Musik på Österlen

site logo without text

Petronella Torin

Cellist, Teacher & Mental Trainer

Privacy Policy

Last updated: June 2025

1. Introduction

Welcome to musikosterlen.se (“we,” “our,” or “us”). We are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you visit and use our website.

This policy complies with the European Union’s General Data Protection Regulation (GDPR) and Swedish data protection laws.

2. Data Controller

musikosterlen.se
Bassarydsvägen 7
27295 Simrishamn
Sweden
Email: [email protected]

3. What Information We Collect

3.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number when you contact us
  • Account Information: Username, password, and profile information if you create an account
  • WooCommerce Store Data: Billing and shipping addresses, payment information, order history when making purchases
  • Booking Information: Personal details, preferences, and special requests when booking music lessons or services through Amelia Booking
  • Communication Data: Messages, feedback, or inquiries you send to us
  • Newsletter Subscriptions: Email address when you subscribe to our newsletter
  • Event Registration: Information provided when registering for music events or concerts

3.2 Information Collected Automatically

  • Technical Data: IP address, browser type and version, operating system, device information
  • Usage Data: Pages visited, time spent on site, referring websites, search terms, collected via Google Analytics
  • WooCommerce Analytics: Shopping behavior, cart abandonment data, product preferences
  • Booking Analytics: Appointment patterns, service preferences via Amelia Booking system
  • Cookie Data: Information collected through cookies and similar tracking technologies

3.3 Third-Party Information

  • Social Media: Information from social media platforms if you interact with us or log in through social media
  • Analytics Data: Aggregated data from analytics services like Google Analytics

4. How We Use Your Information

We process your personal data for the following purposes:

4.1 Legal Basis: Legitimate Interest

  • Providing and improving our website services
  • Processing e-commerce transactions through WooCommerce
  • Managing booking appointments via Amelia Booking system
  • Analyzing website usage and performance through Google Analytics
  • Preventing fraud and ensuring website security
  • Communicating about our music services and events

4.2 Legal Basis: Consent

  • Sending marketing emails and newsletters via Mailgun
  • Using non-essential cookies and tracking technologies
  • Google Analytics tracking (beyond basic functionality)
  • Sharing content on social media platforms

4.3 Legal Basis: Contract Performance

  • Processing orders and payments through WooCommerce
  • Managing booking appointments and schedules via Amelia Booking
  • Providing customer support services
  • Managing user accounts and profiles
  • Delivering purchased products or booked services

4.4 Legal Basis: Legal Obligation

  • Complying with Swedish and EU legal requirements
  • Maintaining records for tax and accounting purposes
  • Responding to legal requests from authorities

5. Data Sharing and Recipients

We may share your personal data with:

5.1 Service Providers

  • Web hosting providers – Hostinger (website infrastructure)
  • Mailgun (email delivery service for transactional and marketing emails)
  • Google Analytics (website analytics and performance tracking)
  • WooCommerce/WordPress (e-commerce platform and content management)
  • Amelia Booking (appointment booking and scheduling system)
  • Payment processors for WooCommerce transactions (Stripe, PayPal, etc.)
  • Customer support platforms

5.2 Business Partners

  • Music venues and event organizers
  • Other music-related service providers
  • Marketing partners (with your consent)

5.3 Legal Requirements

  • Law enforcement agencies when legally required
  • Regulatory authorities in Sweden and the EU
  • Legal advisors and auditors

We never sell your personal data to third parties.

6. International Data Transfers

Some of our service providers may be located outside the EU/EEA. When we transfer your data internationally, we ensure adequate protection through:

Specific Third-Party Data Transfers:

  • Google Analytics: Data may be transferred to the United States under Google’s compliance with EU-US adequacy mechanisms
  • Mailgun: Operates under appropriate safeguards for international data transfers
  • WooCommerce/Automattic: May process data internationally with appropriate safeguards
  • Payment Processors: May transfer data globally following industry security standards

We ensure protection through:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules or certification schemes

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Contact inquiries: 3 years after last communication
  • Newsletter subscriptions: Until you unsubscribe (managed via Mailgun)
  • WooCommerce order data: 7 years for tax and accounting compliance
  • Amelia booking records: 3 years after service completion
  • Google Analytics data: 26 months (Google Analytics default retention)
  • Account information: Until account deletion
  • Legal compliance: As required by Swedish law (typically 7 years for financial records)

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

8.1 Right of Access

Request a copy of the personal data we hold about you.

8.2 Right to Rectification

Request correction of inaccurate or incomplete personal data.

8.3 Right to Erasure (“Right to be Forgotten”)

Request deletion of your personal data under certain circumstances.

8.4 Right to Restrict Processing

Request limitation of how we process your personal data.

8.5 Right to Data Portability

Request transfer of your data to another service provider.

8.6 Right to Object

Object to processing based on legitimate interests or for direct marketing.

8.7 Right to Withdraw Consent

Withdraw consent for processing activities that require consent.

8.8 Right to Lodge a Complaint

File a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten).

To exercise your rights, contact us at: [email protected]

9. Third-Party Services

We use several third-party services that process your personal data. Here are the details:

9.1 WooCommerce (E-commerce Platform)

Purpose: Online store functionality, order processing, payment handling
Data Processed: Customer information, order details, payment data, shopping behavior
Data Controller: Automattic Inc. (WooCommerce parent company)
Privacy Policy: https://automattic.com/privacy/
Legal Basis: Contract performance, legitimate interest

9.2 Amelia Booking (Appointment Scheduling)

Purpose: Managing music lesson bookings, appointment scheduling
Data Processed: Customer details, appointment preferences, booking history, payment information
Data Controller: TMS Outsource
Privacy Policy: https://wpamelia.com/privacy-policy/
Legal Basis: Contract performance, legitimate interest

9.3 Google Analytics (Website Analytics)

Purpose: Website performance analysis, user behavior tracking
Data Processed: IP addresses (anonymized), browser information, page views, user interactions
Data Controller: Google LLC
Privacy Policy: https://policies.google.com/privacy
Opt-out: You can opt-out using Google’s browser add-on or our cookie settings
Legal Basis: Legitimate interest, consent for enhanced features

9.4 Mailgun (Email Service)

Purpose: Transactional emails, newsletter delivery, email marketing
Data Processed: Email addresses, email content, delivery statistics
Data Controller: Mailgun Technologies, Inc.
Privacy Policy: https://www.mailgun.com/privacy-policy/
Legal Basis: Contract performance (transactional emails), consent (marketing emails)

Important: Each service has its own privacy policy and data processing practices. We recommend reviewing their policies for complete information about how they handle your data.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Ensure website functionality (WooCommerce shopping cart, user sessions)
  • Analyze website performance (Google Analytics)
  • Manage bookings and appointments (Amelia Booking system)
  • Remember your preferences and settings
  • Process e-commerce transactions securely

10.1 Types of Cookies

  • Strictly Necessary: Required for website operation (WooCommerce cart, user authentication)
  • Performance: Google Analytics cookies to understand visitor behavior
  • Functional: Remember your preferences, booking history, and settings
  • WooCommerce: Shopping cart contents, checkout process, customer account functionality
  • Amelia Booking: Appointment scheduling, customer preferences, booking history

You can manage cookie preferences through your browser settings or our cookie consent banner. Note that disabling certain cookies may affect website functionality, particularly for shopping and booking features.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for data transmission
  • Secure payment processing through WooCommerce and certified payment providers
  • Regular security updates and patches for all systems
  • Access controls and authentication
  • Regular backup procedures
  • Staff training on data protection
  • Secure data storage with our third-party service providers

Third-Party Security: Our service providers (WooCommerce, Amelia Booking, Google Analytics, Mailgun) maintain their own security standards and certifications. We select providers that demonstrate appropriate security measures and GDPR compliance.

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

12. Children’s Privacy

Our website is not directed at children under 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying a notice on our homepage

The “Last updated” date at the top indicates when changes were made.

14. Contact Information

For questions about this Privacy Policy or our data practices, contact us:

Email: [email protected]
Address: Bassarydsvägen 7, 27295 Simrishamn, Sweden

Swedish Authority for Privacy Protection
Box 8114
104 20 Stockholm
Sweden
Phone: 08-657 61 00
Website: www.imy.se