Skip to main contentSkip to navigationSkip to search
Deals
Contact usMagazineFAQEventsJobs (3)

Data protection

Controller

MusiX GmbH
Schildgasse 12
79618 Rheinfelden (Baden)
Germany
E-Mail: privacy@musix.com

Data Protection Officer

For privacy-related questions, you can reach our Data Protection Officer at:
E-Mail: privacy@musix.com

Categories of Processed Data
  • Master data: name, address, contact details
  • Order data: products, prices, invoices, payment behavior
  • Payment data: bank or credit card details, PayPal or Klarna information
  • Usage data: IP address, device information, browser type, clicked pages
  • Communication data: email, phone, chat content
  • Creditworthiness data: information from credit agencies for invoice purchases
Purposes and Legal Bases

We process personal data on the following legal bases:

  • Art. 6 (1) (b) GDPR: contract performance and pre-contractual measures
  • Art. 6 (1) (c) GDPR: compliance with legal obligations (e.g. tax, customs)
  • Art. 6 (1) (f) GDPR: legitimate interests (e.g. IT security, fraud prevention)
  • Art. 6 (1) (a) GDPR: consent (e.g. newsletters, marketing tracking)
Server Logfiles

When accessing our website, the following data is automatically recorded:

  • IP address
  • Date and time of access
  • Pages visited
  • Browser type and version
  • Operating system

The storage is carried out to ensure stability and security. Data is deleted after a maximum of 14 days.

Hosting and Security (Sucuri Firewall)

Our website is hosted on our own servers. In addition, we use the security service Sucuri to prevent attacks (e.g. DDoS). Connection data such as IP addresses may be processed. Legal basis: legitimate interest pursuant to Art. 6 (1) (f) GDPR.

Cookies and Similar Technologies

We use cookies to enable the use of our website (technically necessary) and – with your consent – for analysis and marketing purposes.

You can withdraw your consent at any time via the cookie banner.

Tracking and Marketing

We use the following services for advertising and analytics purposes:

  • Google Ads Conversion Tracking (Google Ireland Ltd.)
  • Meta/Facebook Pixel (Meta Platforms Ireland Ltd.)

Processing takes place only with your consent (Art. 6 (1) (a) GDPR). Data may be transferred to the USA. Google and Meta are certified under the Data Privacy Framework.

Newsletter

We send newsletters only after double opt-in. Your email address is stored on our own mail server. We track clicks and openings to optimize content.

Legal basis: consent (Art. 6 (1) (a) GDPR). You can unsubscribe at any time using the link provided in each newsletter.

Contact Form and Support

If you contact us by email, phone, or contact form, we store your details to process your request. Legal basis: Art. 6 (1) (b) and (f) GDPR.

Live Chat

Our live chat is operated internally. Message content, timestamps, and IP addresses are stored to prevent misuse. Legal basis: Art. 6 (1) (f) GDPR.

Credit Checks

When choosing the payment method "invoice purchase," we may obtain creditworthiness information from external agencies. Legal basis: legitimate interest in payment security (Art. 6 (1) (f) GDPR).

Disclosure to Third Parties
  • to shipping providers (e.g. DHL, UPS)
  • to payment providers (e.g. PayPal, credit card companies, Klarna)
  • to customs and authorities for international orders
  • to suppliers in case of direct deliveries
  • to repair centers for warranty and service cases
  • to print service providers for catalog mailing (if ordered)
Captcha / Bot Protection

To prevent automated abuse, we use captcha technologies. IP addresses and user interaction (e.g. mouse movements) may be transmitted to the provider. Consent is obtained beforehand.

Storage Duration

We store personal data only as long as necessary for the respective purposes or as long as statutory retention obligations exist (e.g. 10 years for tax documents).

International Data Transfers

Data transfers to providers outside the EEA (e.g. Google, Meta) take place only if an adequate level of data protection is ensured, e.g. via the EU-US Data Privacy Framework or Standard Contractual Clauses.

Data Subject Rights
  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure ("right to be forgotten," Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority
Updates to this Privacy Policy

We reserve the right to update this privacy policy to reflect changes in law or our services. Last updated: August 2025