Data and privacy policy

TrueLinked (Network Service for Truelinked ApS, Thistedgade 10, 2630 Taastrup, Denmark. CVR.nr. 35529160) ("We") are committed to protecting and respecting your privacy.

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.truelinked.com and any sub-sites and subdomains and any technical applications (including so-called apps) you are accepting and consenting to the practices described in this policy.

For the purpose of the General Data Protection Regulation (EU) 2016/679, the data processor is Truelinked (Network Service for Truelinked ApS, Thistedgade 10, 2630 Taastrup, Denmark. CVR.nr. 35529160)

Our Data Protection Officer for the purpose of this Data and Privacy Policy is Jan Pilgaard Carlsen, jpc@truelinked.com

The following is a general description of the principles we follow, however, in the section Data Processing below, you can dig deeper into our concrete compliance with the General Data Protection Regulation (EU) 2016/679, the so-called "Data Processor Agreement" between us.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

USES MADE OF THE INFORMATION

We use information held about you in the following ways:

DISCLOSURE OF YOUR INFORMATION

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries as long as the necessary permission has been granted by you.

We may share your information with selected third parties including:

WHERE WE STORE YOUR PERSONAL DATA

The data that we collect from you may be transferred to and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the negotiations for potential engagements, the processing of your payment details and the provision of support services. By submitting your personal data and agreeing to this policy, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. Such transfer is however subject to your approval of our terms of use and transfer can only take place to the data processors mentioned below.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access or the accidental deletion or corruption of your data.

YOUR RIGHTS

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

ACCESS TO INFORMATION ABOUT YOU AND YOUR RIGHT TO BE FORGOTTEN BY US

You have the right to access information held about you and request to be removed from our system(s). If you find us to hold incorrect information, please let us know and we will correct it.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.

CONTACT

Questions, comments, and requests regarding this privacy policy are welcomed and should be addressed to Network Service for Truelinked ApS, Thistedgade 10, 2630 Taastrup, Denmark or info@truelinked.com

DATA PROCESSOR AGREEMENT

Regarding the Data Processor's processing of personal data on behalf of the Data Controller ("You").

  1. The processed personal data

    1.1 This Agreement has been entered into in connection with the Parties' conclusion of agreement regarding an online recruiting platform provided by the Data Processor, designed to improve the Data Controller's casting process in the opera and classical music business (the "Main Agreement").

    1.2 The Data Processor processes the types of personal data on behalf of the Data Controller in relation to the relevant data subjects as specified in Schedule 1. The personal data relates to the data subjects listed in Schedule 1.

    1.3 The Data Processor may initiate processing of personal data on behalf of the Data Controller after the Agreement enters into force. The processing has the duration as specified in the instructions in Schedule 1 of the Agreement.

    1.4 The Agreement and the Main Agreement are interdependent and cannot be terminated separately. However, the Agreement may be replaced with another valid Data Processor Agreement without terminating the Main Agreement.

  1. Purpose

    2.1 The Data Processor must only process personal data for purposes which are necessary in order to provide an online recruiting platform and in doing so providing the services set out in the Main Agreement.

  1. Obligations of the Data Controller

    3.1 The Data Controller warrants that the personal data is processed for legitimate and objective purposes and that the Data Processor is not processing more personal data than required for fulfilling such purposes.

    3.2 The Data Controller is responsible for ensuring that a valid legal basis for processing exists at the time of transferring the personal data to the Data Processor. Upon the Data Processor's request, the Data Controller undertakes, in writing, to account for and/or provide documentation of the basis for processing.

    3.3 In addition, the Data Controller warrants that the data subjects to which the personal data pertains have been provided with sufficient information on the processing of their personal data.

    3.4 Any instructions regarding the processing of personal data carried out under this Agreement must primarily be submitted to the Data Processor. In case the Data Controller instructs a sub-data processor, appointed in accordance with clause 5.1 directly, the Data Controller must immediately inform the Data Processor hereof. The Data Processor shall not in any way be liable for any processing carried out by the sub-data processor in accordance with such instructions.

  1. Obligations of the Data Processor

    4.1 All processing by the Data Processor of the personal data provided by the Data Controller must be in accordance with instructions prepared by the Data Controller, and the Data Processor is, furthermore, obliged to comply with any and all data protection legislation in force from time to time.

    If Union law or law of a Member State to which the Data Processor is subject to stipulates that the Data Processor is required to process the personal data listed in clause 1.2, the Data Processor must inform the Data Controller of that legal requirement before processing. However, this does not apply if this legislation prohibits such information on important grounds of public interests.

    The Data Processor must immediately inform the Data Controller if, in the Data Processor's opinion, an instruction infringes the EU General Data Protection Regulation or the data protection provisions of a Member State.

    4.2 The Data Processor must take all necessary technical and organisational security measures, including any additional measures, required to ensure that the personal data specified in clause 1.2 is not accidentally or unlawfully destroyed, lost or impaired or brought to the knowledge of unauthorised third parties, abused or otherwise processed in a manner which is contrary to Danish data protection legislation in force at any time.

    4.3 The Data Processor must ensure that employees authorized to process the personal data have committed themselves to confidentiality or are under appropriate statutory obligation of confidentiality.

    4.4 If so requested by the Data Controller, the Data Processor must state and/or document that the Data Processor complies with the requirements of the applicable data protection legislation, including documentation regarding the data flows of the Data Processor as well as procedures/policies for processing of personal data.

    4.5 Taking into account the nature of the processing, the Data Processor must, as far as possible, assist the controller by appropriate technical and organisational measures, for the fulfilment of the Data Controller's obligation to respond to requests for exercising the data subject's rights as laid down in chapter 3 in the General Data Protection Regulation.

    4.6 The Data Processor, or another data processor (sub-data processor) must send requests and objections from data subjects to the Data Controller, for the Data Controller's further processing thereof, unless the Data Processor is entitled to handle such request itself. If requested by the Data Controller, the Data Processor must assist the Data Controller in answering any such requests and/or objections.

    4.7 If the Data Processor processes personal data in another member state, the Data Processor must comply with legislation concerning security measures in that member state.

    4.8 The Data Processor must notify the Data Controller where there is an interruption in operation, a suspicion that data protection rules have been breached or other irregularities in connection with the processing of the personal data occur. The Data Processor's deadline for notifying the Data Controller of a security breach is 24 hours from the moment the Data Processor becomes aware of a security breach. If requested by the Data Controller, the Data Processor must assist the Data Controller in relation to clarifying the scope of the security breach, including preparation of any notification to the Danish Data Protection Agency and/or data subjects.

    4.9 The Data Processor must make available to the Data Controller all information necessary to demonstrate compliance with article 28 of the General Data Protection Regulation and the Agreement. In this connection the Data Processor allows for and contributes to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller.

    4.10 In addition to the above, the Data Processor must assist the Data Controller in ensuring compliance with the Data Controller's obligations under article 32-36 of the General Data Protection Regulation. This assistance will take into account the nature of the processing and the information available to the Data Processor.

  1. Transfer of data to sub-data processors or third parties

    5.1 The Data Processor must comply with the conditions laid down in article 28, paragraph 2 and 4 of the General Data Protection Regulation to engage another data processor (sub-data processor).

    This implies that the Data Processor does not engage another data processor (sub-data processor) to performance of the Agreement without prior specific or general written approval from the Data Controller.

    5.2 The Data Controller hereby grants the Data Processor a general power of attorney to enter into agreements with sub-data processors. The Data Processor must notify the Data Controller of any changes concerning the addition or replacements of sub-data processors. The Data Controller can make reasonable and relevant objections against such changes. If the Data Processor continues to wish to use a sub-data processor that the Data Controller has objected to, the Parties have the right to terminate the Agreement and, if applicable, the Main Agreement with a shorter notice, cf. 7.2. During this period the Data Controller must not require that the Data Processor do not use the sub-data processor in question.

    5.3 When the Data Controller has approved that the Data Processor can use a sub-data processor the Data Processor must impose the same obligations on the sub-data processor as set out in the Agreement. This is executed through a contract or another legal act under EU law or the law of a Member State. It must be ensured, i.e., that sufficient guarantees are provided from the sub-data processor to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the General Data Protection Regulation ("back-to-back" terms).

    5.4 If the sub-data processor fails to fulfill its data protection obligations, the Data Processor remains fully liable to the Data Controller for the performance of the sub-data processor's obligations.

    5.5 Disclosure, transfer and internal use of the Data Controller's personal data to third countries or international organisations may only take place in accordance with documented instructions from the Data Controller - unless stipulated by EU law or the law of a Member State to which the Data Processor is subject. If so, the Data Processor must notify the Data Controller of this legal requirement before processing, unless the law prohibits such notification for important grounds of public interests.

    5.6 If the personal data stipulated in clause 1.2 is transferred to foreign sub-data processors, it must, in the said data processor agreement, be stated that the data protection legislation applicable in the Data Controller's country applies to foreign sub-data processors. Furthermore, if the receiving sub-data processor is established within the EU, it must be stated in the said data processor agreement that the receiving EU country's specific statutory requirements regarding data processors, e.g. concerning demands for notification to national authorities must be complied with.

    5.7 The Data Processor must, on behalf of the Data Controller, enter into written data processor agreements with sub-data processors within the EU/EEA. As for sub-data processors outside the EU/EEA, the Data Processor must enter into standard agreements in accordance with Commission Decision 2010/87/EU of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries ("Standard contracts").

    5.8 The Data Controller hereby grants the Data Processor a general power of attorney to enter into standard contracts with sub-data processors outside the EU/EEA on behalf of the Data Controller, provided that the Data Controller has given prior written instructions in accordance with clause 5.1 - 5.2.

    5.9 At the time of the signature of this Agreement, the Data Processor engages the sub-data processors listed in Schedule 2.

  1. Precedence

    6.1 Unless otherwise expressively stated in this Agreement, the Main Agreement applies to the contractual relationship between the Parties. If there is any conflict or inconsistency between this Agreement and the Main Agreement, the Main Agreement will take precedence and apply to the extent of the conflict or inconsistency.

  1. Governing law and jurisdiction

    7.1 Any claim or dispute arising from or in connection with this Agreement must be settled by a competent court of the first instance in the same jurisdiction as stated in the Main Agreement.

Schedule 1:

  1. Categories of data subjects and types of personal data;
  2. Retention period and deletion procedure;
  3. Location of processing.
  1. Categories of data subjects:
Category of data subjects: Artists

Type of personal data:

Truelinked processes these data:

Name

Yes

E-mail

Yes

Phone number

Yes

Address

Yes

Username (email)

Yes

Access code

Yes

Gender

No

Nationality

Yes

Description of the artist's abilities

Yes

Price regarding the services of the artist

Yes

Passport data

Yes

Pictures

Yes


  1. Retention period and deletion procedure:

    The personal data is stored at the Data Processor until the Data Controller requests the data to be deleted or returned or until it is deemed unnecessary to keep for the data processor's purposes.

  1. Location of processing:

    Processing of the personal data covered by the Agreement must not be done without the Data Controller's prior written consent at locations other than the following:

    Thistedgade 10, st. tv., 2630 Taastrup, Denmark| .

    Schedule 2: Sub-data processors.

    At the time this Agreement enters into force the Data Controller has approved the use of the following sub-data processors:

Name

Country

Description of processing

Amazon Web Services Ltd.

United States

Cloud Services Provider

Truelinked Operations India Pvt. Ltd.

India

Operational tasks, customer service

Zendesk

United States

Cloud Customer Service

Mailchimp

United States

Emailing (special consent obtained individually for marketing emails)

Google LLC

United States

Cloud Services Provider

Mixpanel

United States

Product Analysis

Segment

United States

Product Analysis

Pipedrive

United States

Customer Relations Management

Stripe

United States

Payments and subscriptions

E-conomic

Denmark

Invoicing

Hellosign (JN Projects Inc.)

United States

Contract handling

Contractbook

Denmark

Contract handling

Slack

United States

Customer Relations Management, Customer Service

Vizteck

Pakistan

Software Development and Maintenance

Arts Organization

TrueLinked (Network Service for Truelinked ApS, Thistedgade 10, 2630 Taastrup, Denmark. CVR.nr. 35529160) ("We") are committed to protecting and respecting your privacy.

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.truelinked.com and any sub-sites and subdomains and any technical applications (including so-called apps) you are accepting and consenting to the practices described in this policy.

For the purpose of the General Data Protection Regulation (EU) 2016/679, the data processor is Truelinked (Network Service for Truelinked ApS, Thistedgade 10, 2630 Taastrup, Denmark. CVR.nr. 35529160)

Our Data Protection Officer for the purpose of this Data and Privacy Policy is Jan Pilgaard Carlsen, jpc@truelinked.com

The following is a general description of the principles we follow, however, in the section Data Processing below, you can dig deeper into our concrete compliance with the General Data Protection Regulation (EU) 2016/679, the so-called "Data Processor Agreement" between us.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

USES MADE OF THE INFORMATION

We use information held about you in the following ways:

DISCLOSURE OF YOUR INFORMATION

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries as long as the necessary permission has been granted by you.

We may share your information with selected third parties including:

We may disclose your personal information to third parties:

WHERE WE STORE YOUR PERSONAL DATA

The data that we collect from you may be transferred to and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the negotiations for potential engagements, the processing of your payment details and the provision of support services. By submitting your personal data and agreeing to this policy, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. Such transfer is however subject to your approval of our terms of use and transfer can only take place to the data processors mentioned below.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access or the accidental deletion or corruption of your data.

YOUR RIGHTS

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

ACCESS TO INFORMATION ABOUT YOU AND YOUR RIGHT TO BE FORGOTTEN BY US

You have the right to access information held about you and request to be removed from our system(s). If you find us to hold incorrect information, please let us know and we will correct it.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.

CONTACT

Questions, comments, and requests regarding this privacy policy are welcomed and should be addressed to Network Service for Truelinked ApS, Thistedgade 10, 2630 Taastrup, Denmark or info@truelinked.com

DATA PROCESSOR AGREEMENT

Regarding the Data Processor's processing of personal data on behalf of the Data Controller ("You").

  1. The processed personal data

    1.1 This Agreement has been entered into in connection with the Parties' conclusion of agreement regarding an online recruiting platform provided by the Data Processor, designed to improve the Data Controller's casting process in the opera and classical music business (the "Main Agreement").

    1.2 The Data Processor processes the types of personal data on behalf of the Data Controller in relation to the relevant data subjects as specified in Schedule 1. The personal data relates to the data subjects listed in Schedule 1.

    1.3 The Data Processor may initiate processing of personal data on behalf of the Data Controller after the Agreement enters into force. The processing has the duration as specified in the instructions in Schedule 1 of the Agreement.

    1.4 The Agreement and the Main Agreement are interdependent and cannot be terminated separately. However, the Agreement may be replaced with another valid Data Processor Agreement without terminating the Main Agreement.

  1. Purpose

    2.1 The Data Processor must only process personal data for purposes which are necessary in order to provide an online recruiting platform and in doing so providing the services set out in the Main Agreement.

  1. Obligations of the Data Controller

    3.1 The Data Controller warrants that the personal data is processed for legitimate and objective purposes and that the Data Processor is not processing more personal data than required for fulfilling such purposes.

    3.2 The Data Controller is responsible for ensuring that a valid legal basis for processing exists at the time of transferring the personal data to the Data Processor. Upon the Data Processor's request, the Data Controller undertakes, in writing, to account for and/or provide documentation of the basis for processing.

    3.3 In addition, the Data Controller warrants that the data subjects to which the personal data pertains have been provided with sufficient information on the processing of their personal data.

    3.4 Any instructions regarding the processing of personal data carried out under this Agreement must primarily be submitted to the Data Processor. In case the Data Controller instructs a sub-data processor, appointed in accordance with clause 5.1 directly, the Data Controller must immediately inform the Data Processor hereof. The Data Processor shall not in any way be liable for any processing carried out by the sub-data processor in accordance with such instructions.

  1. Obligations of the Data Processor

    4.1 All processing by the Data Processor of the personal data provided by the Data Controller must be in accordance with instructions prepared by the Data Controller, and the Data Processor is, furthermore, obliged to comply with any and all data protection legislation in force from time to time.

    If Union law or law of a Member State to which the Data Processor is subject to stipulates that the Data Processor is required to process the personal data listed in clause 1.2, the Data Processor must inform the Data Controller of that legal requirement before processing. However, this does not apply if this legislation prohibits such information on important grounds of public interests.

    The Data Processor must immediately inform the Data Controller if, in the Data Processor's opinion, an instruction infringes the EU General Data Protection Regulation or the data protection provisions of a Member State.

    4.2 The Data Processor must take all necessary technical and organisational security measures, including any additional measures, required to ensure that the personal data specified in clause 1.2 is not accidentally or unlawfully destroyed, lost or impaired or brought to the knowledge of unauthorised third parties, abused or otherwise processed in a manner which is contrary to Danish data protection legislation in force at any time.

    4.3 The Data Processor must ensure that employees authorized to process the personal data have committed themselves to confidentiality or are under appropriate statutory obligation of confidentiality.

    4.4 If so requested by the Data Controller, the Data Processor must state and/or document that the Data Processor complies with the requirements of the applicable data protection legislation, including documentation regarding the data flows of the Data Processor as well as procedures/policies for processing of personal data.

    4.5 Taking into account the nature of the processing, the Data Processor must, as far as possible, assist the controller by appropriate technical and organisational measures, for the fulfilment of the Data Controller's obligation to respond to requests for exercising the data subject's rights as laid down in chapter 3 in the General Data Protection Regulation.

    4.6 The Data Processor, or another data processor (sub-data processor) must send requests and objections from data subjects to the Data Controller, for the Data Controller's further processing thereof, unless the Data Processor is entitled to handle such request itself. If requested by the Data Controller, the Data Processor must assist the Data Controller in answering any such requests and/or objections.

    4.7 If the Data Processor processes personal data in another member state, the Data Processor must comply with legislation concerning security measures in that member state.

    4.8 The Data Processor must notify the Data Controller where there is an interruption in operation, a suspicion that data protection rules have been breached or other irregularities in connection with the processing of the personal data occur. The Data Processor's deadline for notifying the Data Controller of a security breach is 24 hours from the moment the Data Processor becomes aware of a security breach. If requested by the Data Controller, the Data Processor must assist the Data Controller in relation to clarifying the scope of the security breach, including preparation of any notification to the Danish Data Protection Agency and/or data subjects.

    4.9 The Data Processor must make available to the Data Controller all information necessary to demonstrate compliance with article 28 of the General Data Protection Regulation and the Agreement. In this connection the Data Processor allows for and contributes to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller.

    4.10 In addition to the above, the Data Processor must assist the Data Controller in ensuring compliance with the Data Controller's obligations under article 32-36 of the General Data Protection Regulation. This assistance will take into account the nature of the processing and the information available to the Data Processor.

  1. Transfer of data to sub-data processors or third parties

    5.1 The Data Processor must comply with the conditions laid down in article 28, paragraph 2 and 4 of the General Data Protection Regulation to engage another data processor (sub-data processor).

    This implies that the Data Processor does not engage another data processor (sub-data processor) to performance of the Agreement without prior specific or general written approval from the Data Controller.

    5.2 The Data Controller hereby grants the Data Processor a general power of attorney to enter into agreements with sub-data processors. The Data Processor must notify the Data Controller of any changes concerning the addition or replacements of sub-data processors. The Data Controller can make reasonable and relevant objections against such changes. If the Data Processor continues to wish to use a sub-data processor that the Data Controller has objected to, the Parties have the right to terminate the Agreement and, if applicable, the Main Agreement with a shorter notice, cf. 7.2. During this period the Data Controller must not require that the Data Processor do not use the sub-data processor in question.

    5.3 When the Data Controller has approved that the Data Processor can use a sub-data processor the Data Processor must impose the same obligations on the sub-data processor as set out in the Agreement. This is executed through a contract or another legal act under EU law or the law of a Member State. It must be ensured, i.e., that sufficient guarantees are provided from the sub-data processor to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the General Data Protection Regulation ("back-to-back" terms).

    5.4 If the sub-data processor fails to fulfill its data protection obligations, the Data Processor remains fully liable to the Data Controller for the performance of the sub-data processor's obligations.

    5.5 Disclosure, transfer and internal use of the Data Controller's personal data to third countries or international organisations may only take place in accordance with documented instructions from the Data Controller - unless stipulated by EU law or the law of a Member State to which the Data Processor is subject. If so, the Data Processor must notify the Data Controller of this legal requirement before processing, unless the law prohibits such notification for important grounds of public interests.

    5.6 If the personal data stipulated in clause 1.2 is transferred to foreign sub-data processors, it must, in the said data processor agreement, be stated that the data protection legislation applicable in the Data Controller's country applies to foreign sub-data processors. Furthermore, if the receiving sub-data processor is established within the EU, it must be stated in the said data processor agreement that the receiving EU country's specific statutory requirements regarding data processors, e.g. concerning demands for notification to national authorities must be complied with.

    5.7 The Data Processor must, on behalf of the Data Controller, enter into written data processor agreements with sub-data processors within the EU/EEA. As for sub-data processors outside the EU/EEA, the Data Processor must enter into standard agreements in accordance with Commission Decision 2010/87/EU of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries ("Standard contracts").

    5.8 The Data Controller hereby grants the Data Processor a general power of attorney to enter into standard contracts with sub-data processors outside the EU/EEA on behalf of the Data Controller, provided that the Data Controller has given prior written instructions in accordance with clause 5.1 - 5.2.

    5.9 At the time of the signature of this Agreement, the Data Processor engages the sub-data processors listed in Schedule 2.

  1. Precedence

    6.1 Unless otherwise expressively stated in this Agreement, the Main Agreement applies to the contractual relationship between the Parties. If there is any conflict or inconsistency between this Agreement and the Main Agreement, the Main Agreement will take precedence and apply to the extent of the conflict or inconsistency.

    1. Governing law and jurisdiction

    7.1 Any claim or dispute arising from or in connection with this Agreement must be settled by a competent court of the first instance in the same jurisdiction as stated in the Main Agreement.

    Schedule 1:

  1. Categories of data subjects and types of personal data;
  2. Retention period and deletion procedure;
  3. Location of processing.
  1. Categories of data subjects:

Category of data subjects: Artists

Type of personal data:

Truelinked processes these data:

Name

Yes

E-mail

Yes

Phone number

Yes

Address

Yes

Username (email)

Yes

Access code

Yes

Gender

No

Nationality

Yes

Description of the artist's abilities

Yes

Price regarding the services of the artist

Yes

Passport data

Yes

Pictures

Yes


  1. Retention period and deletion procedure:

The personal data is stored at the Data Processor until the Data Controller requests the data to be deleted or returned or until it is deemed unnecessary to keep for the data processor's purposes.

  1. Location of processing:

Processing of the personal data covered by the Agreement must not be done without the Data Controller's prior written consent at locations other than the following:

Thistedgade 10, st. tv., 2630 Taastrup, Denmark.

Schedule 2: Sub-data processors.

At the time this Agreement enters into force the Data Controller has approved the use of the following sub-data processors:

Name

Country

Description of processing

Amazon Web Services Ltd.

United States

Cloud Services Provider

Truelinked Operations India Pvt. Ltd.

India

Operational tasks, customer service

Zendesk

United States

Cloud Customer Service

Mailchimp

United States

Emailing (special consent obtained individually for marketing emails)

Google LLC

United States

Cloud Services Provider

Mixpanel

United States

Product Analysis

Segment

United States

Product Analysis

Pipedrive

United States

Customer Relations Management

Stripe

United States

Payments and subscriptions

E-conomic

Denmark

Invoicing

Hellosign (JN Projects Inc.)

United States

Contract handling

Contractbook

Denmark

Contract handling

Slack

United States

Customer Relations Management, Customer Service

Vizteck

Pakistan

Software Development and Maintenance