DMXDesktop
Concert stage lighting background
Privacy Policy

Learn how we collect, process, and protect your personal data

Privacy Policy for DMXDesktop

Effective Date: 15-08-2025
Version: 2.0

This Privacy Policy explains how DMXDesktop – Michael Lines ("we", "our", or "us") collects, processes, and protects your personal data when you use our website (dmxdesktop.com), the DMXDesktop software application ("Software"), and any related services (collectively, the "Services"). We are committed to ensuring the privacy and security of your personal information in accordance with the EU General Data Protection Regulation (GDPR), Polish data protection laws, and other applicable data protection laws globally.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.

1. Data Controller Information

Controller: Michael Lines doing business under the name of: DMXDesktop – Michael Lines
Address: Ekologiczna 41, 72-006 Mierzyn, Poland
NIP: PL8513317812
REGON: 529577980
Registration Authority: CEIDG (Central Register and Information on Economic Activity kept by minister in charge of economy)
Telephone number: +48 512 464 764
Email: [email protected]
Contact Form: https://www.dmxdesktop.com/contact

2. Definitions

Personal Data: Any information relating to an identified or identifiable natural person ('data subject').

Processing: Any operation or set of operations performed on personal data, whether automated or not (e.g., collection, recording, organisation, retrieval, use, disclosure, restriction, erasure, destruction).

GDPR: EU General Data Protection Regulation 2016/679.

Data Controller: Michael Lines.

Processor: A third party that processes personal data on our behalf.

3. Data Protection Officer

We are not required to appoint a Data Protection Officer under GDPR. For all data-related questions, contact [email protected].

4. Personal Data Collected and Legal Basis

We collect and process:

Identification Data: Name, email address

Purpose: Account creation, authentication, licensing and subscription management, critical updates and notifications

Legal basis: Contract performance; Legitimate interests

Login Authentication: Google or Facebook tokens

Purpose: Account creation, authentication, licensing and subscription management

Legal basis: Contract performance; Legitimate interests

Subscription Details: Plan type, billing cycle

Purpose: Licensing and subscription management

Legal basis: Contract performance; Legitimate interests

Payment Processing: Via Stripe (no full card details stored); addresses for verification, billing, tax compliance

Purpose: Licensing, subscription management, fraud prevention

Legal basis: Contract performance; Legal obligation

Usage Data: Crash reports, performance logs (pseudonymized)

Purpose: Functionality, compatibility, reliability, support

Legal basis: Legitimate interests; Contract performance

Support / Debug Logs: Voluntarily provided for support

Purpose: Diagnose and resolve issues

Legal basis: Consent; Legitimate interests

Cloud Backup Data: Data you choose to store in our cloud

Purpose: Backup storage per your instruction

Legal basis: Contract performance; Consent

Technical and Usage Data: IP, device details, OS, software version, approximate location, aggregated usage data

Purpose: Functionality, improvements, support, security, licensing validation

Legal basis: Legitimate interests; Contract performance

Security Data: Login attempt data, security alerts

Purpose: Account and service protection

Legal basis: Legitimate interests

Legal bases may also include:

  • Art. 6(1)(a) GDPR – Consent
  • Art. 6(1)(b) GDPR – Contract performance
  • Art. 6(1)(c) GDPR – Legal obligation
  • Art. 6(1)(f) GDPR – Legitimate interests

5. Consent Handling

Where consent is required:

  • We explain clearly what data is collected
  • Consent is voluntary and given through a clear, affirmative action
  • You can withdraw consent at any time
  • Consent records are time-stamped and versioned

Withdrawing consent does not affect the lawfulness of prior processing.

6. Payments and Processors

Payments are processed by Stripe, Inc. — see: https://stripe.com/privacy

We do not store your full credit/debit card details.

7. Cookies and Analytics

We use cookies and analytics to understand user behavior.

Includes:

  • Google Analytics (if enabled)
  • Squarespace default analytics

Users are informed via a cookie banner and can manage settings.

Legal basis:

  • Consent (for non-essential cookies)
  • Legitimate interests (for necessary cookies)

You can change cookie preferences at any time via our site or your browser.

8. Your Rights under GDPR

You have the right to:

  • Access your personal data (Art. 15)
  • Rectify inaccuracies (Art. 16)
  • Request erasure (Art. 17)
  • Restrict processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing (Art. 21)
  • Withdraw consent (Art. 7)
  • Not be subject to automated decision-making (Art. 22)
  • Lodge a complaint with a supervisory authority (UODO in Poland)

How to exercise: Email [email protected] with details. We will respond within 1 month, extendable by up to 2 months if necessary.

9. Data Security

Measures include:

  • TLS encryption
  • Data minimization
  • Access restrictions
  • Breach procedures
  • Processor contracts

If a breach occurs, we will notify affected parties and authorities as required.

10. Children's Data

Not intended for children under 16. If we learn a child's data has been collected without consent, we delete it.

11. Sensitive Data

We do not process special categories of data unless required and with explicit consent.

12. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling with significant effects.

13. Obligation to Provide Data

Certain data is required for:

  • Account creation
  • Payment processing
  • Granting access to content

Failure to provide required data may prevent service use.

14. International Data Transfers

We may transfer data outside the EEA, including to the US (Google, Stripe).

Transfers rely on:

  • Adequacy decisions (e.g., US-EU Data Privacy Framework)
  • Standard Contractual Clauses (SCCs)

15. Record of Processing Activities

We maintain records as required under Art. 30 GDPR.

16. Data Retention

Retention depends on data type:

  • Account/Billing: While account is active + legal retention period (e.g., tax = 7 years)
  • Cloud Backups: Until deleted or subscription ends
  • Technical Data: Indefinite if anonymized; personal data only as needed for security/support
  • Debug Logs: Typically 90 days after issue resolved
  • Cookies: Per cookie settings

17. Changes to This Policy

We may update this policy with 14 days' notice before changes take effect.

We keep a record of policy versions and acceptance timestamps.

18. Contact

Email: [email protected]
Form: https://www.dmxdesktop.com/contact
Mail: Michael Lines, Ekologiczna 41, 72-006 Mierzyn, Poland

Last Updated: 01-09-2025