Privacy
How we handle your data.
This notice covers tao-nova.com and services we run for demos and contact signups.
Last updated: 2024-12-01 • Controller: Tao Nova Records by Bernarding (sole proprietorship), Zürichstrasse 12, 8600 Dübendorf, Switzerland • Contact: privacy@tao-nova.com
Who is responsible
Controller: Tao Nova Records by Bernarding (sole proprietorship), Zürichstrasse 12, 8600 Dübendorf, Switzerland.
Contact for privacy requests: privacy@tao-nova.com. You can request access, correction, deletion, or portability of your data and object to processing where applicable.
What we collect and why
- Website visits — basic server logs for security (IP, user agent, timestamp); stored briefly for abuse prevention (legitimate interest).
- Contact form — name, email, topic, message to answer your request (performance of a contract / pre-contractual steps).
- File drop — artist name, email, optional links/message, and uploaded file to review demos and respond (consent + pre-contractual steps).
- Social and streaming links — outbound links only; they are opened by you on click.
We do not run advertising trackers or analytics on this site.
Recipients and processors
- Hosting & forms: Netlify (United States/EU) — static hosting and Netlify Forms delivery.
- Storage: Google Drive/Google Workspace (United States/EU) — file drop uploads and related communications.
- Communications: Email provider of Tao Nova Records by Bernarding for responses.
- Newsletter: MailerLite for subscription management and double opt-in emails.
We sign Data Processing Agreements (DPAs) with all processors. A Data Processing Agreement has been signed with Netlify and Google. Transfers outside Switzerland/EU are safeguarded with Standard Contractual Clauses where required.
Retention
- Contact inquiries: kept as long as needed to resolve the request and for limited backup/audit purposes, then deleted.
- File drop uploads: Files uploaded through the demo submission form are retained only as long as necessary to review the material and respond. They are generally deleted within 30–90 days, and never kept longer than needed for the purpose for which they were submitted.
- Server logs: routinely deleted after a short period used for security (e.g., 30 days).
Your rights
You can request access, correction, deletion, restriction, or portability of your data. You may withdraw consent at any time. If you believe processing is unlawful, you can lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or your local authority.
Two-click embeds and external links
We load YouTube videos and other third-party embeds only after you click “Play,” which then connects you to that provider. Outbound social/streaming links are opened only when you click them.
Data minimization
Please do not send sensitive personal data (e.g., health, biometric, financial data) through the contact form or file drop.