Privacy Policy

Lyric Financial LLC and Utopia group (Utopia AG and its subsidiaries) ("Lyric", "we" or "us") strive to protect your privacy and to maintain a high level of data protection.

This Privacy Policy describes our privacy practices as a data controller, including how we collect and use personal data, that are provided to us via our websites, either by way of direct contact with us or by visiting these websites, as applicable. It also contains descriptions of rights associated with personal data that you may have under Applicable legislation, and how such rights can be exercised. If you have any questions, you are always welcome to contact us.

"Applicable legislation" means applicable laws, ordinances and regulations, including regulations issued by relevant supervisory authorities, concerning the protection of the fundamental rights and freedoms of natural persons and in particular the right to the protection of their personal data applicable to the processing in question; including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ("GDPR") as well as laws, ordinances and regulations supplementing the GDPR and other legal requirements that may apply to us.

Where terms like "processing", "personal data", "data subjects" etc. that are defined in the GDPR are used in this Privacy Policy, they shall have the same meanings in this Privacy Policy as those ascribed to them in the GDPR.

 

WHO IS THE DATA CONTROLLER FOR THE PROCESSING OF PERSONAL DATA?

For the processing of personal data associated with this Lyric’s websites, Lyric Financial LLC is the data controller. Where you have a business relationship with or otherwise have been in contact with another Utopia group company, such Utopia group company is the data controller relating to processing of personal data associated with fulfillment of e.g. contracts, engaging in regular business correspondence, maintaining records with regular details on business contact persons etc.

FROM WHERE DO WE COLLECT PERSONAL DATA?

We collect personal data from:

 

  • You, that you either provide to us yourself or that we collect from you based on your website activity.

 

  • The organization that you represent or are associated with, in the context of conducting our business, we process personal data in the ways that companies normally do to run business. Such personal data may be provided by the organization that you represent or are associated with.

 

  • Publicly available sources, e.g. business related personal data, such as non-sensitive information related to individuals in their professional capacity, for the purposes of maintaining our business or to identify new business opportunities.

 

WHEN AND WHY DO WE PROCESS PERSONAL DATA?

 

Fulfilment of contract with customers, suppliers and other business partners

If you represent or otherwise are associated with an organization that we do business with, we process your personal data as needed in order fulfil the contract with such organization, that may be a customer, supplier or other business partner.

  • Categories of personal data

    • Identity information (first and family name, position)

    • Contact information (business email address, business phone number, business postal address)

    • Business correspondence data (personal data contained in emails and information on time of correspondence).

  • Legal basis

    • Legitimate interests (Art. 6.1 f of the GDPR). The processing is necessary for our legitimate interests to fulfil our contract with the business that individuals represent or otherwise are associated with.

  • Retention period: Personal data is retained during the business relationship.


 

General business purposes

We process personal data for general business purposes, e.g. by way of processing (business) personal data associated with prospective business relationships and personal data related to media/public relations.

  • Categories of personal data

    • Identity information (first and family name, position)

    • Contact information (business email address, business phone number, business postal address)

    • Business correspondence data (personal data contained in emails and information on time of correspondence).

  • Legal basis

    • Legitimate interests (Art. 6.1 f of the GDPR). The processing is necessary to run our business.

  • Retention period: We will retain the personal data for as long as it may be relevant, which may be up to one (1) year following our latest contact. Where the contacts have led to a business relationship, the personal data will be processed as described in the previous section, i.e. Fulfilment of contract.

 

 

Provide you with information about our business via newsletters

We process personal data to manage and send out newsletters. These newsletters can e.g. contain information and updates regarding our business and our services and products. You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link in the email or by contacting us on the contact details set out below.

  • Categories of personal data

    • Identity information (first and family name, position)

    • Contact information (business email address, business phone number, business postal address)

  • Legal basis

    • Legitimate interest (Art. 6.1 f of the GDPR). The processing is necessary to fulfill our legitimate interest to send our newsletter.

    • Consent (Art. 6.1 f of the GDPR). Depending on applicable legal requirements, we may also rely on your consent for sending newsletters.

  • Retention period: Your personal data is retained for this purpose until you unsubscribe from the newsletter or after 12 months of inactivity.

    • Where you subscribe, we will process personal data about your choice to unsubscribe to comply with such request.

 

 

Develop and improve our products, services and systems for the customers in general and for the production of statistics

We will anonymize personal data for the purposes of subsequently using the anonymized data to develop and improve our products, services and systems for customers in general and for the production of statistics.

  • Categories of personal data

    • Identity information (first and family name, position)

    • Contact information (business email address, business phone number, business postal address)

    • IPI number, ISNI number

    • Payment transaction data

  • Legal basis

    • Legitimate interest (Art. 6.1 f of the GDPR) The processing is necessary to fulfill our legitimate interests to develop and improve our products, services and systems for the customers in general and for the production of statistics.

  • Retention period: Statistics and other information at the aggregate level that cannot identify you as an individual are saved for the time being.

 

 

Evaluate and monitor the use of our website

In order to analyze and better understand how our websites are used, we process your personal data, which we e.g. have collected by using cookies and similar technologies. This is done by e.g. collecting visitor and click statistics, from which website you came from, which pages you visited on our website and for how long time/number of times. Please read more in our Cookie Policy.

  • Categories of personal data

    • User-generated data

    • Geographical information, based on IP address

  • Legal basis

    • Legitimate interest. The processing is necessary to fulfill our legitimate interest in evaluating and monitoring the use of our websites.

  • Retention period: Non-personal data that are processed at an aggregate level are stored for an indefinite period.

 

Improve your experience on our website

In order to improve your experience on our website and to provide you with tailored content when appropriate, we will collect and process your personal data, e.g. via cookies and similar techniques. This means that we e.g. can save information about your web history and selected website settings (such as language and display settings). Please read more in our Cookie Policy.

  • Categories of personal data

    • Identity information (first and family name, position)

    • User-generated data

    • Geographical information, based on IP address

  • Legal basis

    • Legitimate interest (Art. 6.1 f of the GDPR). The processing is necessary to fulfill our legitimate interest in improving your experience on our website and providing you with tailored content.

  • Retention period: Non-personal data that are processed at an aggregate level are stored for an indefinite period.

 

Manage and address legal claims

In order to manage and address any legal claims, e.g. in connection with a dispute or legal process, we process personal data (as applicable).

  • Categories of personal data

    • All information necessary to manage and address the legal claim.

  • Legal basis

    • Legitimate interest (Art. 6.1 f of the GDPR). The processing is necessary to fulfill our legitimate interest in managing and addressing legal claims, e.g. in connection with a dispute or legal process.

  • Retention period: Personal data is retained during the period necessary to manage and address the legal claim.

 

Comply with other legal obligations

We process personal data in order to comply with legal obligations such as e.g. obligations regarding accounting and bookkeeping as well as any other applicable legal obligations.

  • Categories of personal data

    • All information that is necessary to fulfill the respective legal obligation.

  • Legal basis

    • Legal obligation (Art. 6.1 c of the GDPR). The processing is necessary to fulfill legal obligations to which we are subject.

  • Retention period: Personal data is retained for the period necessary in order for us to fulfill legal obligations to which we are subject.

Manage and protect systems and services

We process your personal data if necessary in order to manage and protect our IT systems and services, e.g. in connection with logging, troubleshooting, backup, change and problem management in systems and in connection with any IT incidents.

  • Categories of personal data

    • All information listed above.

  • Legal basis

    • Legitimate interest (Art. 6.1 f of the GDPR). The processing is necessary to fulfill our legitimate interest in managing and protecting our IT systems and services.

  • Retention period: Personal data is retained for the same period as stated in relation to the respective purpose above.

 

 

WITH WHOM DO WE SHARE PERSONAL DATA?

When necessary, we share personal data with the recipients specified below. Unless otherwise stated, named recipients are independent data controllers for their own processing of personal data.

 

 

 

 

 

 

 

 

 

Suppliers acting as data processors

Similar to most businesses, we engage suppliers to process personal data on our behalf, for the purposes set out above. Such suppliers include e.g. providers of customer relationship management (CRM) systems, marketing services (systems for sending newsletters) and IT services (companies that manage necessary operations, technical support and maintenance of our IT solutions and IT systems). We conclude contracts with such suppliers as required under Applicable legislation.

 

Appropriate safeguards for the transfer of personal data to third countries – where the GDPR applies

 

If we transfer your personal data to a recipient in a country outside the EU/EEA area (third country), we will ensure that appropriate safeguards have been taken (such as the EU Commission's standard contract clauses and other necessary measures), as required under the GDPR.

 

Pursuant to applicable data protection legislation, you have the right, upon request, to receive a copy of the documentation demonstrating that the necessary protective measures have been taken in order to protect your personal data when transferring it to a third country. If you would like to know more about the processing of your personal data and if your personal data is transferred to a third country, please contact us by using the contact information below.

 

TECHNICAL AND ORGANIZATIONAL MEASURES TO PROTECT PERSONAL DATA

 

We take measures to ensure that your personal data is adequately protected from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, when transmitted, stored or otherwise processed. The measures that we have implemented take into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing, including associated risks.

 

INDIVIDUALS' RIGHTS UNDER THE GDPR

 

In connection with our processing of your personal data, you may, under certain conditions, exercise the following rights:

 

Access

You can request confirmation of whether or not your personal data is being processed and, if so, request access to your personal data and additional information such as the purpose of the processing. You also have the right to receive a copy of the personal data that is processed.

 

Rectification

If you notice that personal data about you is inaccurate or incomplete, you have the right to have your personal data rectified.

 

Object to specific processing

You can object to processing of your personal data if it is based on a legitimate interest, on grounds relating to your particular situation, or if the processing takes place for direct marketing purposes. If we are unable to demonstrate compelling legitimate grounds to continue processing, that override your interests, or if the processing is not necessary to establish, exercise and defend legal claims, we are obliged to cease the processing.

Erasure

You can have your personal data erased under certain circumstances, e.g. when the personal data is no longer needed to fulfill the purpose for which the personal data was collected or otherwise processed.

 

Restrict processing

Under certain circumstances, you can request that we restrict the processing of your personal data to only involve the storage of your personal data.

 

Withdraw consent

To the extent that the processing of personal data is based on your consent, you always have the right to withdraw your consent. Withdrawal of consent does however not affect the lawfulness of any processing that has been based on consent prior to its withdrawal.

 

Data portability

You have the right to request a copy of your personal data that you have provided to us, and which has been processed based on your consent (Art. 6.1 a of the GDPR) or on contractual necessity (Art. 6.1 b of the GDPR), in a structured, commonly used and machine-readable format. Moreover, you also have the right to transmit such data to another controller without hindrance from us. If technically feasible, you also have the right to request that such personal data should be transmitted from us to another data controller.

 

Complaints to the supervisory authority

 

Please contact us with questions or complaints regarding the processing of your personal data.

You also have the right to lodge a complaint regarding the processing of your personal data with the data protection authority of the country in which you reside or work or where the alleged breach has occurred. 

 

CONTACT US

If you have any questions regarding the processing of your personal data or if you wish to exercise any of your rights, please contact us by reaching out to your regular contact person at Lyric or by using the contact details below.

Lyric Financial LLC

Address:

700 Craighead

Suite 200

Nashville Tn 37204

Email: info@lyricfinancial.com

 

We may update this Privacy Policy from time to time. We recommend that you visit this page on a regular basis to get the latest information regarding our processing of personal data.

This Privacy Policy was last updated 24 January 2022.