DistroKid Privacy Policy Last Updated October 2019 Welcome to DistroKid, a service provided by Kid Distro Holdings, LLC (dba DistroKid) (“DistroKid,” “we,” “us,” or “our”). DistroKid provides a digital music distribution service which distributes music through online stores and streaming services on behalf of its customers and collects and distributes the related earnings. This Privacy Policy explains how we collect, disclose and otherwise process Personal Data (defined below) when you use our website (the “Site”) and all related sites, widgets, tools, data, software, APIs and other services provided by DistroKid (together with the Site, “Service”), and your choices concerning our data practices. “You” or “your”, as used in this Privacy Policy, refers to the individual to whom Personal Data relates. Please read this Privacy Policy before using our Service or submitting any Personal Data to DistroKid and contact us if you have any questions. 1. INFORMATION WE COLLECT When you use our Service or otherwise interact with us, we collect information that alone or in combination with other information could be used to identify you (“Personal Data”) as follows: Account Creation: If you wish to register for the Service, you will need to provide us with certain Personal Data, such as your name, email address, password, postal address, phone number and credit card information (for more information, please see the “Payment Information” section below). We will also collect information about how you categorize yourself with respect to your content (for example, whether you are a musician, a label or some other category of creator). Moreover, we collect the music you upload in order to provide the Service to you as well as any biography/profile information (including profile photos) you would like associated with your music at online stores and streaming services. Information You Provide Through Our Support Channels: If you contact customer service or otherwise communicate with us by email or otherwise, we may collect Personal Data related to those communications, including the contents of the communications and the data and time they occurred. Payment Information: In order for us to pay your royalties to you, we will need to collect your PayPal ID and certain tax information. When you pay for our Service, we collect certain billing information through our payment processor Stripe, Inc. (“Stripe”), such as billing address, payment card details, and bank account information. Accordingly, in addition to this Privacy Policy and our Terms of Service, Personal Data related to the payments you make through the Service are also processed according to Stripe’s services agreement and privacy policy. Personal Data Relating to Fans: One aspect of the Service allows musicians and content creators registered to the Service to communicate with and better understand their fans. Accordingly, if you are a fan of one of our musician and content creator customers, we may collect your email address from online stores and streaming services if you follow or otherwise interact with our musician and content creator customers, so they can keep you posted on their news, events and other updates. Social Media Pages: We have pages on social media sites like Instagram, Facebook, Twitter, and YouTube (“Social Media Pages”). When you interact with our Social Media Pages, we will collect Personal Data that you elect to provide to us through your settings on the Social Media Site, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages. Use of the Site: When you visit, use and interact with the Site, we may receive certain information about your visit, use or interactions. For example, we may monitor the number of people that visit our Site, peak hours of visits, which page(s) are visited on our Site, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access and visit our Site (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and Site-navigation pattern. In particular, the following information is created and automatically logged in our systems:
  • Log data: Information that your browser automatically sends whenever you visit the Site (“log data”). Log data includes your Internet Protocol (“IP”) address (which we collect for security reasons), browser type and settings, the date and time of your request, and how you interacted with the Site.
  • Cookies: Please see the “Cookies” section below to learn more about how we use cookies.
  • Device information: Includes name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings.
  • Usage Information: Information about how you use our Site, including statistical usage data derived from the operation of our Site, filtering choices and information regarding the performance results for the Site.
2. HOW WE USE PERSONAL DATA We use Personal Data to provide the Service, including uploading your music to online stores and streaming services, sending accounting statements to you, and paying you the royalties you are owed. This processing is necessary to perform our contract with you. We also use Personal Data as necessary for the following legitimate business interests:
  • To respond to your inquiries, comments, feedback or questions;
  • To manage our relationship with you as a customer or user of our Service, which includes sending administrative information to you relating to our Service and changes to our terms, conditions, and policies, and asking you to leave a review or take a survey;
  • To allow our musician and content creator customers to communicate with and better understand their fans, by permitting our customers to receive email addresses of their followers or fans, so they can keep fans updated with news, events and other updates;
  • To analyze how you interact with our Service and provide, maintain and improve the content and functionality of the Service and our customer relationships and experiences, develop our business and inform our marketing strategy (please see the “Cookies” section below to learn how we use cookies);
  • To administer and protect our business and the Site, prevent fraud, criminal activity, or misuses of our Site, and to ensure the security of our IT systems, architecture and networks (including troubleshooting, testing, system maintenance, support and hosting of data); and
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or other third parties, and recover debts due to us.
For information about what we mean by legitimate interests and the rights of individuals in the European Union (“EU”), please see the “EU Users” section below. Marketing. We may contact you to provide information we believe will be of interest to you. For instance, if you elect to provide your email address, we may use that information to send you promotional information about our products and services. If we do, where required by law, for example if you are in the EU, we will only send you such emails if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving emails by following the instructions contained in each promotional email we send you or by contacting us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications but we will continue to contact you regarding our Site and Services and to respond to your requests. 3. HOW WE SHARE AND DISCLOSE PERSONAL DATA In certain circumstances we may share your Personal Data with third parties without further notice to you, unless required by the law, as set forth below:
  • Vendors: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with service providers, including hosting, cloud or other information technology services; marketing service providers; payment processors; customer support providers; and web analytics services. Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us.
  • Online Stores and Streaming Services: we distribute the music and any related information like titles, descriptions, and album art that you upload to the Service to the online stores and streaming services of your choice.
  • Fans: if you follow one of our musician or content creator customers through an online store or streaming service, we may provide your email address to the musician or content creator that you follow.
  • Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.
  • Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (i) comply with legal or regulatory obligations, or other lawful requests by public authorities, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Site, or the public, or (v) protect against legal liability.
  • With Your Consent: We may share your Personal Data where we obtain your consent to do so, such as to connect you with a record label.
4. DATA RETENTION We keep Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer. If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies. To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. 5. UPDATE YOUR INFORMATION If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us at support@distrokid.com. We will address your request as required by applicable law. 6. CALIFORNIA PRIVACY RIGHTS DISCLOSURES Online Tracking and Do Not Track Signals: We may, and we may allow third party service providers to, use cookies or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Site. Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will describe how we do so in this Privacy Policy. California Civil Code Section § 1798.83 permits users of our Site that are California residents to request the categories of Personal Data we disclosed to third parties for their direct marketing purposes in the year preceding the request, the names and addresses of such third parties, and, in certain circumstances, examples of the products or services marketed by such third parties. These requests may be made once per year. To make such a request, please email us at support@distrokid.com or write us at: 34 Third Ave #183 New York, NY 10003 7. CHILDREN Our Service is not directed to children who are under the age of 13. DistroKid does not knowingly collect Personal Data from children under the age of 13. If you have reason to believe that a child under the age of 13 has provided Personal Data to DistroKid through the Service please contact us and we will endeavor to delete that information from our databases. 8. EU USERS Scope. This section applies to individuals in the EU (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, to the extent applicable, Switzerland). Data Controller. We are the data controller for Personal Data described in this Privacy Policy. You can find our contact information, and the contact information of our EU-based representative, in the “Contact Us” section below. Legal Bases for Processing. This Privacy Policy (the paragraph “How We Use Personal Data”) describes the legal bases we rely on for the processing of your Personal Data. Please contact us if you have any questions about the specific legal basis we are relying on to process your Personal Data. As used in this Privacy Policy, “legitimate interests” means our interests in conducting our business and developing a business relationship with you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law. Your Rights. Pursuant to the EU General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:
  • Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to erasure: You may ask us to delete or remove your Personal Data, such as where you withdraw your consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by automated means. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
  • Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:
    • If we are relying on a legitimate interest to process your Personal Data -- unless we demonstrate compelling legitimate grounds for the processing or we need to process your data in order to establish, exercise, or defend legal claims;
    • If we are processing your Personal Data for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above);
  • Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns (generally, the data protection authority of the country in which you are located).
Please see the “Contact Us” section below for information on how to exercise your rights. Data Transfers. We rely on our EU-U.S. and Swiss-U.S. Privacy Shield certification to transfer Personal Data that we receive from the EU and Switzerland to DistroKid in the U.S. (for more information, please read the “Privacy Shield” section below). 9. PRIVACY SHIELD DistroKid complies with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (“Frameworks”) as set forth by the U.S. Department of Commerce regarding the processing of Personal Data transferred from the EU and Switzerland to the U.S. (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway). DistroKid has certified that it adheres to the Privacy Shield Principles (described below). If there is any conflict between the policies in this Privacy Policy and the EU or Swiss Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Frameworks and to view our certification page, please visit https://www.privacyshield.gov/. General. We rely on our Privacy Shield certification to transfer Personal Data that we receive from the EU and Switzerland to DistroKid in the U.S. and we process such Personal Data in accordance with the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability (“Privacy Shield Principles”), as described below. Notice and Choice. This Privacy Policy provides notice of the Personal Data collected and transferred under the Privacy Shield and the choice that you have with respect to such Personal Data. It also provides information about other Privacy Shield Principles that are set forth below. Accountability for Onward Transfers. We may be accountable for the Personal Data we receive under the Privacy Shield that we may transfer to third-party service providers (described in the section “How We Share and Disclose Personal Data” above). If such service providers process Personal Data in a manner inconsistent with the Privacy Shield Principles, we are responsible for the harm caused. Security. We maintain security measures to protect Personal Data as described in the “Security” section of this Privacy Policy. Data Integrity and Purpose Limitation. We take reasonable steps to ensure that Personal Data is reliable for its intended use, and that it is accurate, complete and current for as long as we retain it. Our data retention practices are described in the “Data Retention” section of this Privacy Policy. Access. EU users have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. Please see the “Your Rights” section above for more information on the rights of users in the EU (and, to the extent applicable, users in Switzerland). Recourse, Enforcement, Liability. In compliance with the Privacy Shield Principles, DistroKid commits to resolve complaints about our processing of your Personal Data. EU and Swiss users with inquiries or complaints regarding this Private Shield Policy should first contact DistroKid as follows:
  • Email: support@distrokid.com
  • Attention: Privacy Shield
  • Postal Mail: 34 Third Avenue #183, New York, NY 10003
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction. We are subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to Personal Data received or transferred pursuant to the Frameworks. 10. LINKS TO OTHER WEBSITES The Site may contain links to other websites not operated or controlled by DistroKid, including social media services (“Third Party Sites”). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies. 11. COOKIES We and our partners use cookies to operate and administer our Site, make it easier for you to use the Site during future visits, and gather usage data on our Site. For more information about the cookies used on our Site, please refer to our Cookie Policy, which forms part of this Privacy Policy. 12. SECURITY You use the Service at your own risk. We comply with industry standards to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Data to DistroKid via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites. 13. YOUR CHOICES Whether or not you provide Personal Data to us is completely up to you, but if you choose not to provide information that is needed to use some features of our Site, you may be unable to use those features. You can also contact us to request access to your data or to ask us to update, correct, or delete your Personal Data. 14. CHANGES TO THE PRIVACY POLICY The Service, and our business may change from time to time. As a result we may change this Privacy Policy at any time. When we do we will post an updated version on this page, unless another type of notice is required by the applicable law. By continuing to use our Service or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you if applicable, you consent to the revised Privacy Policy and practices described in it. 15. CONTACT US If you have any questions about our Privacy Policy or the information practices of the Site, please feel free to contact us at support@distrokid.com. Pursuant to Article 27 of Europe’s General Data Protection Regulation (GDPR), PK Interactive dba DistroKid has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by sending an email to privacy@edpo.brussels, using EDPO’s online request form, or writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium. Download DistroKid’s Article 27 compliance certificate
Support Center
-
Got questions?

DistroKid News
-
What's new with us

Instagram
-
Watch our 1-minute help videos!

Twitter
-
We tweet things sometimes

Facebook
-
Let's be friends

YouTube
-
More videos, yo.