This statement informs you about the processing of your data within our online services, including our websites, features, content, and social media profiles. For terms such as "processing" or "data controller", refer to Art. 4 of the General Data Protection Regulation (GDPR).
7901 4th St N Ste 300
St. Petersburg, FL. US 33702
United States of America
contact (at) forward-audio (dot) com
Imprint: Click here for the imprint
According to legal requirements in Germany, data is stored especially for 10 years in accordance with §§ 147 paragraph 1 AO, 257 paragraph 1 No. 1 and 4, paragraph 4 HGB (books, records, reports, booking receipts, trade books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 paragraph 1 No. 2 and 3, paragraph 4 HGB (business letters). According to legal requirements in Austria, storage is particularly carried out for 7 years according to § 132 paragraph 1 BAO (accounting documents, receipts/invoices, accounts, records, business papers, income and expenditure statements, etc.), for 22 years in relation to real estate, and for 10 years for documents related to electronically provided services, telecommunications, broadcasting, and television services provided to non-entrepreneurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is used.
Introduction
Forward Audio is a US-based Limited Liability Company (LLC). We are committed to maintaining the high data protection standards set by the General Data Protection Regulation (GDPR) for all our customers worldwide, including those outside the EU.
Data Controller
Seidel-Smart Solutions LLC7901 4th St N Ste 300
St. Petersburg, FL. US 33702
United States of America
contact (at) forward-audio (dot) com
Imprint: Click here for the imprint
EU Representative
As required by Article 27 of the GDPR, we have appointed an EU representative: Daniel Seidel
contact (at) forward-audio (dot) com
Data Categories
- Inventory data (e.g., names, addresses)
- Contact information (e.g., email, phone)
- Content data (e.g., texts, photos, videos)
- Usage data (e.g., visited pages, interests)
- Meta/communication data (e.g., device info, IP addresses)
Affected Individuals
Visitors and users of our online services (also referred to as "users").Purposes of Processing
- Provision of our online services
- Responding to inquiries and user communications
- Security measures
- Marketing and reach measurement
Definitions Used
“Personal Data” refers to all information related to an identified or identifiable individual (hereafter “subject”). An individual is deemed identifiable if they can be identified directly or indirectly, particularly by association with an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie), or one or more specific characteristics expressing the physical, physiological, genetic, psychological, economic, cultural, or social identity of that individual. “Processing” encompasses any operation or set of operations which is performed on personal data, with or without the aid of automated processes. This definition is broad and virtually covers any interaction with data. “Pseudonymization” is the processing of personal data in such a manner that the data can no longer be attributed to a specific subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable individual. “Profiling” refers to any form of automated processing of personal data that involves using said data to evaluate certain personal aspects relating to an individual, especially to analyze or predict aspects concerning that individual’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements. The term “Controller” refers to the natural or legal person, authority, institution, or other body that alone or jointly with others determines the purposes and means of processing personal data. A “Processor” is a natural or legal person, authority, institution, or other body processing personal data on behalf of the controller.Relevant Legal Bases
In accordance with Art. 13 GDPR, we inform you of the legal basis for our data processing. If not specified in the privacy statement, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and execution of contractual measures as well as for answering requests is Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to safeguard our legitimate interests is Art. 6 para. 1 lit. f GDPR. In the event that vital interests of the subject or another individual require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.Security Measures
In accordance with Art. 32 GDPR, considering the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of individuals, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. These measures particularly include ensuring the confidentiality, integrity, and availability of data by controlling the physical access to the data as well as access, input, transmission, ensuring availability, and data separation. Furthermore, we've established procedures to guarantee the exercise of data subject rights, data deletion, and response to data breaches. Moreover, we take into account the protection of personal data during the development or selection of hardware, software, and processes, in line with the principles of data protection through technology design and privacy-friendly default settings (Art. 25 GDPR).Collaboration with Contracted Processors and Third Parties
Whenever we disclose data to other individuals and companies (contracted processors or third parties), transfer data to them, or provide them with access to the data within the scope of our processing activities, this only occurs based on legal permission (e.g., if transferring data to third parties, such as payment service providers, is required for contract fulfillment according to Art. 6 Para. 1 lit. b GDPR), you have consented, there's a legal obligation, or due to our legitimate interests (e.g., when employing agents, web hosts, etc.). If we task third parties with processing data based on a so-called "contract processing agreement", this is done on the basis of Art. 28 GDPR.Transfers to Third Countries
As a US-based company, data may be processed in the United States. However, we ensure that all data processing, regardless of location, adheres to GDPR standards. We implement appropriate safeguards, such as standard contractual clauses, to protect data transfers.
Rights of the Affected Individuals
You have the right to request confirmation as to whether relevant data is being processed and to receive information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR. According to Art. 16 GDPR, you have the right to demand completion or correction of incorrect data related to you. In accordance with Art. 17 GDPR, you have the right to demand that relevant data be deleted immediately or, alternatively, to request a restriction on the processing of the data under Art. 18 GDPR. You have the right to request the data related to you that you have provided us, in accordance with Art. 20 GDPR, and demand its transfer to other responsible parties. Furthermore, under Art. 77 GDPR, you have the right to file a complaint with the competent supervisory authority.While we apply GDPR standards globally, US customers may also have rights under applicable US privacy laws. For more information, US customers can contact their local data protection authority.
Right of Revocation
You have the right to revoke given consents according to Art. 7 Para. 3 GDPR, effective for the future.Right of Objection
At any time, you can object to the future processing of data related to you in accordance with Art. 21 GDPR. The objection can be made especially against processing for direct advertising purposes.Cookies and Right to Object to Direct Advertising
"Cookies" are small files stored on users' computers. Different data can be stored within cookies. Primarily, a cookie serves to store user (or the device on which the cookie is stored) information during or after their visit within an online service. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online service and closes their browser. In such cookies, for example, the contents of a shopping cart in an online store or a login status can be stored. "Permanent" or "persistent" cookies remain stored even after the browser is closed. For example, the login status can be saved when users visit after several days. Similarly, user interests, used for reach measurement or marketing purposes, can be stored in such a cookie. "Third-party cookies" are cookies offered by providers other than the person responsible for the online service (otherwise, if it's just their cookies, it's called "first-party cookies"). We may use temporary and permanent cookies and provide information about this in our privacy policy. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. Excluding cookies may lead to functional restrictions of this online service. A general objection to cookies used for online marketing purposes can be declared for many services, especially in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Additionally, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that not all functions of this online service may be available.Data Erasure
Data processed by us will be deleted or restricted in processing in accordance with Art. 17 and 18 DSGVO. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal retention obligations. If the data is not deleted because they are required for other legally permissible purposes, their processing will be restricted. This means the data will be locked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons. Although we are a US-based LLC, we respect and adhere to relevant European laws due to our international customer base. For our customers in Germany and Austria, the following legal provisions apply in addition to our standard practices:According to legal requirements in Germany, data is stored especially for 10 years in accordance with §§ 147 paragraph 1 AO, 257 paragraph 1 No. 1 and 4, paragraph 4 HGB (books, records, reports, booking receipts, trade books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 paragraph 1 No. 2 and 3, paragraph 4 HGB (business letters). According to legal requirements in Austria, storage is particularly carried out for 7 years according to § 132 paragraph 1 BAO (accounting documents, receipts/invoices, accounts, records, business papers, income and expenditure statements, etc.), for 22 years in relation to real estate, and for 10 years for documents related to electronically provided services, telecommunications, broadcasting, and television services provided to non-entrepreneurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is used.
US Privacy Laws
As a US-based company, we also comply with applicable US privacy laws. For customers residing in states with specific privacy regulations, such as California (under the California Consumer Privacy Act - CCPA), the following additional rights may apply:
- The right to know about the personal information we collect about you and how it is used and shared;
- The right to delete personal information collected from you (with some exceptions);
- The right to opt-out of the sale of your personal information; and
- The right to non-discrimination for exercising your CCPA rights.
Residents of other US states may have similar rights under their respective state laws. If you are a US resident and wish to exercise any of these rights, please contact us using the information provided in the "Data Controller" section.
Please note that while we strive to provide the same high level of privacy protection to all our users globally, specific rights under US laws may only be applicable to residents of the respective states. For all users, we maintain our commitment to the stringent standards set by the GDPR.
Registration Function
Users can create a user account. During registration, the required mandatory information is communicated to the users and processed based on Art. 6 paragraph 1 lit. b DSGVO for the purpose of providing the user account. The data processed includes login information (name, password, and email address). The data entered during registration is used for the purposes of using the user account and its purpose. Users can be informed by email about information relevant to their user account, such as technical changes. If users have terminated their user account, their data related to the user account will be deleted, subject to any statutory retention obligations. It is the users' responsibility to secure their data after termination before the end of the contract. We are entitled to irretrievably delete all data stored by the user during the contract period. During the use of our registration and login functions as well as the use of the user account, we save the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user's interest in protection against misuse and other unauthorized use. This data is generally not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation in accordance with Art. 6 paragraph 1 lit. c DSGVO. IP addresses are anonymized or deleted after a maximum of 7 days.Comments and Contributions
When users leave comments or other contributions, their IP addresses can be stored for 7 days based on our legitimate interests as per Art. 6 paragraph 1 lit. f DSGVO. This is for our security in case someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we could be held liable for the comment or post and are therefore interested in the identity of the author. Furthermore, we reserve the right to process user details for spam detection based on our legitimate interests in accordance with Art. 6 paragraph 1 lit. f DSGVO. On the same legal basis, we reserve the right to store the IP addresses of users for the duration of surveys and to use cookies to avoid multiple votes. The data provided in the context of comments and contributions will be stored by us permanently until the users object.Comment Subscriptions
Follow-up comments can be subscribed to by users with their consent in accordance with Art. 6 paragraph 1 lit. a DSGVO. Users will receive a confirmation email to verify that they are the owner of the entered email address. Users can cancel ongoing comment subscriptions at any time. The confirmation email will contain information on the revocation options. For the purposes of proving the user's consent, we store the registration time together with the user's IP address and delete this information when users unsubscribe from the subscription. You can cancel our subscription at any time, i.e., revoke your consent. We can store the deleted email addresses for up to three years based on our legitimate interests before we delete them to be able to prove a previously given consent. The processing of this data is limited to the purpose of potentially fending off claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.Contacting Us
When you contact us (e.g., via contact form, email, phone, or through social media), the user's details are processed for handling the contact request according to Art. 6 Abs. 1 lit. b) GDPR. User information might be stored in a Customer Relationship Management System ("CRM System") or a similar request organization. We delete the requests when they're no longer necessary. We check the necessity every two years. Moreover, legal archiving obligations apply.Newsletter
With the following information, we inform you about the contents of our newsletter as well as the sign-up, dispatch, and the statistical evaluation processes, and your objection rights. By subscribing to our newsletter, you agree to receive it and to the processes described. Content of the newsletter: We send newsletters, emails, and other electronic notifications containing marketing information (hereinafter "newsletters") only with the recipient's consent or a legal permit. If the contents of a newsletter are specifically described upon subscription, they are decisive for user consent. Otherwise, our newsletters contain information about our services and us. Double Opt-In and logging: Subscribing to our newsletter is based on a so-called double opt-in procedure. After subscribing, you will receive an email asking you to confirm your subscription. This confirmation is necessary to prevent anyone from registering with someone else's email address. Newsletter subscriptions are logged to prove the subscription process complies with legal requirements. This includes storing the subscription and confirmation time, as well as the IP address. Changes to your data stored with the dispatch service provider are also logged. Sign-up data: To subscribe to the newsletter, all you need to provide is your email address. Optionally, we request a name for personal communication in the newsletter. Sending the newsletter and the performance measurement associated are based on the recipient's consent in accordance with Art. 6 Abs. 1 lit. a, Art. 7 GDPR, or if consent isn't necessary, on our legitimate interests in direct marketing in accordance with Art. 6 Abs. 1 lt. f. GDPR. The logging of the subscription process is based on our legitimate interests according to Art. 6 Abs. 1 lit. f GDPR. We aim to use a user-friendly and secure newsletter system that serves both our business interests and meets user expectations and also allows us to prove consents. Termination/Revocation - You can cancel our newsletter subscription at any time, i.e., revoke your consents. A link to cancel the newsletter is found at the end of each newsletter. We might save the unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to provide evidence of prior consent. Processing this data is limited to the purpose of potential claims. An individual request for erasure is possible at any time, provided that the former existence of consent is confirmed.Collection of Access Data and Log Files
We, or our hosting provider, collect data about each server access based on our legitimate interests within the meaning of Art. 6 Abs. 1 lit. f. GDPR. Access data includes the name of the accessed website, file, date and time of access, transferred data volume, report on successful retrieval, browser type along with its version, the user's operating system, referrer URL (previously visited page), IP address, and the requesting provider. Log file information is stored for security reasons (e.g., to investigate abusive or fraudulent activities) for a maximum duration of 7 days and then deleted. Data that needs further retention for evidential purposes is exempt from deletion until the incident's final clarification.Audience Measurement with Matomo
As part of the audience analysis of Matomo, based on our legitimate interests (i.e., interest in the analysis, optimization, and economical operation of our online offering according to Art. 6 Sec. 1 lit. f. GDPR) the following data is processed: the browser type and version you use, your operating system, your country of origin, date and time of the server request, number of visits, your duration on the website, and the external links you clicked on. User IP addresses are anonymized before they're stored. Matomo uses cookies stored on the user's computer to enable an analysis of the use of our online service by users. From this processed data, pseudonymous user profiles can be created. The cookies have a storage duration of one week. The information generated by the cookie about your use of this website is only stored on our server and not passed on to third parties. Users can object to the anonymous data collection by the Matomo program at any time for the future by clicking on the link below. In this case, an opt-out cookie will be stored in their browser, which means that Matomo will not collect any session data. However, if users delete their cookies, the opt-out cookie is also deleted and must be reactivated by the users. The logs with user data will be deleted after at most 6 months.Inspectlet
This website uses "Inspectlet," a web analytics service provided by Inspectlet Inc based in California, USA. Inspectlet uses cookies stored on your computer to analyze your user behavior and your use of the website (e.g., which content you click on the site). However, Inspectlet does not collect your IP address. Inspectlet processes the data collected by the cookie on our behalf to evaluate user behavior on our website and to provide us with reports on the use of our website. Personal data collected by Inspectlet may be transferred to an Inspectlet server in the USA. In case of such a transfer, we will ensure that Inspectlet maintains a data protection level equivalent to that in the EU according to Art.44 ff. GDPR; otherwise, data transfer is based on Art.28 GDPR. You can object to the collection, processing, and recording of your personal data by Inspectlet at any time by following the instructions at http://www.inspectlet.com/optout. This will store an opt-out cookie on your device. If you delete the cookies on your device, you need to follow the instructions at the aforementioned link again to deactivate Inspectlet. More information on data protection by Inspectlet can be found on Inspectlet's website at https://www.inspectlet.com/legal#privacy. We use Inspectlet to analyze the use of the website and to continually improve and make our website more user-friendly. This optimization also requires statistical information about the use of the website. The basis for the use of Inspectlet is Art.6 Sec.1 S.1 lit.f) GDPR. Our legitimate interest pursued is the ongoing improvement and development of our website.Online Presence in Social Media
We maintain online presences within social networks and platforms to communicate with customers, prospects, and users active there and to inform them about our services. When accessing these networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in our privacy policy, we process user data when they communicate with us on social networks and platforms, e.g., when they post on our online presences or send us messages.Integration of Third-Party Services and Content
Within our online offerings, based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offerings as per Art. 6 Abs. 1 lit. f. GDPR), we use content or service offers from third-party providers to integrate their content and services, such as videos or fonts (collectively referred to as "content"). This always presupposes that third-party providers of this content perceive the IP address of the users since without the IP address, they could not send the content to the users' browser. The IP address is therefore necessary for the display of this content. We strive to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. Through the "pixel tags", information such as the visitor traffic on the pages of this website can be evaluated. The pseudonymous information can also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring web pages, visit time, and other details about the use of our online offerings, as well as being linked with such information from other sources.YouTube
We embed videos from the platform “YouTube” provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.Google Fonts
We embed fonts ("Google Fonts") provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.Google ReCaptcha
We integrate the function to detect bots, e.g., when entering online forms ("ReCaptcha") provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
This privacy policy was last updated on 09/01/24.