top of page

Privacy Policy

Music Cities Events Privacy Policy

In Music Cities Events we're focused on sharing global best practice and knowledge for the development of music cities. We organise international conferences, produce the leading international awards ceremony on music cities and on may 2020 we launched the Music Cities Community. In everything we do we’re focused on showcasing the best uses of music by individuals, organisations and cities all over the world.


The present Privacy Policy of our website (hereinafter, the "website"), regulates the protection of personal data, both of our visitors, and of any other interested parties who provide us with information through the website and whose information is processed by MUSIC CITIES EVENTS, as part of the provision of services (hereinafter and jointly, "you" or the "user" and plural form, "you" or the "users").

In this regard, we urge all users to read this Privacy Policy carefully, in order to learn about the rules and practices we have developed to protect personal data and to better understand our relationships with third parties who may have access to such personal data.

In any case, the user is solely responsible for the accuracy of the information provided on the website and if in the future MUSIC CITIES EVENTS wishes to use it for purposes other than those referred to, we will inform you of these new purposes and request your consent, if necessary.

Notwithstanding the above, certain services provided or that may be provided in the future on the website may contain particular conditions of use with provisions on the protection of personal data, which prevail over this Privacy Policy.

In accordance with GENERAL DATA PROTECTION REGULATION, 2016/679 UE (GDPR), Music Cities Events LTD wishes to inform our web users about the following items:

The Data Controller is Music Cities Events LTD (hereinafter Music Cities Events), with address at 49 Southwark Street, London SE1 1RU, Email:, tel. +44 (0) 207 613 4271

Applicable legislation

Music Cities Events commits to process your data in accordance with:

  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

  • The Data Protection Act 2018

  • Any applicable regulations in force, regarding privacy, data protection, transparency and information security.



How do we process your data?


If you are a user from our website


For what purposes are your data processed?


  • To respond to your requests for information or any other questions.

  • To handle your subscription to our newsletter.

  • Send you information about changes in our privacy policy.

  • To handle and respond to your questions regarding the exercise of your rights in accordance with the regulations in force relating to personal data


What is the legal basis?


  • Consent.

  • Music Cities Events legitimate interest.

  • Provisions of the GDPR.

  • Legal obligations.


With whom do we share your data?


  • Music Cities Events employees and collaborators.


For how long do we keep your data?


  • For the time necessary to process your request


  • In the event of your participate in a contest or draw that we carry out, the information is kept until the prize has been awarded, up to a maximum period of one year


  • For the applicable legal periods in case of disputes


  • During the periods defined by applicable legislation (tax, criminal, other ...)


  • During the legal periods to which Music Cities Events is subject in the course of its commercial activities.


If you purchase a ticket to a convention from our website

For what purposes are your data processed?


  • Process your registration in Music Cities Events.

  • Process your registration to the Event.

  • Contact you for the event.

  • Process any claim.

  • Process your payment.

  • Billing and accounting matters


What is the legal basis?


  • Consent

  • Celebration or execution of an agreement between the parties

  • Music Cities Events legitimate interest

  • Legal obligations


With whom do we share your data?


  • Eventbrite.

  • Public entities and authorities under legal obligation.

  • Banks and financial entities to manage collections and / or payments.


For how long do we keep your data?


  • During the periods defined by applicable legislation (tax, criminal, other ...)

  • During the legal periods to which Music Cities Events is subject in the course of its commercial activities.

  • In certain situations, you may be asked to voluntarily provide supporting documentation to confirm your identity. These documents are kept for a period of two years.

  • For the time necessary to process your request.


What are your rights?


  • Access: Right you have to consult what personal data is processed by Music Cities Events, what is the purpose for which it is processed, the communications that will be made to third parties (if applicable) or the right to obtain a copy of your data or to know the expected period.

  • Rectification: Right you have to modify the personal data that Music Cities Events treats that are inaccurate.

  • Objection: Right that you have for certain reasons related to a particular situation that your data is no longer processed to a degree or measure that may cause you damage.

  • Erasure: Right you have to request that we delete your personal data.

  • Restriction of processing: Right you have to request us to stop processing your data and only keep it for the exercise or defense of your claims.

  • Data portability: Right you have to receive your personal data  in a structured, commonly used and machine readable format and also the right to transmit those data to another controller.

  • Not to be subject of decision based on automated data procedures: Right you have not to be subject of a decision based solely on automated processing, including profiling, that produces legal effects or that significantly affects you in a similar way.


How to exercise your rights?


The rights of Access, Rectification, Objection, Erasure, Restriction of Processing and Portability are personal and, therefore, must be exercised by the affected party who must prove their identity. However, it may be done through a legal or voluntary representative.


You may exercise the rights of Access, Rectification, Objection, Erasure, Restriction of Processing and Portability to the processing of your data, by means of a signed letter addressed to 49 Southwark Street, London SE1 1RU , or by sending it by email to info@sounddi, adding in any case a copy of the ID of the interested person.


If a satisfactory response has not been obtained in the exercise of these rights, it is possible to file a claim with the Information Commissioner’s Office, through the forms or other channels accessible from its website (


How does Music Cities Events keep your data secure?


Music Cities Events, as a data controller, ensures the protection of the personal data you entrust to it by implementing appropriate technical and organisational measures, which guarantee a level of security commensurate with the risk.

Appropriate measures have been taken to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident and also, we have implemented a process of for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

These measures adopted guarantee that the technical and organizational means are in place to prevent the loss, misuse, alteration, unauthorized access or copying of the data provided.

These measures include, among others, the segregation of functions through access profiles, network threat monitoring controls, backups, storage in two different locations, access control mechanisms, network segmentation, procedures and channels for the exercise of rights, informative clauses and legitimating basis for data processing, monitoring the use of personal data, in addition to the application of firewalls, antivirus and working with companies that offer adequate levels of security.

In case of a personal data breach, we will notify you and the supervisory authority, as appropriate in accordance with our legal obligations.

Despite all these measures, it is a fact that there is no security system that can guarantee absolute protection.


Processing of special categories of personal data


We do not collect nor process particularly sensitive personal data or data included in the special category such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.


International transfer of data


The protection provided by the GDPR travels with the data, which means that the rules protecting personal data continue to apply regardless of where the data is transferred.


International data transfers involve a flow of personal data from Spanish territory to recipients established in countries outside the European Economic Area (the countries of the European Union plus Liechtenstein, Iceland and Norway). The data controllers and processors may carry out international data transfers without the authorization of the Spanish Data Protection Agency provided that the data processing complies with the provisions granted by the GDPR.


Given the global nature of our operations, we may transfer your personal data to the United States and to other countries where data protection laws may not be as extensive as those in force in the EU.


When Music Cities Events transfers your personal data outside the European Economic Area, it will only transfer personal data when one of the following circumstances occurs:

  • To a country that, according to the European Commission, ensures an adequate level of protection

  • To a company that maintains a valid and current “Privacy Shield” (Privacy Shield Certification) between USA-UE valid that provides certain personal data protection regulations, in relation to the category of personal data being transferred.

  • When we have implemented an appropriate mechanism for data transfer, for example, the EU Standard Contractual Clauses, standard data protection clauses adopted by a supervisory authority and approved by the Commission, to ensure that your personal data is adequately protected.


If none of the above criteria are met, Music Cities Events will continue to be empowered to transfer personal data outside of the European Economic Area in accordance with the situations provided for in Article 49 of the GDPR.


Access to your personal data will be limited to people who need to know such data for any of the purposes described in this Privacy Policy.


Links to other websites


On the Music Cities Events website there are links to other websites that we consider potentially useful and informative to you. However, please note that we do not endorse or recommend the content or services of such websites, nor are we responsible for their privacy policies. We encourage you to be aware of and read the privacy policies of all the sites you visit. Remember that what is indicated in this Privacy Policy only applies to the data that Music Cities Events collects and/or processes.


Modifications and integrity of our Privacy Policy


We will only use your personal data as established in the Privacy Policy that is in force at the time we collect your personal data. Music Cities Events reserves the right to modify this Privacy Policy at any time, publishing such modifications on our website, so we recommend that you visit it each time you access the Privacy Policy.

If at any time we decide to use personal data differently from what was stated at the time it was obtained, we will notify you by email, as long as we have it. At that time you will be given the option to authorize other uses or disclosures of the personal data that you would have provided us before the modification of our Privacy Policy.

In the event that any clause of this Privacy Policy is annulled or considered null, the rest of the conditions will not be affected, fully retaining their validity and validity, in accordance with the current regulations applicable at all times.


Last Update May 2020

bottom of page