Privacy Policy for TommyDorseyOrchestra.com

We maintain an unwavering dedication to protecting and preserving all personal data provided by our website visitors and service users, implementing robust and comprehensive security measures throughout our services and operations.

This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for ensuring the proper handling, processing, and protection of all personal data submitted through our website.

We may process usage data (“usage data”), which comprehensively includes access timestamps, page views, interaction patterns, device information, browser type, referring websites, navigation paths, and technical system data. This information is collected through automated logging systems, cookies, and analytics tools and may include duration of visits, features accessed, and content preferences. The source of this data is our analytics software and server logs. We process this information for several important purposes, including improving website performance, enhancing user experience, analyzing trends, and maintaining security, which enables us to optimize our services, prevent fraud, and provide personalized content. The legal basis for this processing is our legitimate interests in monitoring and improving our website services.

We may process account data (“account data”), which comprehensively includes email addresses, usernames, passwords, account preferences, subscription status, and billing information. This information is collected through registration forms, account updates, and subscription processes and may include newsletter preferences, payment methods, and communication settings. The source of this data is direct user input during account creation and management. We process this information for several important purposes, including account authentication, service provision, payment processing, and communication management, which enables us to maintain secure user accounts, process transactions, and deliver requested services. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

We may process profile data (“profile data”), which comprehensively includes biographical information, interests, preferences, musical background, purchase history, and user-generated content. This information is collected through profile creation forms, survey responses, and interaction with our services and may include musical preferences, event attendance history, and artist connections. The source of this data is your direct input and interaction with our platform. We process this information for several important purposes, including personalizing user experience, recommending relevant content, facilitating community interactions, and improving our services, which enables us to provide targeted recommendations, enhance user engagement, and develop better features. The legal basis for this processing is our legitimate interests in providing personalized services to our users.

You have the right to access your personal data, which means you can obtain confirmation about whether we process your personal data and receive a copy of that data in a structured format. This includes the ability to view all personal information we hold about you, understand how we use it, and verify its accuracy. To exercise this right, you can submit a formal request through our dedicated data access portal or contact our privacy team directly. We will respond within 30 days and may require government-issued identification, proof of address, and account verification details to verify your identity.

You have the right to rectification, which means you can request corrections or updates to any inaccurate or incomplete personal data we hold about you. This includes the ability to modify account information, update contact details, and correct any factual errors in your profile. To exercise this right, you can use our account settings panel or submit a formal correction request through our support system. We will respond within 15 days and may require proof of correct information, account verification, and supporting documentation to verify your identity.

[Continued in next part due to length limit]Data Protection and Security Measures

How We Handle Your Data

We process Service Data which includes account details, user preferences, website interactions, and membership information. This processing involves collecting, storing, analyzing, and updating your data, enabling us to provide personalized musical content and community features. For example, in the context of our musical heritage website, this includes managing concert notifications, membership status, and access to archival content. The legal basis for this processing is legitimate interest and contractual necessity, specifically to maintain your account and deliver requested services.

We process Technical Data which includes device information, IP addresses, browser types, and interaction patterns. This processing involves automated collection, analysis, and storage, enabling us to optimize website performance and user experience. For example, this includes adapting our audio player settings and ensuring smooth playback of historical recordings. The legal basis for this processing is legitimate interest, specifically to maintain website functionality and security.

We process Communication Data which includes email correspondence, support tickets, and newsletter subscriptions. This processing involves storing, organizing, and managing communications, enabling us to respond to inquiries and share updates about the Tommy Dorsey Orchestra community. The legal basis for this processing is consent and legitimate interest, specifically to maintain effective communication channels with our users.

We process Transaction Data which includes purchase history, payment details, and shipping information. This processing involves secure storage, verification, and processing of financial transactions, enabling us to manage merchandise sales and membership subscriptions. The legal basis for this processing is contractual necessity and legal obligation, specifically to fulfill orders and maintain financial records.

We process Preference Data which includes content preferences, notification settings, and customization choices. This processing involves storing and applying user preferences, enabling us to personalize your experience with historical content and modern interpretations. The legal basis for this processing is consent and legitimate interest, specifically to provide tailored content and services.

Security Implementation

Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.

We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.

Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.

Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.

We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.

All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.

International Data Transfers

We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Privacy Shield certification, and Binding Corporate Rules. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies

International transfers are protected by ISO 27001 standards, GDPR requirements, and regional data protection laws, ensuring compliance with international regulations. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures

Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees

Data Retention

We maintain specific retention periods for different data categories:

Account Information: Retained for the duration of active membership plus 2 years for account recovery and historical reference
Usage Data: Retained for 12 months to analyze usage patterns and improve services
Transaction Records: Retained for 7 years to comply with financial regulations
Communication History: Retained for 3 years to maintain service continuity
Technical Logs: Retained for 6 months for security and performance optimization

These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences

Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookie Policy for tommydorseyorchestra.com

Essential cookies are fundamental to website functionality. These cookies manage user authentication, maintain security protocols, and ensure basic site operations. We use them specifically for user login sessions, protecting user data during transactions, maintaining secure browsing, managing audio player preferences, and ensuring technical stability while streaming archival music content.

Essential Cookies serve core functions for basic website operation. They process authentication tokens and session data to enable seamless navigation and secure access. For example, in our musical archive context, these cookies maintain your playback preferences and playlist configurations while browsing our historical collections.

Functional Cookies enhance your experience by remembering your preferences. They enable customized language settings, region-specific concert information, interface personalization for our music player, feature optimization for audio quality, and storage of favorite artists and compositions. These cookies process user preference data to create a tailored browsing experience aligned with your musical interests.

Analytics Cookies help us understand user behavior. They collect information about how visitors interact with our musical archives, navigation patterns through historical content, feature usage of our audio players, session duration during concert recordings, and user preferences for different musical eras and artists.

Performance Cookies assess and improve website operation by monitoring streaming speeds, identifying technical issues with audio playback, optimizing content delivery for high-quality sound reproduction, analyzing user experience with our musical interface, and tracking system performance during live streaming events.

Cookie Management

You can control cookie preferences through your browser settings, our cookie consent tool, privacy preferences center, and account settings. We respect your right to choose which cookies to accept or decline.

GDPR Compliance

For EU residents, we ensure explicit consent mechanisms before setting non-essential cookies, minimize data collection to necessary information only, limit data use to stated purposes, implement strict storage limitations, and maintain complete processing transparency.

CCPA Compliance

California residents have additional rights including knowing about personal information collected through our music services, requesting deletion of personal data, opting out of data sales, receiving equal service regardless of privacy choices, and accessing collected information about their usage patterns.

COPPA Compliance

Regarding users under 13, we implement strict age verification requirements, require parental consent for access, limit data collection to essential information only, maintain special protection measures for young users’ data, and provide parental access rights to all collected information.

Updates and Changes

Our policy updates involve regular review procedures, proactive user notifications, consent renewal when required by law, clear documentation of changes, and continuous compliance monitoring to meet evolving privacy standards.

Contact Information

For privacy-related inquiries:
Primary Contact: [email protected]
Response Time: Within 48 hours
Verification Required: For data-related requests
Available Support: Privacy concerns, data requests, rights exercise

This policy was created specifically for tommydorseyorchestra.com and covers all associated services within the Home industry.