sound effects libraries GDPR Asbjoern Andersen


On May 25th 2018, a new set of rules from the European Union called the General Data Protection Regulation (GDPR) come into effect.

They're made to protect the privacy of your users & customers - and if you're selling sound effects, running a newsletter or other initiatives to promote your sounds, the rules will likely affect you, whether you're based in the EU or not. The question is how.

That's something I'd like to help clarify - and to do that, I've reached out to Kasper Mai Jørgensen, co-founder of ComplyTo, a company that helps anyone doing business online to ensure they're complying with the GDPR rules.


Please note: I hope the following helps you get a better idea of the implications of GDPR. However, as I'm not a lawyer, I can't make any guarantees as to the legal accuracy of the information below.
Please share:
 

Hi Kasper, could you please introduce yourself?

Hi Asbjørn, I am co-founder and CEO of ComplyTo. I come from a finance and compliance background, and found that as a small or medium size business there is no easy and cost effective way to work with compliance in general and GDPR specifically. Therefore we started ComplyTo.
 

What do the new rules mean for a webshop owner – and what are the consequences of not being compliant with the rules?

The consequences are obviously fines. I am sure a lot have heard that they can be up to €20 million EUR. For a webshop this is probably a bit irrelevant, at least in the beginning. However to me, the biggest risk is that customers expect that a webshop has this under control, and if not, they will take their business elsewhere.
 

What are the steps that need to be taken to prepare for GDPR?

Documentation, documentation and documentation. The most important step is to start by documenting that you know what data you have, where – and which companies you have contracted with to store these (Google, Microsoft, Mailchimp and many others). Smaller companies in particular usually use many cloud solutions. You are responsible for the privacy data that you store in those systems.
 

What agreements do you need to have in place, what sort of documentation are you required to have – and are there certain items that need to be featured on the site itself?

The most important document you need right now is your privacy policy. You should have one for each of you activities – e.g. one for the webshop, one for HR activities and other activities where your company is processing privacy data.

Additionally to manage your suppliers that store your privacy data, you need what is called “data processor agreements”. If you use the larger cloud solutions they might have sent you such an agreement already. It is your responsibility to ensure that these agreements are aligned with your requirements. When you sign or accept such an agreement, the fine for breach of personal data will be forwarded to you and not the supplier. So you need to be a bit critical on these, as, at the end of the day, the supplier has interests that are in opposition to yours.
 

GDPR and webshops:

Many webshops run on WordPress / Woocommerce, and there’s a lot of effort being put into automating many of the processes needed to comply with the rules. Here’s an overview on what’s happening with Woocommerce and GDPR, and here’s an overview of what’s happening in WordPress.

 

As a shop owner, what are some of the things you can’t do going forward?

As long as you were following the law before you can continue with most activities. Most countries have had data protection rules for many years. The main difference now is that you need to document that you are in control of the privacy data.

As long as you were following the law before you can continue with most activities

You can still send emails to your customers, you can still send newsletters (if the person has subscribed – which was also the rule before GDPR). You cannot do ‘cold emailing’ – but this wasn’t allowed in most countries before anyway.
 

If someone wants their data removed from your records, how do you go about that in practical terms? An often-heard term in relation to GDPR is ‘The Right To Be Forgotten’ – what does that mean exactly?

I use to say “forget the right to be forgotten” 😀. The right to be forgotten is not an absolute right. If you have a legitimate reason to keep the data, you do not have to delete data if a customer asks to be forgotten. The right to be forgotten is mostly relevant if you get consent to use privacy data, but contact details, purchase history etc you can collect and process without consent and you can keep these data as long as you have a valid purpose – e.g. to comply with bookkeeping rules.

You should be more concerned by the right to insight. Under this you have to send the privacy data on a person to this person if they request it – so you need to know where you store all this data, and how to get the data out.
 

What happens if you only sell via a 3rd party marketplace, such as A Sound Effect?

If you sell through a 3rd party it makes it easier to manage the privacy data for the persons buying the product – since the 3rd party marketplace manages the contact to the end-customers. However you may still have privacy data from your suppliers, other customers, and you probably have Asbjoern’s contact details ;-) Nevertheless it makes your documentation much simpler, as the privacy data you have access to is much more limited.
 

How does ComplyTo’s solution work – and if shop owners uses ComplyTo, are they guaranteed to be in compliance?

ComplyTo makes a tool to ensure that you document your work with GDPR. The system assists you in mapping what privacy data you have. Based on that, we generate the privacy policies and data processor agreements needed. Additionally we have a risk and task management system that you use for ensuring that you stay in compliance. If there is a mismatch with the data mapping and the rules we will notify you, by creating a risk and task list with specific guidance on what to do.

We do not claim to guarantee compliance, as that would require us to audit your data input and would not make it possible to deliver our product for a fair price. But we get you at least 80% of the way. For most small and medium size companies we have all you need. And you can always get an auditor or lawyer to review the result – just like you can get an auditor to review your accounts if you want additional assurance.

The data protection rules changes all the time, and new rules and practices will impact what can be considered compliance. We are continuing to update our system to manage these developments to ensure you are up to date.

And by using a system to map your data it is also easy to update all documents, tasks and agreement when you decide to put privacy data in a new system or in another ways change your use of privacy data.
 

How do you demonstrate / document that customers and visitors have accepted the GDPR compliant rules on your site? Does continued use of your site after they’ve seen the rules equal consent?

You do not need to get consent from users that they have read and understand the rules. Nor in other ways get acceptance from the users. You just need to inform the user. Only in a case where you are processing privacy data, basic consent would be relevant – that would be the case for newsletters. for example. If you get consent you only need consent for the specific data and specific use thereoff – e.g. names and emails for sending newsletters.

Do you have more questions?

If you’ve got more questions about GDPR, please leave a comment in the comments section, and Kasper Mai Jørgensen will do his best to answer them as soon as possible.
 

Do you have to notify all your existing customers about the new GDPR rules?

You do not have to inform the users of the GDPR rules, but you need to inform them about what, how and how long you manage their privacy data. This is what you do in a privacy policy. The privacy policy should be given to the persons affected – for a web based business, placing it on the website and sending a link to customers when they buy anything would be a good place to start.
 

To sum up, can you offer a quick checklist of actionable GDPR steps for webshop owners?

1. Know what privacy data you have and where
2. Document what you do with privacy data
3. Ensure that your users, employees etc are properly informed about how privacy data is processed in the company – through privacy policies.
4. Ensure that you have data processing agreements in place where you are having 3rd parties managing this
5. Ensure that you can document you work with this continuously. Ensure that you follow processes, review the data, remember to delete data when no longer in use etc. GDPR is not a one-time effort. It is a continuous process.

If in doubt, put yourself in the place of the user – if you would be satisfied with the information and use of data as a customer or user?
 

A big thanks to Kasper Mai Jørgensen for sharing his insights on GDPR and what the rules mean for SFX creators. If you’ve got any GDPR-related questions, please leave a comment below, and Kasper will do his best to answer them when he can.

 

Please share this:


 


 
 
THE WORLD’S EASIEST WAY TO GET INDEPENDENT SOUND EFFECTS:
 
A Sound Effect gives you easy access to an absolutely huge sound effects catalog from a myriad of independent sound creators, all covered by one license agreement - a few highlights:
 
 
  • Animals & Creatures Amazon Jungle Play Track 49 sounds included, 357 mins total From: $95 From: $66.50

    Amazon Jungle is a collection of unique ambiences recorded in the Amazon rainforest on the border between Peru, Bolivia and Brazil. The library was recorded during the rainy season when birds are vocal and humidity is at its highest. These recordings feature species such as the Screaming Piha, Toucans, Howler Monkeys, Trogons, Tinamous, Owls, very vocal Bamboo Rats and a multitude of insects and frogs.

    30 %
    OFF
    Ends 1576537199
  • Sci-Fi Lo-Fi Sci-Fi Play Track 1,000+ sounds included, 431 mins total $30 $15

    Lo-Fi Sci-Fi is a library packed full of characterful, authentic and gritty sounds. It was lovingly created by sound designers Barney Oram and Derek Brown, in homage to classic late 70’s and early 80’s sci-fi movies.
    The collection is comprised of a wide range of sounds, including metal, organics, fire, mechanical, interfaces, creatures, foley and footsteps, abstract, ambience, and much more.

    Lo-Fi Sci-Fi features 620 24bit / 48kHz WAV files in total, including 45 designed sounds and 575 source sounds.

    50 %
    OFF
    Ends 1576105199
    Add to cart
  • Foley Footstep and Foley Sounds Play Track 812 sounds included $10 $8
    Browse Wishlist

    Footstep & Foley Sounds contains 511 high quality professionally recorded footstep sounds. Surfaces included: concrete, dirt, grass, gravel, metal, mud, water, wood, ice and snow. Plus 141 Foley sounds covering a variety of character movement sounds. A perfect addition to add realism to your footstep sounds.

    This pack also includes a variety of 160 bonus sounds effects from our full library Pro Sound Collection. ALL sounds from Footstep & Foley Sounds are included in Pro Sound Collection so if you need more sounds be sure to check it out before purchase.

    20 %
    OFF
    Add to cart
 
Explore the full, unique collection here

Latest sound effects libraries:
 
  • Animals & Creatures Amazon Jungle Play Track 49 sounds included, 357 mins total From: $95 From: $66.50

    Amazon Jungle is a collection of unique ambiences recorded in the Amazon rainforest on the border between Peru, Bolivia and Brazil. The library was recorded during the rainy season when birds are vocal and humidity is at its highest. These recordings feature species such as the Screaming Piha, Toucans, Howler Monkeys, Trogons, Tinamous, Owls, very vocal Bamboo Rats and a multitude of insects and frogs.

    30 %
    OFF
    Ends 1576537199
  • Destruction & Impact Just Impacts Bundle Play Track 1434+ sounds included $183 $146.40

    This bundle includes these libraries from the popular Just Impact series:

    Just Impacts – Simple
    Just Impacts – Processed
    Just Impacts – Designed
    Just Impacts – Extension I
    Just Impacts – Extension II

    – at a great discount!

    20 %
    OFF
  • Military TANK T-44 Play Track $149

    Tank T-44: The great hulking mass that would spell doom for the Red Army’s enemies has been captured in all its glory trudging along, with every turn of its metal treads and gears recorded masterfully.

    The sound capture equipment used were best-in-breed Neumann U87 and Schoeps M4 microphones, and the tank’s authoritative rumbles and clangs were recorded from various positions, and at various speeds as the treads grip the ground and transfer the power of its mighty engine, transmission, and parts. There are also stereo recordings for the tank’s engine and the tank’s exhaust pipe.

    We at Flysound have dusted off the cobwebs and taken this 30 tonne beast for several victory laps to record its belligerent brilliance. The T-44: one of the great patriotic tanks! In a time when action productions are all to often devolving into the fake and unrealistic, this sound package is an authentic antidote of epic proportions. Tank you!

  • DESCRIPTION:

    Here you can find 61 HD quad surround ambiences of the wild North European nature. They were recorded during a two-week recording trip on foot and by rowing boat in the hot July of 2018 at the heart of the national park in Karelia, North-Western Russia. Spacious, transparent, immersive and absolutely free from any technogenic and anthropogenic sounds. Still air and wind through grass or trees. Birds and insects from single and sparse at the cloudy morning to dense and busy at the hot sunny noon, a mosquito chorus at dawn and ear-piercing grasshoppers at sunset. Distant thunder rolls and disturbed Arctic Loon, huge old trees creaking and grumbling in the wind.

    10 % of the library’s revenue goes to nature preserves and animal shelters.

  • Ambisonics Vintage Trams Play Track 46 sounds included $30 $20

    Vintage Trams: passes and rides from a number of perspectives.

    The bygone sounds of rattly old trams, passing in the street: the rumble of the metal wheels on the tracks, the sound of the pickup rods on the overhead wires, the clang of the bell and the voice of the conductor, all of these are here for your delight. Starts and stops, rides and passes, all lovingly collected in First Order Ambisonic surround and collated in FuMa & ambiX orders and weighting. Full Soundminer metadata and Excel Spreadsheet included.

    And there’s more! A bonus collection of sounds in stereo from my extensive archive, with a ride on a San Francisco cable car, more vintage trams and a series of recordings of a Trolley Bus, an electrically powered bus running form overhead cables, but so quiet in operation, it was known as ‘the silent killer’ as pedestrians tended not to be aware when it was approaching.

    33 %
    OFF
    Ends 1577228399
 
FOLLOW OR SUBSCRIBE FOR THE LATEST IN FANTASTIC SOUND:
 
                              
 
GET THE MUCH-LOVED A SOUND EFFECT NEWSLETTER:
 
The A Sound Effect newsletter gets you a wealth of exclusive stories and insights
+ free sounds with every issue:
 
Subscribe here for free SFX with every issue

Leave a Reply

Your email address will not be published. Required fields are marked *

HTML tags are not allowed.