Privacy Policy 2018-05-26T14:53:31+00:00

Privacy Policy

This Privacy Policy applies to the website Sonic Bloom (https://sonicbloom.net/). It is operated by Madeleine Heitmann (Founder & CEO). You can find more information about Sonic Bloom and its founder under Contact.

I am committed to safeguarding the privacy of my website visitors; this policy sets out how I will treat personal information I collect from you through the website.

1. What information do I collect?

I may collect, store and use the following kinds of personal data:

  • information about your visits to and use of this website;
  • information about any transactions carried out between you and me on or in relation to this website, including information relating to any purchases you make of my goods or services or those of third parties which are made available through my website or services;
  • information that you provide to me for the purpose of registering with me and/or subscribing to my website services and/or email notifications;
  • and any other content you submit to me via the website or my services (collectively, “Your Content”), such as comments, enquiries, marketing preferences, and other information concerning your use of the website or my services.

1.1 Website visits

  • I may collect information about your computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. I may use this information in the administration of this website, to improve the website´s usability, and for marketing purposes.
  • I use cookies on this website. A cookie is a text file sent by a web server to a web browser, and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser. For more information regarding our use of cookies please refer to section 1.4 below.

1.2 Comments

When you leave comments on the site I collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

1.3 Contact forms

My contact form service is offered in accordance with GDPR, Art.6 (1)(b).

When you send me a message from my contact page I only ask for your email address, a name, the subject of your message and of course the message itself. This information is necessary to start a proper conversation that aims to answer your request.

All messages I receive from my contact page will only be used to process the respective subject of your message. During the evolving conversation I will not send any off-topic information like advertising or product recommendations.

When you get in contact with me (for example by email or via the form on the website) I will keep records of what is communicated. This is to ensure I have a record of my discussion for future reference and so I can improve the website and my services.

1.4 Cookies

If you leave a comment on my site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, I will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, I will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

You may delete and block all cookies through your internet browser’s settings, but parts of the website may not work properly. If other cookies are also stored, they are treated separately in this Privacy Policy.

1.5 Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, audio streams etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These include Google, YouTube, Vimeo, Facebook, Twitter, Soundcloud, and Gumroad.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

1.6 Google Analytics

I use Google Analytics to collect and store anonymous statistical data about my users’ use of the website. Google Analytics uses cookies, which are text files placed on your computer to help the website analyse how you use the site. The information generated by the cookie is transmitted to and stored by Google on servers in the United States. Google will use this information on my behalf to evaluate your use of my website. The IP address that your browser transmits within the scope of Google Analytics will not be associated with any other data held by Google.

The IP anonymisation feature is active on this website. That means your IP address will be truncated beforehand within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. This happens prior to transmission to the United States.

You can further prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en

You can find Google’s Privacy Policy under: https://policies.google.com/privacy?hl=en

1.7 Newsletter

The goal of my existing monthly email communications is to inform my Newsletter Subscribers of the latest articles on the blog as well as new releases and to offer special discounts on products in the Sonic Bloom shop.

I do not sell or distribute (for financial gain or for free) or otherwise disclose any partner or customer e-mail addresses to any third parties except when legally required.

Every newsletter contains an Unfollow link at the bottom of the message to unsubscribe.

1.8 Necessary Communication

There are situations which by their own nature require me to send you emails. These include:

  • Sending you invoices for each completed transaction on my website
  • Sending you emails concerning technical, legal and support matters
  • Sending an email with the link to activate your account at Sonic Bloom

Please make sure you do not flag Sonic Bloom as ‘Spam’ or ‘Unsolicited’ in your email software.

2. Who I share your data with

I may share your name and email address with Christian Kleine (Max for Cats) for the express purpose of offering technical support and answering questions to one or more of his products that you’ve purchased or downloaded for free.

The following companies may also get access to data collected on this website. The transmission of the data is aimed at payment processing, file delivery and fraud prevention. I will transfer personal data to any of these companies, in particular, if a legitimate interest in the transmission is given. They will, if necessary, pass on personal data to affiliates and service providers or subcontractors to the extent that this is necessary to fulfil contractual obligations or for data to be processed in the order. The personal data collected by Stripe will be transmitted to economic credit agencies for identity and creditworthiness checks.

You have the possibility to revoke consent for the handling of personal data at any time from these companies. A revocation shall not have any effect on personal data which must be processed, used or transmitted in accordance with (contractual) payment processing.

2.1 Sendowl

Sendowl is an e-commerce service provider that allows for a secure connection to the payment providers and ensures the delivery of the product to the buyer.

The operating company of Sendowl is Concept Den Ltd,9th Floor, 107 Cheapside, London, England, EC2V 6DN, United Kingdom.

If you make a purchase, the data you enter in the checkout form is automatically transmitted to Sendowl. By completing the purchase, you agree to the transfer of personal data required for payment processing and file delivery. Sendowl collect information relating to any transactions recorded by Sendowl or returned by the payment gateway. They do not record buyer card or bank details.

Sendowl's Privacy Policy: https://www.sendowl.com/privacy

2.2 Gumroad

Gumroad is an e-commerce service provider that allows for a secure connection to the payment providers and ensures the delivery of the product to the buyer.

The operating company of Gumroad is Gumroad, Inc., 225 Valencia St a, San Francisco, CA 94103, United States of America.

If you download a free product or make a donation, the data you enter during the checkout is automatically transmitted to Gumroad. By completing the dowload, you agree to the transfer of personal data required for payment processing  and/or file delivery. Gumroad collect information relating to any transactions recorded by Gumroad or returned by the payment gateway. They do not record buyer card or bank details.

Gumroad's Privacy Policy: https://gumroad.com/privacy

2.3 PayPal

PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. A PayPal account is managed via an email address. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also accepts trustee functions and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If you choose "PayPal" as the payment option in the online shop during the ordering process, I automatically transmit your data to PayPal. By selecting this payment option, you agree to the transfer of personal data required for payment processing.

The personal data transmitted to PayPal is usually first name, last name, email address, address, IP address, or other data necessary for payment processing. The processing of the purchase contract also requires such personal data, which are in connection with the respective order.

PayPal's Privacy Policy: https://www.paypal.com/us/webapps/mpp/ua/privacy-full

2.4 Stripe

Stripe is an online payment service provider. Stripe is able to process virtual payments from Visa, Mastercard and American Express when you enter your credit card details.

The Headquarter of Stripe is located at 185 Berry Street, Suite 550, San Francisco, CA 94107, United States of America.

If you choose Visa, Mastercard and American Express (“Checkout”) as the payment option in the online shop during the ordering process, I automatically transmit the data to Stripe. By selecting one of these payment options, you agree to the transfer of personal data required for payment processing.

The personal data transmitted to Stripe is usually name, email address, credit or debit card number, and bank account information, date of birth, SSN or EIN. The processing of the purchase contract also requires such personal data, which are in connection with the respective order.

Stripe's Privacy Policy: https://stripe.com/de/privacy

3. How long I retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users registered on my website (only for purchasers of a video course), I also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

I keep contact form entries for 12 months, analytics records for 6 months, and customer purchase records for ten years or however long it’s legally required.

4. Your rights

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data I hold about you, including any data you have provided to me. You can also request that I erase any personal data I hold about you.

You are entitled to:

  • access to personal information
  • correction and deletion
  • withdrawal of consent (if processing data on condition of consent)
  • data portability
  • restriction of processing and objection
  • lodging a complaint with the Information Commissioner’s Office

This does not include any data I am obliged to keep for administrative, legal, or security purposes.

You may instruct me not to process your personal data for marketing purposes. In practice, you will usually either expressly agree in advance to my use of your personal data for marketing purposes, or I will provide you with an opportunity to opt-out of the use of your personal data for marketing purposes. You can also instruct me not to use your personal data for marketing purposes by email (to contact(at)sonicbloom(dot)net) at any time.

5. Other disclosures

In addition to the disclosures reasonably necessary for the purposes identified elsewhere in this privacy policy, I may disclose information about you:

  • to the extent that I am required to do so by law;
  • in connection with any legal proceedings or prospective legal proceedings;
  • in order to establish, exercise or defend my legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
  • if I buy or sell, or are negotiating the purchase or sale, of any business or assets, in which case your personal information may be shared with the purchaser or seller for that purpose.

I may anonymise information about you (so that you cannot be identified from it by third parties) and provide that information to third parties for the purposes of marketing analysis or to market the website or my services (for example, by letting my business partners know that 50 male individuals from a particular country viewed their product during a particular time period.

Except as provided in this privacy policy, I will not provide your information to third parties.

6. International data transfers

I use external providers to process, store and back-up my data. I also use cloud data storage. By default, data is stored at data centres located in the EU but in exceptional circumstances data may be processed at data centre outside the EU. Your personal information will only be transferred to countries whose data protection laws have been assessed as adequate by the European Commission, or where adequate safeguards, such as the EU-US Privacy Shield, are in place to protect your personal information.

7. Security of your personal data

I will take any possible precautions to prevent the loss, misuse or alteration of your personal information. Of course, data transmission over the internet is inherently insecure, and I cannot 100% guarantee the security of data sent over the internet.

I will store all the personal information you provide on my secure servers. All electronic transactions you make to or receive from me will be encrypted using SSL technology.

You are responsible for keeping your passwords confidential. I will not ask you for your passwords.

8. Policy amendments

I may update this privacy policy from time-to-time by posting a new version on my website. You should check this page occasionally to ensure you are happy with any changes.

9. Third party websites

The website contains links to other websites. I am not responsible for the privacy policies of third party websites.

10. Financial Information

The website does not store your credit card and payment details on my server. Details of your purchases and purchased products are stored in your profile for purchased courses, on Sendowl and on Gumroad, but no sensitive details relating to your payment methods are ever stored or handled by Sonic Bloom or these services.

11. Contact

If you have any questions about this privacy policy or my treatment of your personal data, please write to me by email or by post or call me:

Madeleine Heitmann
Sonic Bloom
Kopenhagener Straße 89
13158 Berlin
Deutschland
Phone: +49.(0)30.56 00 43 67
Email: contact(at)sonicbloom(dot)net
Website: sonicbloom.net