Privacy Notice and Access Policy
This privacy notice and access policy (“Privacy Policy”) explains what and how we collect, share, use, and protect your personal information when you visit or use our website and/or online services, as offered on ANote Music Platform (“Platform”) and/or app. This Policy does not apply to the practices of companies not owned or controlled by ANote Music or to people whom ANote Music does not manage or employ.
Security and privacy are our priorities
We are committed to protecting our customer’s personal information and being compliant with all data protection laws, including the Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). One of the requirements under data protection legislation is to make information accessible to users within this Privacy Policy. This Privacy Policy additionally sets out which measures are taken to protect your privacy when using our services or products, and which rights you have in return.
As part of our day-to-day business, we need to collect personal information from our customers and potential customers to ensure that we can meet their needs for a range of transactional services and provide them with information about our services.
Your privacy is important to us and it is our policy to respect the confidentiality of information and the privacy of individuals. This notice outlines how we manage your personal information supplied to us by you or a third party in connection with our provision of services to you or which we collect from your use of our services and/or our app(s), Platform or website(s). It also details your rights in respect of our processing of your personal information.
Our Privacy Policy will be reviewed from time to time to take account of new obligations changes to our operations and practices and to make sure it remains appropriate to the changing environment. Any personal information we hold will be governed by our most current Privacy Policy.
Please note that if you are an employee, a contractor or a third party service provider of ANote SA, your personal information will be used in connection with your employment contract, your contractual relationship with us or in accordance with our separate policies which are available by contacting us.
Any reference to ‘us’, ‘our’, ‘we’ or ‘ANote Music’ in this Privacy Policy is a reference to each group company within the ANote Music Group as the context requires unless otherwise stated.
Similarly, any reference to ‘you’, ‘your’, ‘yours’ or ‘yourself’ in this Privacy Policy is a reference to any of our customers and potential customers as the context requires unless otherwise stated.
WHO ARE WE?
This Privacy Policy applies to the processing activities of the ANote Music Group. The main trading entity within the ANote Music Group is ANote SA, a company registered in Luxembourg with company number B226351 and whose registered office is 9 rue du Laboratoire, L-1911 Luxembourg. ANote Music provides Information Technology services and information on intellectual property and Royalties Interests and is the data controller of your personal information in relation to those services (“Data Controller”). As a Data Controller, we determine why and how we process your personal information. Personal information can be defined as any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as, but not limited to, a name, an identification number, location data, etc.
The data controllers within the ANote Music Group may change from time to time in line with developments in the ANote Music Group business.
WHY DO WE COLLECT PERSONAL DATA?
We take reasonable steps to ensure that the personal information we process is limited to what we require in connection with the purposes set out in this Privacy Policy. We will retain copies in a form that permits identification for as long as we deem necessary in connection with the purposes set out in this Privacy Policy unless applicable law requires a longer retention period. In particular, we will retain personal information for as long as it is needed to establish, exercise or defend any legal rights.
We use and disclose personal information only for the purposes that we disclose to you. We will request your consent before we use or disclose your personal information for any materially different purpose.
We collect, use and disclose personal information to meet the needs of our customers and users to better our business purposes for their benefit, including:
- to provide the products and services you request;
- the day-to-day operation and maintenance of accounts and services;
- collecting of the amounts outstanding from you;
- to tell you about services or other related products and services offered by us;
- to manage our website, Platform, app and services;
- to understand the needs of our customers and users;
- to learn about our markets and design and improve our services and related products;
- to administer and process any request for information or job application;
- to comply with our regulatory and legal obligations, including but not limited to warrants, subpoenas, and court orders or to meet government tax reporting requirements;
- to contact you (including by way of e-mail), including, but not limited to:
- in response to your inquiries and comments, and to safeguard your interests;
- to provide you with information about our products and services, or those of others, that you may be interested in;
- to investigate suspicious activities; and
- to protect our rights and property.
PURPOSE FOR WHICH WE PROCESS PERSONAL AND USAGE DATA AND ITS LEGAL BASIS
Personal data can be defined as any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, etc (“Personal Data”). In addition to collecting Personal Data, we gather information automatically as part of your use of our products and services, also known as usage data (“Usage Data”). This information may include identifiers, commercial information, and internet activity information such as the IP address.
We collect and process your Personal Data for the following purposes, and rely on the following legal bases:
Purpose |
Description |
Legal basis |
Providing our website, Platform, app and services |
We process your personal information to operate and administer our website and services to provide you with the content you access and request |
Our legitimate interest in providing online content to our customers and prospective customers regarding our service offering and related information |
Improving our website, Platform, app |
We process your personal information to analyze overall trends and help us improve the user experience on our website, Platform, app |
Our legitimate interest in providing a relevant and well-functioning website, Platform, app for the benefit of our visitors/users |
Promoting the security of our website, Platform, app |
We process your personal information by tracking use of our website and verifying and investigating activity |
Our legitimate interest in promoting the safety and security of our website, Platform, app and in protecting our rights and the rights of others |
Displaying personalized advertisements and content |
We process your personal information to conduct market research, advertise to you, provide personalized information about us on and off our Website and to provide other personalized content based upon your activities and interests |
Our legitimate interest in advertising our products and services or, where necessary, to the extent you have provided your prior consent
|
Registering visitors |
We process your personal information, including registration information and associated non-disclosure information, for security reasons |
Our legitimate interest in protecting our offices, staff, visitors and our confidential information against unauthorized access |
Managing event registrations and attendance |
We process your personal information to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you. |
Performance of a contract or where we receive your explicit consent |
Ensuring the safety and security of our employees, events and premises |
We process your personal information where necessary based on a credible threat to our employees, events or premises |
Our legitimate interest in protecting our employees, events and premises |
Sending communications |
We process your personal information to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, push notifications, information about our products, news or events) about us, our affiliates and partners |
Our legitimate interest in conducting direct marketing or where you have provided your prior consent |
Recording phone calls |
We process your personal information, including recording phone calls (in accordance with applicable laws) for training, quality assurance, and administration purposes. |
Consent or our legitimate interest in maintaining the high quality of our phone calls with users |
Handling contact and user support requests |
We process your personal information, if you fill out a “Contact Us” web form or if you contact us by other means such as sending us an email at: support@anotemusic.com or writing us at: 9 rue du Laboratoire, L-1911 Luxembourg |
Necessary for the performance of a contract or our legitimate interest in fulfilling your requests and communicating with you |
Providing our services |
We process your personal information to perform our contract with you for the provision of our services and to satisfy our obligations under the applicable terms of use |
Necessary for the performance of a contract or our legitimate interest to provide and administer our services |
Developing and optimizing the performance of the services |
We process your personal information to develop, optimize, and improve the performance of the services |
Legitimate interest to develop services and ensure that the services are performing in line with customer expectations; if special categories of personal information are processed, where the personal information is manifestly made public by the data subject |
Providing personalized interactions |
We process your personal information to customize our interactions with you |
Legitimate interest to offer the best-in class services to our customers |
Managing our customer and user accounts |
We process your personal information (including usage data) to manage customer and user accounts generally, such as billing, customer correspondence and customer relationship management |
Necessary for the performance of a contract or our legitimate interest in the management of customer and user accounts |
Managing usage and licensing compliance |
We process your personal information (including usage data) to assess and manage usage and licensing compliance with the applicable terms of use of our services |
Necessary for the performance of a contract or our legitimate interest in managing the provision of our services to customers |
Preparing internal reports and business modeling |
We process your personal information (including usage data) for internal reporting and business modeling purposes (e.g., forecasting, revenue, capacity planning, product strategy) |
Our legitimate interest in the management of our business operations |
Maintaining our security |
We process your personal information (including your usage data) for the purposes of maintaining our own security, including investigating, detecting and preventing suspicious activity, fraud and cybercrime that may affect ANote Music or its services |
Our legitimate interest in promoting our own safety and security generally and to protect our rights and the rights of others |
Managing compensation for employees |
We process your personal information (including your usage data) for the purposes of determining compensation for our own employees, such as commission |
Necessary for the performance of a contract with an employee or our legitimate interest in fairly compensating our employees |
Undertaking financial reporting |
We process your personal information (including your personal information) for the purposes of financial reporting |
Our legitimate interest in meeting our obligations associated with the reporting of our finances |
Aggregating data |
We process your personal information (including your usage data) for the purposes of aggregating this information to ensure that it is no longer identifying |
Our legitimate interest in minimizing the amount of personal information processed as part of the noted processing activity |
Managing, and participating in, webinars, contests, programs, training, certifications or promotions |
We process your personal information if you register for a webinar, training, certification or a program. In some cases where the training or certification is through your employer, we will share your personal informationa with your employer. |
Consent, necessary for the performance of a contract or our legitimate interest in providing the webinar, contest, promotion, training, certification or promotion |
Managing payments |
If you have provided financial information to us, we process your personal information to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you |
Necessary for the performance of a contract |
Administering surveys and conducting research |
We process your personal information (including, where legally permitted, special categories of personal information) in order to meet the goals set out in surveys or research as well as to analyze our compliance with internal policies |
Consent or explicit consent (if required under applicable law) or our legitimate interest in conducting the survey or research based on its stated goals (where no special categories of personal information are in scope) |
Collecting diversity information |
We process your personal information (including special categories of personal information) to the extent you voluntarily consent to provide it to meet our broader community goals related to diversity and equality of opportunity |
Consent or explicit consent (if required under applicable law) |
Complying with legal obligations |
We process your personal information (including usage data) when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of personal information to protect our rights |
Legal obligation or our legitimate interest in protecting against misuse or abuse of our website or services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, responding to lawful requests, or for auditing purposes |
WHAT KIND OF PERSONAL DATA AND INFORMATION DO WE COLLECT?
If you are an actual or potential customer, we may collect the following types of information about you:
- name, address and contact details;
- date of birth and gender;
- profession and employment details;
- location data;
- ANote Music account information about your income and wealth including details about your assets and liabilities;
- ANote Music account information about balances, trading statements, tax and financial statements, trading performance;
- any other similar information related to your ANote Music account.
We obtain this information in a number of ways through your use of our services or other dealings with us including through any of the ANote Music website, Platform, app, the account opening applications, our demo sign up forms, webinar sign up forms, subscribing to RSS and/or push notifications, news updates and from information provided in the course of ongoing customer service correspondence. We may also collect this information about you from third parties either through bought-in third party marketing lists, publicly available sources or through our “refer a friend” scheme.
We also keep records of your trading behaviour, including a record of:
- products you trade with us and their performance;
- products we trade on your behalf and their performance;
- historical data about the trades and investments you have made including the amount invested;
- your preference for certain types of products and services.
We may also obtain personal information about you through your use of our website, Platform, app including, but not limited to https://anotemusic.com/, apps or through the use of cookies on our websites, Platform, app, in particular by recording which pages you look at on our websites, Platform, app.
We may ask for other personal information voluntarily from time to time (for example, through market research, surveys or special offers). If you choose not to provide the information, we need to fulfil your request for a specific product or service, we may not be able to provide you with the requested product or service.
We may record any communications, electronic, by telephone, in person or otherwise, that we have with you in relation to the services we provide to you and our relationship with you. These recordings will be our sole property and will constitute evidence of the communications between us. Such telephone conversations may be recorded without the use of a warning tone or any other further notice.
Further, if you visit any of our offices or premises, we may have CCTV which will record your image.
WHO MAY WE DISCLOSE PERSONAL INFORMATION TO?
As part of using your personal information for the purposes set out above, we may disclose your information to:
- other companies within the ANote Music Group who provide trading, transactional, financial and other back office services;
- service providers and specialist advisers who have been contracted to provide us with administrative, IT, financial, regulatory, compliance, insurance, research or other services;
- introducing brokers with whom we have a mutual relationship;
- credit providers, courts, tribunals and applicable regulatory authorities as agreed or authorised by law or our agreement with you;
- credit reporting or reference agencies;
- anyone authorised by you.
Generally, we require that organisations outside the ANote Music Group who handle or obtain personal information acknowledge the confidentiality of this information, undertake to respect any individual’s right to privacy and comply with the all relevant data protection laws and this Privacy Policy.
Third party service providers such as credit referencing agencies may keep a record of any searches performed on our behalf and may use the search details to assist other companies in performing their searches.
Please note that the use of your personal information by external third parties who act as data controllers of your personal information is not covered by this Privacy Policy and is not subject to our privacy standards and procedures.
HOW DO WE OBTAIN YOUR CONSENT?
Where our use of your personal information requires your consent, such consent will be provided using consent form or any other contract we may have entered into with you or as set out in our communication with you from time to time.
If we rely on your consent as our legal basis for processing your personal information, you have the right to withdraw that consent at any time by contacting us using the contact details set out in this Privacy Policy.
MANAGEMENT OF PERSONAL INFORMATION
We always take appropriate technical and organisational measures to ensure that your information is secure. In particular, we train our employees who handle personal information to respect the confidentiality of customer information and the privacy of individuals. We regard breaches of your privacy very seriously and will impose appropriate penalties, including dismissal where appropriate and necessary.
We have assigned the duties of data privacy and security to the Board of Managers because we are committed to compliance with this Privacy Policy and the applicable legislation.
HOW DO WE STORE PERSONAL INFORMATION AND FOR HOW LONG?
Safeguarding the privacy of your personal information is important to us, whether you interact with us personally, by phone, by mail, over the internet or any other electronic medium. We hold personal information in secure computer storage facilities, cloud servers and paper-based files and other records and take steps to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure.
Regarding the use of cloud servers, we currently use Amazon Web Services (AWS). AWS offers customers a number of compliance measures they can rely on to comply with European data protection laws. For example, customers are able to rely on the AWS Data Processing Addendum, which includes the Model Clauses as approved by the Article 29 Working Party (Data Processing Addendum). The Data Processing Addendum is available to all AWS customers transferring data from the EU to any of AWS regions around the world, whether in the US or otherwise. The Data Processing Addendum gives customers the assurance that AWS will give customers’ data the same high levels of security, privacy and data protection that it would receive in the EU.
AWS customers have granular control over their data they store in the AWS cloud. AWS also enables a high level of security and maintains certification with robust security standards, such as ISO 27001, SOC 1/2/3and PCI DSS Level 1.
When we consider that personal information is no longer needed, we will remove any details that will identify you or we will securely destroy the records. However, we may need to maintain records for a significant period of time. For example, we are subject to certain anti-money laundering laws which require us to retain:
- a copy of the documents we used to comply with our customer due diligence obligations; and
- supporting evidence and records of transactions with you and your relationship with us,
for a period of five years after our business relationship with you has ended.
If we hold any personal information in the form of a contract, we will retain this contract deed in its complete form for a period of 10 years after our business relationship with you has ended.
If we hold any personal information in the form of a recorded communication, by telephone, electronic, in person or otherwise, this information will be compliant with local regulatory requirements which will either be 5 years or 10 years, subject always to statutory requirements, after our business relationship with you has ended.
Where you have opted out of receiving marketing communications we will hold your details on a separate designated list of persons so that we know you do not want to receive these communications.
TRANSFERS OUTSIDE OF THE EUROPEAN ECONOMIC AREA
We may transfer your personal information outside the European Economic Area to other ANote Music Group companies as well as processors who are engaged on our behalf (‘Transferees’). To the extent we transfer your information outside the European Economic Area, we will ensure that the transfer is lawful and that there are appropriate security arrangements.
In order to transfer personal information to third parties in territories that do not have a finding of adequacy by the applicable authority and regulations, we enter into agreements with the Transferees ensuring appropriate and suitable safeguards based on standard contractual terms adopted by the European Commission. Where we make transfers to Transferees in the US, we may in some cases rely on applicable standard contractual clauses, binding corporate rules, the EU-US Privacy Shield or any other equivalent applicable arrangements. If you would like a copy of such arrangements, please contact us using the contact details below.
HOW CAN YOU MODIFY AND/OR DELETE THE PERSONAL DATA WE HOLD ABOUT YOU?
To modify and/or delete the information that we hold about you, you can contact us at support@anotemusic.com or fill out “Contact Us” web form. . You can also easily modify certain types of information from your personal profile page on our website.
In accordance with the GDPR regulations you have the right to:
- request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you;
- request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request the erasure of your personal information. This enables you to ask us to remove/delete personal information where there is no good reason for us continuing to process it;
- object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes;
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
- withdraw your prior consent to processing of your personal information at any time;
- the right to object to a decision based solely on automated processing, including profiling.
To exercise your rights, you can contact us at support@anotemusic.com or fill out “Contact Us” web form or write us at the following address: ANote Music, 9 rue du Laboratoire, L-1911 Luxembourg.
We will respond to your request without undue delay and at the latest within 1 calendar month upon receiving your email or the “Contact Us” web form or the letter sent to our registered office address.
COOKIES
WHAT IS A COOKIE AND HOW DO WE USE COOKIES?
A cookie is a small piece of text stored on your computer or device when you visit a website or an app.
We use cookies on our websites or our apps to provide you with a more relevant and effective experience, including presenting web pages according to your needs or preferences. For further information about cookies and how we use cookies, please refer to our website.
TECHNOLOGY IMPROVEMENTS
We are constantly striving to improve functionality on the ANote Music site through technology changes. This may mean a change to the way in which personal information is collected or used. The impact of any technology changes which may affect your privacy will be notified in this Privacy Policy at the time of the change.
LINKS TO THIRD PARTY WEBSITES
Our websites, our Platform and our app may have links to external third-party websites. Please note, however, that third party websites are not covered by this Privacy Policy and those sites are not subject to our privacy standards and procedures. Please check with each third party as to their privacy practices and procedures.
WHAT IF YOU HAVE A COMPLAINT?
If you have a concern about any aspect of our privacy practices, you can make a complaint. This will be acted upon promptly. To make a complaint, please contact us via one of the methods set below.
If you are not satisfied with our response to your complaint, you have the right to lodge a complaint with our supervisory authority, the National Commission for Data Protection (Commission Nationale pour la Protection des Données (CNPD)). You can find details about how to do this on the CNPD website at https://cnpd.public.lu/en.html or by calling their main line on (+352) 26 10 60-1.
HOW TO CONTACT US
If you have any questions about this Privacy Policy or want to exercise your rights, please contact us by:
- email at support@anotemusic.com; or
- filling out the “Contact Us” web form; or
- writing at the following address: ANote SA, 9 rue du Laboratoire, L-1911 Luxembourg
ACCESS POLICY
This policy will govern all dealings between ANote Music (‘us’, ‘our’ and ‘we’ as appropriate) and the applicant customer (‘you’, ‘your’, ‘yours’ and ‘yourself’ as appropriate) during the application process. Once you open an account with us, your dealings with us will be governed by the applicable customer agreement for that account type.
In return for us granting you access to the Platform, you agree to the following terms.
For the purposes of this policy, ‘Platform’ means any electronic services (together with any related software or application) accessible by whatever means we grant you access to or make available to you either directly or through a third-party service provider.
You will take all reasonable steps to ensure that no computer viruses, worms, software bombs or similar items are introduced into any computer hardware, software, applications, equipment or network facilities you use to access our Platform.
We and our licensors (as the case may be) will retain the intellectual property rights in all elements of the software and such software and databases contained within our Platform and you will not in any circumstances obtain title or interest in such elements.
With respect to any market data or other information that we or any third party service provider provides to you in connection with your use of any Electronic Trading Services, you agree that: (a) we are not responsible or liable if any such data or information is inaccurate or incomplete in any respect; (b) we are not responsible or liable for any actions that you take or do not take based on such data or information; (c) such data or information is proprietary to us and/or any such provider and you will not retransmit, redistribute, publish, disclose or display in whole or in part such data or information to third parties except as required by applicable regulations or as agreed by us; (d) you will use such data or information solely in compliance with the applicable regulations and this policy; and (e) we may at our absolute discretion remove your access to market data at any time.
No one other than a party to this policy, their successors and permitted assignees shall have any right to enforce any of its terms.
This policy and all our dealings with you are in all respects governed by and construed and interpreted in accordance with the laws of the Grand Duchy of Luxembourg, and the competent courts of the Grand Duchy of Luxembourg will have exclusive jurisdiction to settle any legal action or proceedings arising out of or in connection with this policy, including any non-contractual disputes and claims. Nothing in this term will prevent us from bringing proceedings against you in any other jurisdiction. No part of this document may be reproduced in any form whatsoever without the previous written permission of ANote Music.
Last update of this Privacy Policy: 31 May 2024