This privacy notice sets out how Apple Corps Limited ("Apple", “we”, “us”, “our”) of 27 Ovington Square, London SW3 1LJ, UK uses and protects any personal information that you give us when you use this beatles.com website. This means information that is about you or from which we can identify you. As a data controller we are responsible under data protection laws for how we deal with your personal information.
Apple is registered as a Data Controller at the Information Commissioner’s Office (“ICO”) in accordance with data protection laws (registration number Z5042102.) If you have any questions about this policy or how we use personal information collected through this website please contact our Data Manager at email@example.com or on +44 207 761 9600 before using this website.
In this privacy notice we explain how and why we collect or otherwise process your personal information, what our lawful reasons are for this under data protection laws, what we do with it, what your rights are and what controls you have over our use of it.
We may change this policy from time to time by updating this page. This privacy notice was last updated in 1st May 2018.
What personal information do we collect?
In general, you can use this website without giving us any information. However, to sign up as a registered user of our website and to create a user account or to receive our newsletter or other direct marketing you will need to provide certain personal information.
We may collect the following personal information:
- (If you choose to submit this information about yourself) your name and contact information, including email address, mobile phone number, date of birth (for legal reasons to check you are over 16 yrs old). We collect this for the purpose of user account set up.
- Separately, your name and address if you subscribe to our newsletter and other direct marketing (see “Direct Marketing” and “What do we do with the information we collect?” below for more details).
- (If you sign up as a registered user of this website) your username and password, which you will be asked to provide these every time you login.
- Your country of origin.
- Information you provide in any “free text” boxes on this website, (ie blank spaces where you are free to insert comments).
- (If you sign up as a registered user of this website) information you provide on your profile page including the “my comments” and “my wall” sections.
- Other information relevant to customer surveys or offers, such as store promotions and product releases.
- (If you choose to submit this information about yourself) information about your music favorites/your music preferences.
- Records of how you have contacted us including (since you have got in touch with us online).
- Details such as your mobile phone location data, IP address and MAC address.
- Information about how you use this website collected through cookies (see “Cookies” below).
Sources of this personal information
We will collect your personal information from you directly via this website. In addition, we may obtain your personal information and content from other sources such as social media websites.
What is sensitive personal data?
Sensitive personal data (also known as ‘special categories of personal data’) is a more sensitive category of personal information which relates to a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning (mental or physical) health or data concerning a natural person’s sex life or sexual orientation.
Please do not provide sensitive personal data to us through our website. With your interests in mind, we do not actively solicit sensitive personal data from users of our website. Registered users with a beatles.com “My Account” profile should note that if they refer to their hobbies, interests, spare time activities, opinions and beliefs when they talk about themselves on their profile page, this may indicate e.g. their religious beliefs or racial or ethnic origin and this will amount to sensitive personal data. Users might inadvertently provide this information in “free text” boxes. You must exercise caution. Please note – you must not volunteer this kind of information about yourself.
The same points apply to criminal convictions and offences data.
What do we do with the personal information we collect and what are the legal grounds for our processing of your personal information (including when we share it with others) for these purposes?
Data protection laws require us to explain what legal grounds justify our processing of your personal information (this includes sharing it with other organisations). For some processing more than one legal ground may be relevant (except where we rely on a consent). Here are the legal grounds that are relevant to us:
- Processing necessary for the contract we have with you:
- When we share your personal information with suppliers and distributors.
- Processing necessary for the following legitimate interests which apply to us and in some cases other organisations (who we list below) and where we have balanced these against your own interests in accordance with data protection laws:
- To correspond with you by email, or by telephone, in response to your questions and queries raised through our website;
- To deal with and respond to any communication, enquiry or application which you submit to us;
- To test the performance of our internal processes;
- To use your personal information to improve our products and services;
- To use your contributed content in communications around our products (for instance if you put a positive comment about our products on your social media page or Twitter feed we may use this for this reason);
- To adhere to guidance and best practice issued by the Information Commissioner’s Office;
- For management and audit of our business operations including accounting;
- To carry out monitoring and to keep records (see below);
- To administer our good governance requirements and those of other members of the Apple Group of companies, such as internal reporting and compliance obligations;
- For market research and analysis and developing statistics, including to do statistical analysis;
- For our profiling and other automated decision making such as to tailor our marketing communications (see below);
- To provide other companies, such as advertisers, with statistical information about our customers, but we will not provide them with information which can be used to identify you;
- If you provide us with your information via our website, use the information to customize the website according to your interests, including through cookies (see “Cookies” below);
- When we share your personal information with these other people or organisations;
- Members of our Group (this means the Apple group of companies and you can contact our Data Manager for a list of these if you wish);
- Our legal and other professional advisers and our auditors;
- Governmental and regulatory bodies such as HMRC, the Information Commissioner’s Office;
- Other organisations and businesses who provide services to us such as back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions;
- Any agent or contractor acting on our or on behalf of our Group (such as service providers managing communications to our website users and companies managing our online sales);
- Buyers and their professional representatives as part of any restructuring or sale of our business or assets and this means we may transfer your details to any successor to an Apple group business (or a relevant part of it); and
- Market research organisations who help us to develop and improve our products and services.
- Processing necessary to comply with our legal obligations:
- For compliance with laws and regulations that apply to us;
- For establishment, defence and enforcement of our legal rights or those of any other member of our Group;
- For activities relating to the prevention, detection and investigation of crime;
- To carry out monitoring and to keep records (see below);
- To deal with requests from you to exercise your rights under data protection laws;
- To process information about a crime or offence and proceedings related to that (in practice this will be relevant if we know or suspect fraud); and
- When we share your personal information with these other people or organisations:
- Law enforcement agencies and governmental and regulatory bodies such as HMRC, the Information Commissioner’s Office; and
- Courts and to other organisations where that is necessary for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations.
- Processing with your consent:
- When you request that we share your personal information with someone else and consent to that; and
- For our newsletter and other direct marketing communications by email which you sign up for by giving your consent on our website. In particular, we may (if you consent by opting in) send information to you which we think may be of interest to you including direct marketing information about products and services from Apple, other members of our Group and carefully selected third parties (see “Direct Marketing” below).
How and when can you withdraw your consent?
Much of what we do with your personal information is based on other legal grounds. For processing that is based on your consent, you have the right to take back that consent for future processing at any time. You can do this by contacting us (see below). The consequence is that we cannot send you our newsletter or other marketing communications.
Will your personal information be transferred outside the UK or the European Economic Area?
We have explained that we may disclose your personal information to other members of the Apple group of companies and agents or contractors acting for us or them.
Personal Information may in addition be transferred to other locations outside the EEA for example to our service providers if they or their servers are based there. When your personal information is processed inside the UK and the EEA then it is protected by data protection laws. Some other countries and territories do have adequate protection for personal information by law. We will make sure that suitable safeguards are in place before we transfer your personal information to those countries except in cases where what are called ‘derogations’ apply.
For more information about suitable safeguards and (as relevant) how to obtain a copy of them or to find out where they have been made available you can contact our Data Manager – our contact details are in this privacy notice.
Safeguards can include: (i) the Standard Data Protection Clauses (also known as EU Model Clauses) obtain a copy of them or to find out where they have been made available you can contact our Data Manager using the details below; (ii) the US Privacy Shield and details are available here: https://www.privacyshield.gov/welcome or you can contact our Data Manager using the details below for more information; or (iii) Binding Corporate Rules provided the recipients in other countries have obtained the requisite approvals and the published list of approvals. You can contact our Data Manager using the details below for more information.
What if you are using this website from outside the UK?
Direct marketing (using your personal information)
If you consent by opting in, we may use your information in order to send you our newsletter and other direct marketing by email about products and services of Apple Corps relating to the Beatles, about all four members of the Beatles taken separately, and about other members of the Apple group of companies and of carefully selected third parties such as Cirque Du Soleil companies, Universal Music companies, MPL (McCartney Productions Limited) and Harrisongs Limited. This means that we will make it clear on the relevant pages of our website if the personal information we collect (ie name and contact information including email address) may be used for direct marketing purposes and we will ask for your consent on those pages.
You can choose to restrict the collection or use of your personal information for direct marketing purposes, as follows:
In each direct marketing communication we send by electronic means (including our email newsletter) we will remind you of how you can prevent further electronic direct marketing. You may do this by using the link provided in the marketing email to send an “UNSUBSCRIBE” request.
In addition, you can change your mind at any time about direct marketing “opt in” consents you have already provided, by writing to us at firstname.lastname@example.org
Data Protection Manager
Apple Corps Ltd
27 Ovington Square
SW3 1LJ, UK
Information about other people
On the “my comments” and “my wall” pages on the profile pages of registered users and in the “free text” boxes on our website it is possible to input information about other people. On the profile pages of registered users there is a facility to link up with “My friends”, ie other registered users. You must not disclose any personal information about “My friends” or any other people on this website (including but not limited to on the “my Comments” or “my Wall” pages or in “free text” boxes).
It is important to bear in mind that the internet is not a secure means of communication. We cannot guarantee the security of personal information sent to us through this website.
If you sign up as a registered user of this website, you will be responsible for maintaining the confidentiality of your username and password. You should not disclose it to any other person. Please notify our Data Manager promptly (contact details above) if you believe your username or password may have been compromised. We will not be responsible to you if there is unauthorised access to your user account as a result of someone else using your login details after you have compromised them.
We may also monitor users’ behaviour on their beatles.com profile pages. Our monitoring may check for obscene or profane content, threatening or anti-social behaviour, or anything that might compromise the safety, enjoyment or privacy of our users.
Profiling and other automated decision making
This section is relevant where we make decisions about you using only technology, and where none of our employees or any other individuals have been involved in the process. For instance, we may do this to decide what marketing communications are suitable for you based on your age, location or music preferences.
We can do this activity based on our legitimate interests (and they are listed in the section about legal grounds above) and this is because this activity does not have a legal or other significant effect on you.
Profiling for direct marketing can mean there is a right to object (see ‘rights to object’ below).
Retention of your personal information
In the event that your beatles.com account is terminated by you or by us, we will retain your personal information after that termination only for as long as is reasonably necessary bearing in mind the purpose(s) for which it was collected (see above) or for as long as is necessary in case of any legal challenges or other problems, or as is otherwise permitted or required by law. After that period your personal information will be suppressed in or deleted from our database(s).
Unless we explain otherwise to you, we will generally hold your personal information in accordance with the following criteria:
- Retention in case of queries. We will retain the personal information that we need to keep in case of queries from you;
- Retention in case of claims. We will retain the personal information that we need to keep for the period in which you might legally bring claims against us; and
- Retention in accordance with legal and regulatory requirements. We will retain the personal information that we need to satisfy our legal and regulatory requirements.
- If you unsubscribe from our email marketing service we won’t retain your personal data for that purpose.
If you would like further information about our data retention practices, contact our Data Manager.
What are your rights under data protection laws?
Here is a list of the rights that all individuals have under data protection laws. They do not apply in all circumstances. If you wish to exercise any of them we will explain at that time if they are engaged or not. The right of data portability is only relevant from May 2018. To exercise your data protection rights you can contact our Data Manager.
- The right to be informed about your processing of your personal information;
- The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed;
- The right to object to processing of your personal information;
- The right to restrict processing of your personal information;
- The right to have your personal information erased (the “right to be forgotten”);
- The right to request access to your personal information and to obtain information about how we process it;
- The right to move, copy or transfer your personal information (“data portability”);
You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/
Data anonymization and aggregating your personal information
Your personal information may be converted into statistical or aggregated data which cannot be used to re-identify you. It may then be used to produce statistical research and reports. This aggregated data may be shared and used in all the ways described in this privacy notice
We do not wish to allow children to use all parts of our website. This is to protect their personal information. Children may of course view our website but parents/guardians should remind them how to handle their personal information securely and responsibly on the internet. They should also familiarize themselves with our website to ensure they are happy for their children to use it.
Children under 16: Children under 16 may use this website on a “read only” basis. We make it clear on the relevant pages of our website, including the “Newsletter” sign-up tab and the “Your Account” set-up page, that we do not wish to collect personal information including email addresses from children under 16. They must not sign up for our Newsletter or open a beatles.com account. They must not submit personal information to us in any other way on this website.
We may link to other websites which are not within our control. Once you have left our website, we cannot be responsible for the protection and privacy of any information which you provide and we have no control over how your personal information is used by third parties operating other websites. In addition, other websites outside our control may link to our website. You should exercise caution and look at the terms and conditions and the privacy statement applicable to the other website in question. No link is intended to be, nor should be construed as, an endorsement of any kind by us of another website.
For example, the “STORE” tab on our website links to the Beatles online store at thebeatlesonline.co.uk and this is operated by Universal Music. We also link to the iTunes store e.g. where you can purchase Beatles social media application(s) and this is operated by Apple, Inc. In addition, you may choose to link up your beatles.com profile to your profiles on third party websites including but not limited to Twitter, Facebook, Instagram and YouTube. You should read the terms and conditions and privacy statements on all such third party websites before you use them including before you link your beatles.com profile to them (as applicable).
We do not disclose information collected through our cookies to third parties e.g. advertisers. We may in future permit Apple group companies and other third parties to install cookies on your device when you use our website, eg to run their own advertisements on our website. These cookies will only be “session cookies”.
You can, should you choose, disable the cookies from your browser and delete all cookies currently stored on your computer. On Microsoft Internet Explorer, this can be done by selecting "Tools/Internet Options" and reviewing your privacy settings or selecting "delete cookies". You can find out how to do this for your particular browser by clicking "help" on your browser's menu or by visiting http://www.allaboutcookies.org/manage-cookies/index.html