STEINWAY Norway
Pianos
Contact Any questions?

PRIVACY POLICY

Welcome to Steinway & Sons' website. We take privacy very seriously. Below, we will inform you about how we handle your data. Therefore, we ask you to read the following privacy information carefully.


1. Name and contact information of the company this privacy policy applies to

This privacy policy applies to data processing for:

Steinway Piano Gallery Oslo, Stortingsgaten 30, 0161 Oslo, Norway. Email: post@steinway.no, phone: +47 22 23 42 44


2. Collection and storage of personal data, how they are used, and the purpose of their use

a) When Visiting the Website

When you visit our website, the browser used on your device automatically sends information to the server’s website. This information is temporarily stored in a so-called log file. The following information is collected without intervention and stored until automatic deletion:

   - The IP address of the requesting computer,

   - Date and time of access,

   - Name and URL of the retrieved file,

   - The website from which access is requested (referrer URL),

   - The browser used and, if necessary, the operating system of your computer and the name of your access provider.


The data mentioned above are processed by us for the following purposes:

   - Ensuring a smooth connection to the website,

   - Ensuring comfortable use of our website,

   - Evaluating system security and stability, and

   - For other administrative purposes.

The legal basis for data processing is Article 6(1)(1)(f) GDPR. Our legitimate interests in data collection are listed above. We will not use the collected data to draw conclusions about your person under any circumstances.

Additionally, we use cookies and analysis services when you visit our website. Further details can be found in sections 4 and 5 of this privacy policy.


b) When subscribing to our newsletter

If you have expressly consented in accordance with Article 6(1)(1)(a) GDPR, we will use your email address to send you our newsletter regularly. To receive the newsletter, it is sufficient to provide an email address.

Unsubscribing is possible at any time, for example via a link at the bottom of each newsletter. Alternatively, you can also send your unsubscribe request to post@steinway.no via email.


c) When using our contact form

For any questions, you can contact us via the form on the website. A valid email address is required so that we know who sent the request and can respond to it. Additional information may be provided voluntarily.

Data processing for the purpose of contacting us is based on your voluntarily granted consent under Article 6(1)(1)(a) GDPR.

Personal data collected by us for the use of the contact form is automatically deleted after the request has been completed.


3. Data transfer

Transfer of your personal data to third parties for purposes other than those listed below does not occur.

We only share your personal data with third parties if:

   - You have expressly given your consent according to Article 6(1)(1)(a) GDPR,

   - Disclosure under Article 6(1)(1)(f) GDPR is necessary for the assertion, exercise, or defense of legal claims, and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,

   - Disclosure is a legal obligation under Article 6(1)(1)(c) GDPR, and

   - It is permitted by law and required under Article 6(1)(1)(b) GDPR to handle our contractual relationship with you.

 

4. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not harm your device and do not contain viruses, trojans, or other malicious software.

Information generated related to the specific device used is stored in a cookie. However, this does not mean that we immediately know your identity.

We use cookies to make the use of our website more pleasant for you. For example, we use session cookies to determine if you have already visited individual pages on our website. These are automatically deleted when you leave our website.

In addition, to improve usability, we also use temporary cookies stored on your device for a specific period. If you revisit our website to use our services, it will automatically recognize that you have previously visited our website and what entries and settings you made so that you do not have to enter them again.

Furthermore, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our website (see section 5). These cookies allow us to automatically recognize that you have previously visited our website. These cookies are automatically deleted after a defined period.

The data processed by cookies is necessary for the purposes mentioned above to protect our legitimate interests as well as those of third parties in accordance with Article 6(1)(1)(f) GDPR.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice appears before a new cookie is created. However, disabling cookies may mean that you cannot use all features of our website.

 

5. Analytics tools

a) Tracking Tools 

The tracking measures listed below and used by us are carried out based on Article 6(1)(1)(f) GDPR. With the tracking measures we use, we aim to ensure a needs-based design and continuous optimization of our website. At the same time, we use tracking measures to statistically record the use of our website and to evaluate usage in order to optimize our website for you. These interests should be considered legitimate according to the aforementioned provision. 

The respective data processing purposes and data categories can be found in the respective tracking tools.

We use tracking technology from ReadPeak to improve advertising effectiveness and provide analytics related to user interaction with ads and our website. ReadPeak collects anonymous data, including IP addresses and cookie IDs, to record the number of views and clicks on ads. This data cannot be used to identify individuals. Furthermore, ReadPeak’s tracking technologies, which include pixels and third-party cookies, may be implemented to analyze user behavior and report campaign results to advertisers. ReadPeak adheres to IAB TCF standards for the use of third-party cookies and does not collect sensitive personal data.

a. 1) Google Analytics 

We use Google Analytics, a web analytics service provided by Google Inc., for the purpose of designing and continuously optimizing our pages. (https://www.google.com/intl/en/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, hereinafter "Google"). In this context, pseudonymized user profiles are created and cookies (see section 4) are used. The information generated by the cookie about the use of this website, such as: 

- Browser type/version, 

- Operating system used, 

- Referrer URL (the previously visited page), 

- Host name of the accessing computer (IP address), 

- Time of the server request, 

is transmitted to a Google server in the USA and stored there. The information is used to evaluate website usage, compile reports on website activity, and provide other services related to website activity and internet usage for market research and needs-based web design. This information may also be transferred to third parties if required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other data from Google. IP addresses are anonymized so that association with your data is not possible (IP masking).

You can prevent the installation of cookies by configuring your browser software accordingly; however, please note that if you do this, you may not be able to fully use all the features of this website. 

You can also prevent the collection of data generated by the cookie and related to your website use (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en). 

As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent Google Analytics from collecting data by clicking on this link: tools.google.com/dlpage/gaoptout. An opt-out cookie will be set, which prevents future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again. 

For more information on privacy related to Google Analytics, see the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=en).

a.2) Mouseflow 

This website uses Mouseflow, a web analytics tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to collect and store data for marketing and optimization purposes. Pseudonymized usage profiles can be created from this data. Randomly selected individual visits (only with anonymous IP addresses) are recorded. This provides an overview of mouse movements and clicks, with the aim of randomly repeating individual website visits and thereby identifying potential improvements for the website. The data collected with Mouseflow will not be used to personally identify visitors to this website without the individual’s consent, nor will it be combined with personal data about the pseudonym’s holder. If you do not wish to be recorded, you can disable recording on all websites that use Mouseflow globally for the browser you are using at the following link: mouseflow.com/opt-out.

a.3) Facebook Pixel, Custom Audiences, and Facebook Remarketing 

This website uses Facebook Inc.'s ("Facebook") Custom Audiences remarketing feature. This feature is used to present interest-related ads ("Facebook Ads") to visitors to this website when they visit the Facebook social network. For this purpose, the Facebook remarketing tag was implemented on this website. Through this tag, a direct connection to Facebook’s servers is made when visiting the website. The Facebook server is informed that you have visited this website, and Facebook assigns this information to your personal Facebook user account. For more information on the collection and use of data by Facebook, as well as your rights in this regard and ways to protect your privacy, please refer to Facebook’s privacy policy at www.facebook.com/about/privacy/. Alternatively, you can disable the Custom Audiences remarketing feature via www.facebook.com/settings/. For this, you must be logged in to Facebook.

 

6. Social Media icons 

Based on Article 6(1)(1)(f) GDPR, our website uses social plugins from the social networks Facebook and Twitter to achieve greater recognition for our company. The underlying commercial purpose is considered a legitimate interest in the sense of GDPR. Responsibility for data protection-compliant operation is guaranteed by the respective providers. We integrate these plugins using the so-called two-click method to protect visitors to our website as best as possible.

 

7. Data subject rights 

You have the right to: 

- Request information, in accordance with Article 15 GDPR, about your personal data processed by us. In particular, you can request information on processing purposes, the category of personal data, categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if not collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about their details;

- Require immediate correction (completion of incomplete data) or completion of personal data stored by us, according to Article 16 GDPR;

- Demand deletion of your personal data stored by us, in accordance with Article 17 GDPR, except where processing is necessary for exercising the right of freedom of expression and information, fulfilling a legal obligation in the public interest, or asserting, exercising, or defending legal claims;

- Request restriction of the processing of your personal data, in accordance with Article 18 GDPR, as far as you contest the accuracy of the data, or if processing is unlawful, but you refuse deletion, and we no longer need the data, but you require it for asserting, exercising, or defending legal claims, or if you have objected to data processing per Article 21 GDPR;

- Receive, in accordance with Article 20 GDPR, the personal data you have provided to us in a structured, commonly used, and machine-readable format or request transmission to another data controller;

- Withdraw consent at any time in accordance with Article 7(3) GDPR. This will mean that we can no longer process the data for which consent was given;

- Lodge a complaint with a supervisory authority per Article 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work, or our office.

 

8. Right to object 

If your personal data is processed based on legitimate interests according to Article 6(1)(1)(f) GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided there are grounds for this arising from your specific situation, or the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without needing to specify a particular situation. 

If you wish to exercise your right to withdrawal or objection, please send an email to post@steinway.no.

 

9. Data security 

We use the popular SSL (Secure Socket Layer) method for website visits, in conjunction with the highest encryption level supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether an individual page on our website is encrypted is indicated by a key or lock icon in the lower status bar of your browser. 

We also take appropriate technical and organizational security measures to protect data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

 

10. Updates and changes to this privacy policy 

This privacy policy is effective as of May 2018. 

Due to the further development of our website and services or due to changes in legal or regulatory requirements, it may be necessary to amend this privacy policy. The current privacy policy can be viewed and printed at any time from our website.