top of page

Privacy Policy

Last updated: [September 2025]

SongShift (“SongShift”, “we”, “our”, “us”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or interact with us.
 

1. Data We Collect

We may collect the following types of personal data:

  • Information you provide voluntarily (e.g. name, email address, company name) when you fill in forms, subscribe to a newsletter, or contact us.

  • Technical and usage information collected automatically when you use our website, such as IP address, browser type, and pages visited. This may be done via cookies or similar technologies.

  • Professional contact details (see section 5) for business-to-business outreach.
     

2. How We Use Your Data

We use your personal data for the following purposes:

  • To respond to inquiries and provide information about our services.

  • To send you newsletters and updates, if you have subscribed.

  • To analyse website usage and improve our site and services.

  • To conduct business-to-business outreach (see section 5).

  • To comply with legal obligations.

3. Cookies and Analytics

We use cookies and Google Analytics to understand how visitors use our website. Cookies are small files placed on your device. You can refuse or disable cookies through your browser settings, but this may affect functionality.


 

4. Legal Basis for Processing

In accordance with the General Data Protection Regulation (GDPR), our legal bases for processing include:

  • Consent: for example, when you subscribe to a newsletter.

  • Legitimate interests: such as responding to inquiries, understanding website usage, and conducting outreach to relevant professionals.

  • Legal obligations: if processing is required by law.


5. Business-to-Business Outreach

From time to time, we may contact professionals in HR, L&D, leadership, and related roles at creative, music, and adjacent companies about SongShift services, workshops, or offers that may be relevant to their role.

  • Data collected: name, job title, company name, business email address.

  • Source of data: publicly available sources (e.g. company websites, LinkedIn) or reputable business databases.

  • Legal basis: legitimate interest (GDPR Article 6(1)(f)). We have completed a Legitimate Interest Assessment to ensure this processing is balanced, proportionate, and respects individuals’ rights.

  • Retention: If there is no engagement within 6–12 months, prospect data will be deleted.

  • Opt-out / objection: Every outreach email will include a clear unsubscribe option or instructions to reply and opt out. You can also object to such processing at any time by contacting us at privacy@songshift.co.

  • Third-party processors: We may use service providers (e.g. email automation tools) to facilitate outreach. If data is processed outside the EU, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) are in place.

 

6. How We Store Your Data

We only retain your personal data for as long as necessary for the purposes set out in this policy. We regularly review retention periods and securely delete data that is no longer required.

 

7. Sharing Your Data

We do not sell your data. We may share data with trusted third-party service providers who process data on our behalf (e.g. website hosting, analytics, communication tools). These providers are bound by strict contractual obligations to keep your data secure.

 

8. International Transfers

We primarily store and process data within the European Union. Where transfers outside the EU are necessary (for example, when using a service provider based abroad), we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs).

 

9. Your Rights

Under GDPR, you have the right to:

  • Access your personal data.

  • Correct or update inaccurate data.

  • Request deletion of your data.

  • Withdraw consent (where applicable).

  • Object to processing, including for direct marketing.

  • Request restriction of processing or data portability.

To exercise your rights, contact us at privacy@songshift.co.

 

10. Security

We take appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse.

 

11. Changes to this Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a new “last updated” date.

 

12. Contact

For questions about this Privacy Policy or our data practices, please contact:

SongShift B.V.
Email: info@songshift.co
 

bottom of page