processing your personal data for the purposes mentioned above mainly is to take steps at your request prior to entering into a contract and to ensure the performance of the contract.
Besides that, the legal basis is also our legitimate interests, namely, to ensure security conditions, to provide quality of our products and services, and to promote our business.
The legal basis for the processing of personal data for aforementioned purposes is necessity to comply with legal obligations that apply to us.
The data will be stored by us for as long as necessary to fulfil the contract as well as for a period after the fulfillment of the contractual obligations for commercial and tax purposes. This retention period is usually 10 years after the expiration of the contract or after the obligation according to applicable law has been performed.
Recipients of the personal data
Recipient of your personal data primarily is Sonarworks and its employees.
To be able to offer you the best possible services and remain competitive in our business, we share certain data with other organizations. As a result, personal data may be transferred outside the countries where we or data subject is located. This includes countries outside the European Union (“EU”).
We use contractual arrangements and security mechanisms as appropriate to protect the data and to comply with applicable laws including GDPR.
Where we transfer personal data outside the EU to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses. Please contact us to receive more detailed information about our processors!
Personal data processed by us may be transferred to:
- Third party organizations that provide applications/functionality, data processing or IT services to us or otherwise assist us in providing goods, services or information.
We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud based software as a service providers, identity management, website hosting and management, data analysis, data back-up, security and storage services, as well as organizations which provide us marketing activities or events and manage customer communications, prepare reports and statistics, printing materials and designing products, place advertisements on apps, websites and social media. Further details of these providers is included below.
|Google Ireland Limited||Data storage, App & website usage analytics, Advertising||Gordon House, Barrow Street, Dublin 4, Dublin, D04 E5W5 Data centres are located in a number of locations around the world (EU, Chile, Singapore, Taiwan, USA)|
|Amazon Web Service||Cloud data storage service||Amazon Web Services EMEA SARL, 5 rue Plaetis, L-2338 Luxembourg|
|Typeform S.L.||Survey platform used for Customer feedback collection||Bac de Roda 163, Barcelona 08018, Spain|
|Facebook Ireland Limited||Advertising||4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland|
|Mailchimp (The Rocket Science Group, LLC)||Email marketing||675 Ponce De Leon Ave NE Suite 5000 Atlanta, GA 30308 USA (EU-U.S. Privacy Shield)|
|Reviews.co.uk (Liquid New Media Ltd)||Customer reviews||29 St. Nicholas Place, Leicester LE1 4LD United Kingdom|
|Shopify Inc.||E-commerce store services||150 Elgin Street, 8th Floor Ottawa, Ontario K2P 1L4 Canada (Transfer on the basis of an adequacy decision)|
|Zendesk, Inc||Customer support platform services||1019 Market St., San Francisco, CA 94103 USA (EU-U.S. Privacy Shield)|
|SendOwl (Concept Den Limited)||Licence key sendout management||9th Floor, 107 Cheapside, London, EC2V6DN, United Kingdom|
|Zapier Inc.||Survey sendout automation||548 Market St #62411 San Francisco, CA 94104-5401|
|Slack Technologies Inc.||Customer review management||500 Howard St, San Francisco, CA 94105, USA (EU-U.S. Privacy Shield)|
|Hermes Financial Services, SIA||Card payment gateway services||Baznicas 45-1, Riga, LV-1010, Latvia|
|Animus Account, SIA||Accounting services||Ieriku 33-68, Riga, Latvia|
|PayPal (Europe) S.à.r.l. et Cie||Payment processing services||S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg|
- Auditors and professional advisers.
We may share your data with our auditors if it is necessary for the provision of audit, with professional advisers, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our business.
- Government authorities or other third parties as required by applicable law or regulation.
To comply with applicable law and regulatory obligations we may disclose data to the relevant authorities to check that we are complying with applicable law and regulation, for example supervisory authorities, tax authorities, judicial/investigative authorities such as police, public prosecutors, courts on their express and legal request.
In all of these cases, we ensure the third parties can only access personal data that is necessary for their specific tasks.
Individuals’ rights and how to exercise them
You as a data subject have certain rights over your personal data and we as a controllers are responsible for fulfilling these rights. Please see below further information about these rights, when they are available and how to exercise them.
Your right of access to personal data
You have the right to obtain a copy of your personal data as well as other supplementary information. It helps you to understand how and why we are using your data, and check we are doing it lawfully.
Your right to rectification / amendment of personal data
You have the right to request for your personal data to be amended or rectified where it is inaccurate (for example, if you change your name or address) and to have incomplete personal data completed.
Your right to erasure / right to be forgotten
You have the right to have personal data erased, but this right is not absolute and only applies in certain circumstances.
You have the right to have your personal data erased if:
- the personal data is no longer necessary for the purpose which we originally collected or processed for;
- we are relying on consent as legal basis for holding the data, and you withdraw your consent;
- we are relying on legitimate interests as legal basis for processing, and you object to the processing of your data, and there is no overriding legitimate interest to continue this processing;
- we are processing the personal data for direct marketing purposes and you object to that processing;
- your personal data have been processed unlawfully;
- your personal data must be erased to comply with a legal obligation which we are subject to.
Your right to restrict processing
You have the right to restrict the processing of your personal data, that is, to limit the way that we use your data, in the following circumstances:
- for a period enabling us to verify the accuracy of your personal data where you have contested the accuracy of the personal data;
- the data has been unlawfully processed and you request restriction instead of erasure;
- when your personal data are no longer necessary in relation to the purposes for which they were collected and processed you can request restriction to establish, exercise or defend legal claims;
- for a period enabling us to verify whether the legitimate interests relied on by us override your interests where you have objected to the processing based on legitimate interests.
Your right to object to processing
The right to object to processing allows you to ask us to stop processing your personal data.
You have the absolute right to object to the processing of your personal data if it is for direct marketing purposes.
You have the right to object to the processing of your personal data also when there are other legitimate interests for processing, but then we have to verify whether your interests override the legitimate interests relied on by us.
Your right to data portability
The right to data portability gives you the right to receive your personal data you have provided to us in a structured, commonly used and machine readable format. It also gives you the right to request that we transmit this data directly to another controller.
The right to data portability only applies when:
- legal basis for processing these personal data is consent or for the performance of a contract;
- we are carrying out the processing by automated means.
Your right to withdraw consent
Where we process personal data based on your consent, you have the right to withdraw consent at any time in the form indicated at the time of giving consent or by sending an e-mail to: firstname.lastname@example.org.
Your right to lodge a complaint
If you have complaint on how we use your personal data, please contact us via email: email@example.com. We will review and respond to all complaints received.
You also have the right to lodge a complaint with the supervisory authority in your country of residence, place of work or the country in which an alleged infringement of data protection law has occurred. The data protection supervisory authority in the Republic of Latvia is the Data State Inspectorate, contact information:
Blaumana Street 11/13-11,
Riga, LV-1011, Latvia
Phone: +371 67 223 131
web page: www.dvi.gov.lv
How to contact us
If you have any questions, comments, complaints or suggestions in relation to data protection or this Privacy Statement, or any other concerns about the way in which we process information about you, please contact us:
Address: Smerla Street 3, Riga, LV-1006, Latvia.
Phone: +371 67 223 131
Scope of the Privacy Statement
We may amend Privacy Statement to remain compliant with any changes in law and/or to reflect changes in the processing of personal data by us.
The Privacy Statement was last updated on 02/05/2019.