Introduction

This Privacy Policy explains in detail how WePlayIn.Band (“we,” “our,” or “us”) collects, uses, shares, and protects your personal information when you use our mobile application and related services (collectively, the “Service”). This policy applies to all users of our platform, including musicians, orchestra members, and orchestra administrators/directors.

WePlayIn.Band is designed specifically for orchestra and band management, providing tools for scheduling rehearsals and performances, organizing repertoire, managing musician profiles and positions, and facilitating communication within musical organizations. Our commitment is to handle your data responsibly and transparently.

Data Controller Information

WePlayIn.Band is the data controller responsible for your personal information. Our servers are located exclusively within the European Union, ensuring compliance with EU data protection standards.

Contact Information:

Information We Collect

Personal Information

When you register and use our Service, we may collect the following personal information:

  • Account Information:
    • Full name (first and surname)
    • Email address
    • Password (stored in encrypted format)
    • Profile photo (optional)
    • Phone number (optional)
    • Language preference
  • Orchestra Membership Information:
    • Role within each orchestra (Musician, Director, Administrator)
    • Section assignments (e.g., Strings, Brass, Woodwinds)
    • Position details (e.g., First Violin, Trumpet, Clarinet)
    • Instrument proficiency and priority settings
    • Orchestra joining date
    • Activation status within each orchestra
  • Emergency Contact Information (for musicians):
    • Emergency contact name
    • Emergency contact phone number
    • This information is only visible to orchestra administrators and directors
  • Event and Attendance Data:
    • Availability status for events (Available, Unavailable, Tentative)
    • Attendance history
    • Notes regarding attendance or absence
    • Position assignments for specific events
  • Usage Data:
    • Login dates and times
    • Application feature usage patterns
    • User-generated content such as notes and repertoire information
    • Application settings and preferences
  • Device Information:
    • Device type and model
    • Operating system and version
    • Unique device identifiers
    • IP address
    • Browser type and version (if applicable)
    • Mobile network information
  • Location Information:
    • Venue addresses for events and rehearsals
    • City and country information for orchestras
    • This information is used solely for event organization purposes
Calendar Integration

With your explicit permission, we may access your device calendar to:

  • Add orchestra events and rehearsals to your personal calendar
  • Set reminders for upcoming events
  • Remove events if they are canceled or modified
  • Update event details when changes occur

You can control calendar access permissions through your device settings at any time.

How We Use Your Information

We use your personal information for the following specific purposes:

For All Users:
  • Account Management: Creating and maintaining your user account, authenticating your identity when you log in, and personalizing your experience.
  • Service Provision: Enabling core functionalities of the application, including event scheduling, repertoire management, and communication features.
  • Communications: Sending important notifications about:
    • Upcoming events and rehearsals
    • Schedule changes or cancellations
    • Orchestra announcements and news
    • System updates and maintenance information
  • Technical Support: Addressing technical issues, responding to your inquiries, and improving our service based on feedback.
  • Service Improvement: Analyzing usage patterns to enhance application features, fix bugs, and optimize performance.
For Musicians:
  • Position and Section Management: Assigning and tracking your positions within orchestras and sections.
  • Availability Tracking: Recording and displaying your availability for specific events and rehearsals.
  • Performance Organization: Organizing repertoire lists and providing access to event information relevant to your position.
For Directors and Administrators:
  • Orchestra Management: Facilitating the organization of orchestra structure, sections, and positions.
  • Musician Administration: Managing musician profiles, positions, and attendance records.
  • Event Planning: Creating and organizing rehearsals, performances, and other events.
  • Attendance Monitoring: Tracking musician attendance and managing availability for events.
  • Communication: Sending announcements and updates to orchestra members.

Data Sharing and Disclosure

Within Orchestras

We operate on a principle of limited visibility based on role and need-to-know:

  • Basic Profile Information: Your name, profile photo, role, section, and position will be visible to other members of orchestras you belong to.
  • Contact Information: Your email and phone number are only visible to directors and administrators of your orchestra.
  • Availability and Attendance Information: Your availability status and attendance records for events are visible to other members of your orchestra.
  • Position and Section Details: Information about your assigned positions and sections is visible to other orchestra members to facilitate organization.
Role-Based Access:
  • Musicians: Can view their own profile, their position assignments, event details, and limited information about other musicians in their orchestra.
  • Directors: Have additional access to manage repertoire, events, and view detailed information about musicians in their orchestra.
  • Administrators: Have comprehensive access to manage all aspects of the orchestra, including musician profiles, positions, and attendance records.
Third-Party Service Providers

We may share specific information with carefully selected third-party service providers who help us deliver our service:

  • Push Notification Provider (OneSignal): To deliver event notifications and important updates.
  • Error Tracking (Sentry): To monitor application performance and fix technical issues.
  • Cloud Storage Provider: To securely store and backup application data.
  • Email Service Provider: To send email notifications when enabled.

All third-party providers are contractually obligated to use your information solely for providing services to us and are prohibited from using your information for their own purposes.

Legal Requirements

We may disclose your information if required to do so by law, court order, governmental authority, or regulatory body. We will only share the information that we are legally required to disclose and will make reasonable efforts to notify you of such disclosure unless prohibited by law.

Orchestra Joining Process and Data Sharing

When You Request to Join an Orchestra

When you use an activation code or request to join an orchestra:

  • Initial Request: Your basic profile information (name, email, profile photo) becomes visible to the orchestra administrators and directors who must review your request.
  • Pending Status: During this review period, your information is marked as “pending” and is only accessible to authorized administrators and directors of that specific orchestra.
  • Limited Data Sharing: Only the minimum necessary information to identify you and process your request is shared before approval.
  • Request Cancellation: If you cancel your join request before approval, your information is removed from the orchestra’s pending list, and they will no longer have access to your data.
After Your Request is Approved

Once your membership request is approved:

  • Increased Visibility: Additional profile details become visible to other members of the orchestra according to their roles, as outlined in the “Within Orchestras” section of this policy.
  • Data Integration: Your profile becomes part of the orchestra’s organizational structure, allowing for position assignments and event planning.
  • Notification: You will receive a notification informing you that your request has been approved and explaining what information is now shared with the orchestra.
Orchestra Administrator Responsibilities

Orchestra administrators and directors have specific obligations regarding user data:

  • Clear Purpose: They must only use your shared information for legitimate orchestra management purposes.
  • Consent Requirement: They must obtain your explicit consent before using your information for any purpose beyond standard orchestra management.
  • Data Protection Guarantee: As data processors within their orchestra context, administrators must guarantee the protection of your personal data.
  • No External Sharing: Orchestra administrators are strictly prohibited from exporting, transferring, or sharing member data outside the WePlayIn.Band platform unless:
    • Required by law
    • Explicitly authorized by each affected member
    • Necessary for the direct operation of the orchestra (such as sharing contact information for emergency purposes)
  • Limitation on Communications: They may only contact you regarding orchestra-related matters unless you provide specific consent for other types of communication.
  • Member Departure: If you leave an orchestra, administrators must respect this decision and cease using your data within that orchestra context.
Orchestra Data Separation

We maintain strict separation between orchestras:

  • Your data in one orchestra is not automatically shared with other orchestras you join
  • Each orchestra operates as a separate data environment
  • Administrators of one orchestra cannot access your information in another orchestra
Data Processing Agreement

By creating and managing an orchestra on our platform, orchestra administrators enter into an implicit data processing agreement with WePlayIn.Band where they agree to:

  1. Process member data only for the stated purposes related to orchestra management
  2. Implement appropriate security measures to protect member data
  3. Assist members in exercising their data rights
  4. Delete or return all personal data after a member leaves their orchestra
  5. Conduct all data processing activities in compliance with applicable data protection laws

WePlayIn.Band reserves the right to restrict or terminate administrator access for those who violate these data protection requirements.

Commercial Use Restriction

We explicitly commit that your personal data will never be:

  • Sold to third parties
  • Used for advertising purposes
  • Shared with data brokers
  • Used for any commercial activities beyond the direct operation of the WePlayIn.Band service

Your data is collected and processed solely for the purpose of providing and improving the WePlayIn.Band service and will not be monetized or exploited for commercial gain outside of our direct service offering.

Data Security

We implement comprehensive technical and organizational measures to protect your personal information:

  • Encryption: All data transmission between your device and our servers uses TLS/SSL encryption.
  • Secure Storage: Personal data is stored in encrypted format where appropriate.
  • Access Controls: Strict access controls limit who within our organization can access your data.
  • Regular Security Audits: We conduct regular security assessments to identify and address potential vulnerabilities.
  • Incident Response Plan: We maintain procedures to address potential data breaches promptly and effectively.

While we implement these safeguards, no internet or electronic transmission is ever fully secure. We cannot guarantee absolute security but commit to promptly notify you of any breach affecting your personal information in accordance with applicable laws.

Data Retention

We retain your personal information for as long as:

  • Your account remains active
  • We need it to provide you with our services
  • It is necessary for legitimate business purposes
  • Required by law

If you delete your account, we will delete or anonymize your personal information within 90 days, except for information we need to retain for:

  • Legal compliance
  • Financial record-keeping
  • Dispute resolution
  • Fraud prevention

Your Rights and Choices

As a user based in the European Union or other regions with similar data protection laws, you have the following rights:

  • Right to Access: You can request a copy of the personal information we hold about you.
  • Right to Rectification: You can correct any inaccurate or incomplete personal information.
  • Right to Erasure: You can ask us to delete your personal information under certain circumstances.
  • Right to Restriction of Processing: You can ask us to restrict the processing of your personal information.
  • Right to Data Portability: You can request a machine-readable copy of your personal information to transfer to another service.
  • Right to Object: You can object to our processing of your personal information for certain purposes.
  • Right to Withdraw Consent: You can withdraw any consent you previously provided.

How to Exercise Your Rights

To exercise any of these rights, please contact us at info@weplayin.band. We will respond to your request within 30 days. We may need to verify your identity before fulfilling your request.

For data removal requests, please send a specific email with the subject line “Data Removal Request” to info@weplayin.band, including your full name and the email address associated with your account.

Notification Preferences

Within the app settings, you can:

  • Enable or disable email notifications
  • Enable or disable push notifications
  • Customize the types of notifications you receive

EU-Specific Protections

As our servers are located within the European Union and we adhere to GDPR requirements, you benefit from additional protections:

  • Lawful Basis for Processing: We process your data based on contract necessity (to provide our service), legitimate interests (to improve our service), or your explicit consent.
  • Data Protection Officer: For questions about data protection, contact our DPO at info@weplayin.band.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

Children’s Privacy

Our Service is not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@weplayin.band, and we will take steps to delete such information.

International Data Transfers

While our servers are located within the European Union, users may access the service from around the world. If you access our service from outside the EU, your information may be transferred to and processed in the EU. These countries may have data protection laws that differ from those in your country.

When we transfer personal data outside the EU, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will:

  • Post a notice in the app
  • Update the “Last Updated” date at the top of this policy
  • Send an email notification to the address associated with your account
  • Request renewed consent where required by law

Orchestra Administrators’ Responsibilities

If you serve as an orchestra administrator or director, you have additional responsibilities:

  • Consent: You must obtain proper consent from musicians before adding them to your orchestra.
  • Data Minimization: Only collect and use personal information that is necessary for orchestra management.
  • Privacy Respect: Honor musicians’ privacy preferences and data rights.
  • Access Limitations: Limit access to sensitive information to those who need it within your organization.
  • Confidentiality: Maintain the confidentiality of musician information and do not share it outside your orchestra without consent.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: info@weplayin.band Website: www.weplayin.band

For formal data requests including access, correction, or deletion, please include “Data Privacy Request” in your email subject line.

Last Updated: March 28, 2025

By using the WePlayIn.Band application, you acknowledge that you have read and understood this Privacy Policy. This document constitutes a binding agreement between you and WePlayIn.Band regarding the collection, use, and protection of your personal information.