Privacy Policy

Last updated: May 2026

This Privacy Policy explains how personal data is processed when you visit and use the website maibamusic.com, including its pages, functions, content, contact options and linked online presences.

Personal data means any information relating to an identified or identifiable natural person, such as a name, email address, telephone number, IP address, device information or online identifiers.

This Privacy Policy is based on the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telecommunications Digital Services Data Protection Act (TDDDG), where applicable.

1. Controller

The controller responsible for data processing on this website is:

more than talent records / Maiba Marino
Schellingstr. 109a
80798 Munich
Germany

Email: admin@maibamusic.com

2. Overview of Data Processing

Depending on how you use this website, we may process the following categories of personal data:

  • Contact data, such as name, email address, telephone number and booking-related information.
  • Content data, such as messages, enquiries, comments, photographs, videos or other information you send to us.
  • Usage data, such as visited pages, access times, viewed content and interactions with the website.
  • Technical data, such as IP address, browser type and version, operating system, referrer URL, device information and server log files.
  • Communication data, such as email correspondence, social media messages and enquiry history.

3. Purposes of Processing

We process personal data for the following purposes:

  • Providing and maintaining the website.
  • Responding to contact, booking and business enquiries.
  • Communicating with clients, interested parties and website visitors.
  • Ensuring website security and technical functionality.
  • Presenting music, videos, audio content, social media links and other embedded content.
  • Analysing and improving the website, where legally permitted.
  • Fulfilling legal, contractual and tax-related obligations.

4. Legal Bases for Processing

We process personal data only where a legal basis applies. Depending on the specific processing activity, the legal basis may be:

  • Art. 6(1)(a) GDPR — consent, for example for optional cookies, tracking technologies or certain embedded third-party services.
  • Art. 6(1)(b) GDPR — performance of a contract or pre-contractual steps, for example when processing booking or business enquiries.
  • Art. 6(1)(c) GDPR — compliance with legal obligations, for example tax and accounting obligations.
  • Art. 6(1)(f) GDPR — legitimate interests, for example secure website operation, communication with users and protection against misuse.

Where access to or storage of information on your device is involved, such as through cookies or similar technologies, this may also be governed by the TDDDG. Non-essential cookies and comparable technologies are generally used only with your consent.

5. Contact and Booking Enquiries

When you contact us by email, telephone, contact form, booking request or social media, we process the information you provide in order to handle your enquiry and communicate with you.

This may include your name, email address, telephone number, company or event details, message content and any other information you voluntarily provide.

The legal basis is Art. 6(1)(b) GDPR where the communication relates to a contract or pre-contractual enquiry. In other cases, the legal basis may be Art. 6(1)(f) GDPR based on our legitimate interest in responding to enquiries.

We delete enquiry data when it is no longer required, unless statutory retention obligations or legitimate interests require longer storage.

6. Hosting and Server Log Files

This website is hosted by an external hosting provider. In order to provide the website securely and reliably, the hosting provider may process technical data, including:

  • IP address.
  • Date and time of access.
  • Requested page or file.
  • Amount of data transferred.
  • Browser type and version.
  • Operating system.
  • Referrer URL.
  • Access status or error messages.

The processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest is the secure, stable and efficient operation of the website.

Server log files are generally stored only for as long as necessary for security and technical purposes and are then deleted or anonymised, unless longer storage is required to investigate misuse, attacks or legal claims.

7. Cookies and Consent Management

This website may use cookies and similar technologies. Cookies are small text files stored on your device. They may be necessary for the technical operation of the website or used for optional purposes such as analytics, media embedding or marketing.

We distinguish between:

  • Essential cookies, which are required for the website to function properly.
  • Functional cookies, which improve usability or remember settings.
  • Analytics cookies, which help us understand how the website is used.
  • Marketing cookies, which may be used to display or measure personalised content or advertising.

Essential cookies may be used without consent where they are technically necessary. Optional cookies and similar technologies are used only with your consent, where required by law.

You can withdraw or change your consent at any time through the cookie settings provided on the website, where available. You can also delete or block cookies in your browser settings. Please note that blocking cookies may limit the functionality of the website.

8. Embedded Third-Party Content

This website may embed or link to third-party content, such as videos, audio players, maps, fonts, social media posts or external media platforms.

When third-party content is loaded, the respective provider may receive technical information, including your IP address, device information and browser data. The provider may also use cookies or similar technologies, especially if you are logged into an account with that provider.

Where required by law, such third-party content is loaded only after you have given consent.

9. YouTube

This website may embed videos from YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google LLC, based in the United States, may also be involved in data processing.

When YouTube videos are loaded, Google may process personal data, including IP addresses, device information, usage data and, if you are logged into your Google account, account-related data. Google may also use cookies and similar technologies.

Where YouTube is not technically necessary for the basic operation of the website, videos should be loaded only after your consent. The legal basis is Art. 6(1)(a) GDPR and, where applicable, consent under the TDDDG.

Further information is available in Google’s Privacy Policy:
https://policies.google.com/privacy

10. Google Maps

This website may embed maps from Google Maps. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google LLC, based in the United States, may also be involved in data processing.

When Google Maps is loaded, Google may process your IP address, device information, browser data and, depending on your settings, location data.

Google Maps should be loaded only with your consent where it is not technically necessary. The legal basis is Art. 6(1)(a) GDPR and, where applicable, consent under the TDDDG.

Further information is available in Google’s Privacy Policy:
https://policies.google.com/privacy

11. SoundCloud

This website may embed audio content or player widgets from SoundCloud. The provider is SoundCloud Global Limited & Co. KG, Rheinsberger Str. 76/77, 10115 Berlin, Germany.

When SoundCloud content is loaded, SoundCloud may process technical data, including your IP address, browser information, device data and information about the audio content accessed. SoundCloud may also use cookies or similar technologies and may associate listening activity with your SoundCloud account if you are logged in.

Where SoundCloud content is not technically necessary for the basic operation of the website, it should be loaded only after your consent. The legal basis is Art. 6(1)(a) GDPR and, where applicable, consent under the TDDDG.

Further information is available in SoundCloud’s Privacy Policy:
https://soundcloud.com/pages/privacy

12. Spotify

This website may link to or embed content from Spotify. The provider is Spotify AB, Regeringsgatan 19, 111 53 Stockholm, Sweden.

When Spotify content is loaded, Spotify may process technical data, usage data and, if you are logged into Spotify, account-related information. Spotify may also use cookies or similar technologies.

Where embedded Spotify content is used, it should be loaded only after consent where required by law.

Further information is available in Spotify’s Privacy Policy:
https://www.spotify.com/legal/privacy-policy

13. Social Media Presences and Links

We maintain online presences on social media platforms and link to external profiles, including platforms such as Instagram, Facebook, YouTube, SoundCloud and Spotify.

When you visit our profiles on these platforms, the respective platform provider is responsible for processing your data. The platform provider may process personal data for analytics, advertising, communication, security and profiling purposes.

If you contact us through social media, we process your message and profile information to respond to your enquiry. The legal basis may be Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR.

Please review the privacy policies of the respective platforms for further information.

14. Instagram and Facebook / Meta

This website may link to or embed content from Instagram and Facebook. These services are provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

If Meta content is embedded and loaded, Meta may process personal data, including IP addresses, device information, browser data, usage behaviour and account-related information if you are logged into a Meta account.

Where embedded Meta content, plugins or tracking technologies are used, they should be loaded only after your consent where required by law.

Further information is available in Meta’s Privacy Policy:
https://www.facebook.com/privacy/policy

15. X / Twitter

This website may link to or embed content from X, formerly Twitter. The provider may process technical data, usage data and account-related information if you are logged into X.

Where embedded X content is used, it should be loaded only after consent where required by law.

Further information is available in X’s Privacy Policy:
https://x.com/privacy

16. Analytics and Online Marketing

If analytics or marketing services such as Google Analytics, Google Ads, Google Marketing Platform, Meta Pixel or comparable technologies are used on this website, such services may process usage data, device information, IP addresses, cookie identifiers and interaction data.

Such services are generally used only with your consent. The legal basis is Art. 6(1)(a) GDPR and, where applicable, consent under the TDDDG.

17. International Data Transfers

Some providers used on or linked from this website may process personal data outside the European Union or the European Economic Area, particularly in the United States.

Where data is transferred to a third country, we ensure that appropriate safeguards are in place, such as:

  • An adequacy decision by the European Commission, where available.
  • Certification under the EU-U.S. Data Privacy Framework for participating U.S. providers.
  • EU Standard Contractual Clauses.
  • Additional technical and organisational safeguards, where required.
  • Your explicit consent, where applicable.

18. Data Retention

We store personal data only for as long as necessary for the purposes for which it was collected, unless statutory retention obligations, contractual obligations or legitimate interests require longer storage.

Business and tax-related records may be retained in accordance with applicable statutory retention periods, including German commercial and tax law requirements.

Where data is no longer required, it will be deleted or anonymised. If deletion is not possible because legal retention obligations apply, processing will be restricted.

19. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

These measures include, where appropriate, access controls, secure transmission, data minimisation, confidentiality measures and regular review of security procedures.

20. Your Rights

Under the GDPR, you have the following rights:

  • The right of access under Art. 15 GDPR.
  • The right to rectification under Art. 16 GDPR.
  • The right to erasure under Art. 17 GDPR.
  • The right to restriction of processing under Art. 18 GDPR.
  • The right to data portability under Art. 20 GDPR.
  • The right to object under Art. 21 GDPR.
  • The right to withdraw consent at any time under Art. 7(3) GDPR.
  • The right to lodge a complaint with a supervisory authority under Art. 77 GDPR.

To exercise your rights, you can contact us at:
admin@maibamusic.com

21. Right to Withdraw Consent

If processing is based on your consent, you may withdraw your consent at any time with effect for the future. The lawfulness of processing carried out before withdrawal remains unaffected.

22. Right to Object

You have the right to object at any time to the processing of your personal data where processing is based on Art. 6(1)(f) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or unless processing is necessary for the establishment, exercise or defence of legal claims.

You may object to processing for direct marketing purposes at any time.

23. Updates to this Privacy Policy

We may update this Privacy Policy when legal, technical or business circumstances change. The current version is always available on this website.