Privacy Policy

Last Updated and Effective: [January 2, 2024]

This Privacy Notice describes the policies and practices of the National Association of Music Merchants, a not-for-profit association within the musical instrument and sound and event technology industry, the NAMM Foundation, a not-for-profit association that promotes and supports music education and music making for people of all ages and abilities, and NAMM International, LLC, (collectively, “NAMM” "we" or “us” or “our”) with respect to NAMM’s collection, use, and disclosure of personal information. As used herein: “personal information” is information that identifies you or can be used to identify or contact you; and “you” and “your” mean a user of the Service (as defined below) and in addition, when the user of the Service is a minor over the age of 13 registered by a parent and/or guardian, the terms “you” and “your” also include such parent and/or guardian.

This Privacy Notice applies to information collected through: your use of the NAMM websites at https://www.namm.org, https://www.nammfoundation.org, https://www.museumofmakingmusic.org, https://tecawards.org and any subdomains of any of the foregoing (the “websites”) and (1) the services, features, and information available on the websites and/or any mobile applications we may offer; (2) the Museum of Making Music; and (3) our live events including trade shows ((1), (2), and (3), collectively, and together with the websites, along with associated and successor sites, applications, features, information, and services, or any part thereof, the “Service”).

As used in this Privacy Notice (a) “GDPR” means the General Data Protection Regulation (EU) 2016/679; (b) “UK Data Protection Laws” means the UK GDPR and the UK’s Data Protection Act 2018 (“UK DPA 2018”); (c) “UK GDPR” means the UK equivalent of the GDPR, as defined in section 3(10) (and as supplemented by section 205(4)) of the UK DPA 2018; and (d) “European Data Protection Laws” means the GDPR and/or UK Data Protection Laws, in each case to the extent applicable.

As used in this Privacy Notice, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing, and transferring information within NAMM or among our affiliates within the United States or internationally.

1. How We Collect Personal Information

We collect information (a) that you submit to us, (b) from third parties providing credit and debit card authorization and fraud screening services as part of your use of the Service, (c) automatically when you access the Service, and (d) from third-party sources, such as commercial partners. By visiting and interacting with our websites and mobile apps, we collect

certain technical data by automated means such as your IP address, browser type and version, operating system, and analytic information about your activity on the website or app. In most cases, this information is collected through web server logs or through the use of cookies and related technologies, as described in Section 1(A) below.

If you provide information to NAMM about another person, including as described in this section, you represent and warrant to NAMM that you have provided notice and obtained all consents and rights from such other person as required by applicable law to enable NAMM to process, and determine the purposes and means of processing of, such information, including as described in this Privacy Notice.

A. Cookies and Log Files

Cookies are small files that are stored on your device when you visit a site. We use cookies to do a number of things such as remember your preferences, record what you have put in your shopping cart, help process online donations (for the NAMM Foundation), allow you to log into your member profile, allow you to subscribe to our newsletters, and analyze your web page visits and activity to help us improve our offerings and target our advertising and/or programs based on your inferred interests. Cookies are often used in a manner such that they can be associated with you. Here are the types of cookies you will encounter in using our websites:

· Strictly Necessary – These are required by our websites to perform certain functions such as allowing you to log in to your member profile, make online purchases, or donate (for the NAMM Foundation) through our website;

· Functional – These help to improve your experience by doing things like remembering products or donations (for the NAMM Foundation) you’ve added to your shopping cart or remembering certain preferences you have set;

· Analytic – These are used to analyze, in an aggregated manner, the way our websites are used so that we can improve the websites and our offerings. We use Google Analytics for this purpose; and

· Advertising – These cookies record browsing activity on our websites and others as well as links and advertisements you have clicked. They are set by third-party advertising networks we use, and their purpose is to allow delivery of our advertisements to you on other sites based on your inferred interests as indicated by the information they record. They also may be used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign;

For the avoidance of doubt, the Service uses third-party service platforms (including to help analyze how users use the Service). These third-party service platforms may place cookies on your computer or mobile device. If you would like to disable "third party" cookies, you may be able to turn them off by going to the third party's website.

Here is a link to the main third-party platform we use: https://www.google.com/policies/privacy/

Most Internet browser settings will allow you to accept, reject, delete, and otherwise manage cookies. You can find more information about this at https://www.allaboutcookies.org. Blocking our strictly necessary cookies may prevent certain functions of our websites from working properly or at all.

B. Public Areas

The Service may feature various community areas, public-facing profiles, and other public forums (the "Public Areas") where Service users can share information and post questions for others to answer. These Public Areas are open to the public and should not be considered private. We cannot prevent information included within a Public Area from being used in a manner inconsistent with this Privacy Notice, the law, or your personal privacy. We are not responsible for the results of such postings or for the accuracy of any information contained in those postings.

Any information you share in a Public Area is by design open to the public and is not private. You should think carefully before posting any information in any Public Area. What you post can be seen, disclosed to or collected by others and may be used by others in ways we cannot regulate or predict. As with any public forum on any website, the information you post may also show up in third-party search engines like Google, Yahoo, and Bing. If you mistakenly post personal information in a Public Area you can send us an e-mail to request that we remove it by contacting us at privacy-policy@namm.org. You should understand that in some cases, we may not be able to remove your information.

Any information shared in the Public Areas of the Service is available to the public, including to all users. Such information is not treated as confidential. If you wish to keep any information private or proprietary, do not submit it to the Public Areas of the Service. NOTWITHSTANDING THE FOREGOING, WE HAVE NO RESPONSIBILITY OR LIABILITY IF A USER’S INFORMATION OR IDENTITY IS MISUSED OR STOLEN, OR IF A USER SUFFERS HARM AS A RESULT OF VOLUNTARY DISCLOSURES.

C. Children

We are committed to protecting the privacy of children. The websites are not designed for or directed to children under the age of 13. We do not collect personal information via the websites from any person we actually know is under the age of 13. High school students, who are at least 13 years of age but are minors, may attend our live events if a parent or guardian registers such student and completes a waiver for attendance at the live event.

2. Types of Personal Information We Collect and How We Use It

NAMM collects personal information about our members, customers, vendors, speakers, exhibitors, and museum visitors , and others with whom we interact, and for the NAMM Foundation, donors and grantees. This may include your: first name, last name, job title, employer name, address, email address, phone number, age, product interests and

preferences, professional interests, demographic data, biographical information, photograph, social media handles, video and audio recordings of live events, payment and billing information, signature, the content of any message you submit to us, IP address, industry contacts, music product preferences, information about your interactions with us, and other information as further described in this Privacy Notice, and for the NAMM Foundation, information about your donations and grant applications. In addition to the information noted above, for individuals who must request a visa to attend a live event, we may collect your passport number, NAMM member number (if applicable), country of residence, citizenship, and arrival and departure dates. We use this information to market, improve and provide the Service as well as any others of our products and services and otherwise operate our organization, including providing membership services, organizing and promoting NAMM events, generating and disseminating trade and industry information, providing information about NAMM’s various other programs and activities, and for such other uses as described in this Privacy Notice.

Personal information amounts to ‘personal data’ for the purposes of and as defined in the European Data Protection Laws (to the extent applicable). All references to personal information shall be deemed to include ‘personal data’ as defined and used in the European Data Protection Laws (to the extent applicable).

A. Membership

When you become a member of NAMM, we collect information about your company and individual contacts who work at the company, including names, email addresses, phone numbers, fax numbers, company address, number of employees, and type of business. Members have a profile on our websites and authorized member representatives may update, supplement, or delete their member profile information (although certain minimum member information must be maintained by us).

We use members’ company and personal information for membership administration, to deliver member benefits, and to inform our members of NAMM-related events, content, and other benefits or opportunities associated with membership. NAMM also uses this information to help us understand our members’ needs and interests so that we can better meet them and to improve our products and services.

B. Live Events

NAMM organizes, hosts, and participates in trade shows and other live events during the year. If you register for one of our events and you are a member, we will access and use the information in your member account for purposes of facilitating your registration for the event. If you are not a member and you register for one of our events, we will collect your name and contact information, including email address, phone number (including to text you in the event of an emergency), and address, for that purpose. Additionally, we may use such information in order to create a badge for you to use while you attend the event. In either case, we request supplemental information from attendees about themselves and their interests, preferences,

and demographics and we use this information to facilitate attendee preferences and to tailor the event programming and communications according to their expressed interests. Some of this information is collected through mobile apps that are designed to allow attendees to access live event information and help them plan their attendance. We keep a record of this information and your participation at events and use it to help us tailor and improve future live events and programs. Some of this information may be optional as indicated by the event registration form on our websites or in the app. If you are a high school student at least 13 years of age that attends a live event after being registered by a parent or guardian, we will collect only the information necessary for you to attend the event, as well as your grade level.

If you are a speaker at one of our events, we will collect information about you including your name, employer, contact details, biographical information, session title, social media handle, internet site, event, program, and photograph, and we may also collect information provided by event attendees who evaluated your performance as a speaker.

NAMM and third-party participants at our events (such as sponsors, exhibitors, and general attendees) may create video and audio recordings of the live event, including of attendees generally and of particular presentations and performances. It is not possible to guarantee that you will not be recorded in this manner if you attend a live event.

C. Publications

You may subscribe to receive certain NAMM newsletters and other publications without becoming a member of NAMM, however, to receive NAMM newsletters by email, you will need to create a “profile” with us, which minimally requires providing your first name and last name and email address. We may use this information to provide information about our events, products and services. You may unsubscribe and manage your NAMM subscription preferences via links in the newsletter, in your online profile, or by contacting us at membership@NAMM.org.

We conduct surveys that we use to gain industry insight and to improve our offerings. Participation in surveys is voluntary. Additionally, the websites may use interfaces with social media sites such as Facebook, LinkedIn, Twitter and others. If you choose to “like” or share information from the NAMM websites through these services, we may be notified of such activity.

D. Your Correspondence with NAMM

If you correspond with us by email, the postal service, or other form of communication, we may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of NAMM events, publications, or other services; or to keep a record of your complaint, accommodation request, and the like.

E. Payment Card Information

NAMM may collect and retain certain payment and billing information if you choose to purchase goods or services (or, in the case of the NAMM Foundation, to make a donation) using

a payment card. Typically, payment card information is provided directly to NAMM’s third-party credit card processors by users, via NAMM’s website. Note, however, that the full credit card number itself is stored by NAMM’s third-party credit card processor, not by NAMM, and may be retained for purposes of processing the recurring or future purchases you request, such as recurring membership fees and, for the NAMM Foundation, donations you choose to make.

F. Other Ways We May Use Your Personal Information

Pursuant to the European Data Protection Laws, legal bases for our processing your personal information may include (without limitation):

  • where you have given consent to the processing, which consent may be withdrawn at any time without affecting the lawfulness of processing based on consent prior to withdrawal;
  • where it is necessary to perform the contract we have entered into or are about to enter into with you (whether in relation to the provision of the Service or otherwise);
  • where it is necessary for us to comply with a legal obligation to which we are subject; and/orwhere it is necessary for the purposes of our legitimate interests (or those of a third party) in providing, improving, or marketing the Service and your interests or fundamental rights and freedoms do not override those legitimate interests.

In addition to the uses described above, we use your personal information for the following purposes.

  • To administer, protect, operate, and maintain our websites, systems, and networks;
  • To help deliver information about our offerings to our customers and prospective customers;
  • To customize, measure, and improve our websites, services (including the Service), and advertising;
  • To analyze and develop new products, services, programs, and sites or improve existing ones;
  • To perform accounting, auditing, billing, reconciliation, collection, and similar administrative activities;
  • To document the history of the music industry;
  • In connection with the NAMM Foundation
    • To promote and operate our organization and its various programs and to solicit and process the donations that fund them; 
    • To identify, connect with, and provide information to donors, prospective donors, and those who participate in the programs we provide or fund;
  • To prevent, detect, identify, investigate, respond to, and protect against potential or actual claims, liabilities, prohibited behavior, and criminal activity;
  • To comply with and enforce applicable legal requirements, agreements, and policies; and
  • To perform other activities consistent with this Privacy Notice

3. Third-Party Sites

Note that links on our websites and mobile apps may lead you to third-party sites or apps that operate under different privacy practices. We want to caution you that you must take the responsibility of reviewing the privacy policies and notices for such other sites, as we have no control over information that is submitted to these third parties and are not responsible for the privacy practices of any sites or services other than the Service. A link to a third-party site does not constitute or imply endorsement by us. Additionally, we cannot guarantee the quality or accuracy of information presented on those sites. This Privacy Notice applies solely to information collected by us through the Service.

4. Do Not Track Disclosure

Our websites do not always respond to Do Not Track signals. You may, however, disable certain tracking through cookie management as discussed above. For more information about Do Not Track signals, please visit https://www.allaboutdnt.com

5. When and How We Share Information with Others

Where applicable, we share personal information in the following ways:

  • With our affiliated organizations (e.g., those under common control with us);
  • With our partners, suppliers, or agents involved in delivering or fulfilling the: (i) programs, surveys, newsletters, and other activities in which we engage or to otherwise provide services to us; and (ii) products and services you’ve purchased, including lodging and travel management providers when you book travel through our websites;
  • With select endorsed services providers to communicate to you about their goods and services that may be of interest to you;
  • With sponsors, co-sponsors, and exhibitors of our live and online events, which may include sharing names, email, address, and demographic information;
  • With service providers and outside contractors engaged to perform services for, or on behalf of us in our operations, including our marketing activities;
  • With fraud-prevention, credit references, and business and credit scoring agencies;
  • With debt collection agencies or other debt-recovery organizations;
  • With law enforcement agencies, government bodies, regulatory organizations, courts or other public authorities if we have to, or are authorized to by law;
  • To satisfy any applicable law, or other legal or regulatory requirement;
  • To bring legal action against someone who may be violating a contract with us or to protect the safety and/or security of our users, the Service, or the general public;
  • With third parties (including endorsed service providers and sponsors) for joint promotions with that third party. Such third parties are responsible for their own compliance with applicable privacy laws and their use of personal information;
  • With third parties where our advertisements are served to you online;
  • To professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us; and
  • With a third party with which we are engaged in an acquisition, merger, asset sale, or other similar business transfer that involves substantially all of our assets where personal information is transferred or shared as part of the business assets.

Please note in particular that the Service may use Google Analytics, including its data reporting features. Information collected by Google Analytics includes but is not limited to web metrics. For information on how Google Analytics collects and processes data, please see the site “How Google uses data when you use our partners' sites or apps”, currently located at https://www.google.com/policies/privacy/partners. For information on opting out of Google Analytics, we encourage you to visit Google’s website, including its list of currently available opt-out options presently located at https://tools.google.com/dlpage/gaoptout.

In addition to the above, when users use our Service, third parties (including without limitation third-party advertisers and commercial partners) may directly collect personal information about our users’ online activities over time and across different websites.

6. International Transfers of Personal Information

  • Personal information collected on the Service may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and the Service may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such information. By using the Service and submitting such information on it, you voluntarily consent to the trans-border transfer and hosting of such information. Without limitation of the foregoing, you hereby expressly grant consent to NAMM to: (a) process and disclose such information in accordance with this Privacy Notice; (b) transfer such information throughout the world, including to the United States or other countries that do not ensure adequate protection for personal information (as determined by the European Commission or the UK Information Commissioner’s Office, as applicable, each, an "Inadequate Jurisdiction") and/or countries that may not have laws of general applicability regulating the use and transfer of such information; and (c) disclose such information to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements. To the extent required by applicable law: whenever we transfer your personal data (as defined in the European Data Protection Laws) to third parties (as described in this Privacy Notice) located in an Inadequate Jurisdiction, we ensure a similar degree of protection is afforded to it; we may use specific contracts approved by the European Commission (accessible at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj) or the UK Information Commissioner’s Office (accessible at https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/international-transfers/international-data-transfer-agreement-and-guidance/), as applicable, which give personal data the same protection it has in the European Economic Area or the United Kingdom, as applicable, under the European Data Protection Laws; and if we rely on another basis to transfer your personal data to an Inadequate Jurisdiction, we will keep you updated or contact you if required. Please contact us if you want further information on the specific mechanisms used by us when transferring your personal data to an Inadequate Jurisdiction. If you are a user accessing the Service from a jurisdiction with laws or regulations governing personal data collection, use, and disclosure that differ from those of the United States, please be advised that all aspects of the Service are governed by the internal laws of the United States and the State of California, USA, regardless of your location.

7. Data Subject Rights

We generally use personal information as described in this Privacy Notice or as authorized by you or as otherwise disclosed at the time we request such information from you. You generally must "opt in" and give us permission to use your personal information for any other purpose. You may also change your preference and "opt out" of receiving certain marketing communications from us by following the directions provided in association with the communication or such other directions we may provide or by contacting privacy-policy@namm.org. Note, if you choose to opt out of marketing communications, we may still communicate with you regarding non-marketing transactional or administrative related purposes.

Under certain circumstances and in compliance with the European Data Protection Laws, you may have the right to:

  • Request access to your personal information (commonly known as ‘subject access request’). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
  • Request erasure of your personal information. This enables you to ask us to delete or remove your personal information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your personal information in certain circumstances;
  • Object to processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information, for example, if you want us to establish its accuracy or the reason for processing it;
  • Request the transfer of your personal information to another party; and
  • Lodge a complaint with the relevant supervisory authority (as defined in the European Data Protection Laws). If you have any complaints about the way we process your personal information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request that we transfer a copy of your personal information to another party, please contact privacy-policy@namm.org.

Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Privacy Notice prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personal information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personal information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.

8. State Privacy Rights

Without limitation of any other provision in this Privacy Notice, in connection with the Service: NAMM processes the information described in Sections 1 and 2 of this Privacy Notice for the purposes described in Sections 1 and 2 of this Privacy Notice; and NAMM may disclose each of the categories of information described in Sections 1 and 2 of this Privacy Notice to the categories of third parties described in Section 5 of this Privacy Notice with respect to personal information under the header “When and How We Share Information with Others”.

Some U.S. states, such as Colorado, Connecticut, Virginia, and Utah, may provide their state residents with rights to:

  • Confirm whether we process their information.
  • Access and delete certain information about them.
  • Data portability.
  • Opt-out of personal data processing for targeted advertising and sales.

Some U.S. states, such as Colorado, Connecticut, and Virginia, may also provide their state residents with rights to:

  • Correct inaccuracies in their information, taking into account the information’s nature and processing purpose.
  • Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.

To exercise any of these rights (to the extent applicable law grants such rights to you with respect to our processing of your information) please contact us in accordance with Section 12. To appeal a decision regarding a consumer rights request, please contact our legal department by emailing privacy-policy@namm.org. If possible, it would be helpful if you can detail the basis of your appeal in your communication.

9. Security of Your Information

We maintain commercially reasonable and appropriate security measures designed to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction.

Notwithstanding the above, you should be aware that there is always some risk involved in transmitting information over the internet. There is also some risk that others could find a way to thwart our security systems. As a result, although we strive to protect your information, we cannot ensure or warrant the security or privacy of any information you transmit to us, and you do so at your own risk.

10. Data Retention

We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Notice or as otherwise permitted by law, for legal, tax or regulatory reasons, for archival purposes (in connection with our activities related to documenting the history of the music industry), or other legitimate and lawful business purposes.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of that information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

11. Changes and Updates to this Privacy Notice

We reserve the right to change, modify, add, or remove portions of this Privacy Notice from time to time and in our sole discretion, but will alert you that changes have been made by indicating on this Privacy Notice the date it was last updated. We recommend that you revisit this Privacy Notice on occasion to learn of any changes.

12. Questions, Concerns, or Complaints

You may contact us about matters pertaining to this Privacy Notice via any of the following methods:

 

National Association of Music Merchants
5790 Armada Drive
Carlsbad, CA 92008 USA
By Email: privacy-policy@namm.org
By Mail: Attn: Privacy at NAMM

NAMM Foundation
5790 Armada Drive Carlsbad, CA 92008 USA
By Email: privacy-policy@namm.org
By Mail: Attn: Privacy at NAMM

NAMM International, LLC
5790 Armada Drive
Carlsbad, CA 92008 USA
By Email: privacy-policy@namm.org
By Mail: Attn: Privacy at NAMM

We have appointed the DPO Centre as our representative in the European Union for purposes of Article 27 of the GDPR. Please see the DPO Centre’s contact details below:

The DPO Centre Europe Limited
Alexandra House
3 Ballsbridge Park
Dublin, D04C 7H2
with registered number 681576
notices@dpocentre.com

We have appointed the DPO Centre as our representative in the United Kingdom for purposes of Article 27 of the UK GDPR. Please see the DPO Centre’s contact details below:

The DPO Centre UK
50 Liverpool St, London EC2M
7PY, United Kingdom
with registered number 10874595
notices@dpocentre.com