GDPR Compliance

Last updated: January 16, 2025

1. GDPR Overview

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. Sentinel Music Group is committed to full compliance with GDPR and protecting the privacy rights of all individuals whose personal data we process.

2. Data Controller Information

Sentinel Music Group acts as the data controller for personal data collected through our website and services. Our contact information is:

3. Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: When you have given clear consent for processing
• Contract: When processing is necessary for contract performance
• Legitimate Interest: When we have a legitimate business interest
• Legal Obligation: When required by law

4. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Rights Related to Automated Decision Making: Human review of automated decisions

5. Data Processing Activities

5.1 Website Visitors

We collect and process data from website visitors including:

• IP addresses and browser information
• Pages visited and time spent on site
• Cookies and similar technologies

5.2 Artist Submissions

When artists submit demos or contact us, we process:

• Contact information (name, email, phone)
• Musical works and recordings
• Biographical information

5.3 Newsletter Subscribers

For newsletter subscribers, we process:

• Email addresses
• Subscription preferences
• Engagement data

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Website Analytics: 26 months
• Artist Submissions: 3 years or until consent withdrawn
• Newsletter Data: Until unsubscribed
• Contact Inquiries: 2 years

7. Data Security

We implement appropriate technical and organizational measures to protect personal data:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls and authentication
• Staff training on data protection

8. Data Transfers

We may transfer personal data to third countries outside the EEA. When we do so, we ensure adequate protection through:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules
• Certification schemes

9. Data Breach Procedures

In the event of a data breach, we will:

• Notify the supervisory authority within 72 hours
• Inform affected individuals without undue delay
• Document all breaches and remedial actions
• Implement measures to prevent future breaches

10. Exercising Your Rights

To exercise any of your GDPR rights, please contact us at privacy@sentinelmusicgroup.com. We will respond to your request within one month of receipt.

11. Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with GDPR requirements.

12. Contact Information

For GDPR-related inquiries, please contact our Data Protection Officer: