Privacy Policy

1. Introduction

The International Federation of Phonographic Industry (“we”, “us”, “our”) is the international agency in charge of managing and maintaining the international identification system for sound and music video recordings, known as the International Standard Recording Code (“ISRC”). As part of this role, it is necessary for us to process information about ISRC registrants (“you”, “your”). This, for instance, refers to your name or contact details. We refer to this information as “personal information”.

This privacy policy sets out the general principles governing how we handle your personal information in relation to the implementation of ISRC. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it.

By providing us with your personal information, you are accepting and consenting to the practices described in this policy.

2. What information do we collect about you?

We may collect and process various categories of personal information about you. This may include but is not limited to:

  • Contact details, such as your name, address, website; and contact details of the individual to contact;
  • Registrant details: the country/registrant code assigned and registrant name;
  • Registration details, such as the date of registration and any other information associated with the ISRC application process (e.g. email correspondence, notes made through the registration process, intended use of the code); and
  • Financial information such as your bank details.

We may collect this information from you directly or we may receive it from third parties, for instance from national ISRC agencies. Regardless of the information source, we will make sure to collect and use only the minimum amount of personal information that is necessary for the purposes set out in this privacy policy.

3. What will we do with your information?

We will collect, store and use your personal information solely for the following purposes:

  • To manage and maintain the ISRC system in line with the International Organisation for Standardisation requirements;
  • To handle queries relating to the implementation of the ISRC system and to resolve issues or errors, such as conflicts between assigned codes or misuse of a code;
  • To administer the ISRC system for territories where there is no national ISRC agency in place;
  • To enable the set up of new national ISRC agencies by providing them with information relevant to their activities;
  • To supervise activities of national ISRC agencies, for instance as part of their obligation of annual reporting;
  • To report to the International Organisation for Standardisation on our activities;
  • To assist with the prevention of sound or music video recordings infringement; and
  • To implement a global search facility allowing ISRC related information to be queried.

When processing your personal information for the above-mentioned purposes, we will ensure that it is handled at all times in compliance with applicable laws and regulations concerning privacy and data protection.

4. Who is your information shared with?

Access to your personal information within our agency is restricted to designated individuals who have a clear “need to know” for business reasons.

We may share your personal information with the following third parties:

  • The International Organisation for Standardisation in accordance with the requirements set out in international standards;
  • National ISRC agencies to the extent that the information is relevant to registrants in their country;
  • Third parties such as record companies and digital music service providers in order to reply to requests which appear to be reasonable (e.g. resolving conflict of codes); and
  • Third party service providers acting on our behalf.

We may share your registrant details with users of any online ISRC service that we may offer publicly as part of the ISRC system.

5. Security

Your personal information is stored on our secure servers and computer systems and it is protected from unauthorised access by appropriate technical and organisational security measures implemented in accordance with applicable laws.

In the event that your personal information is to be shared with third party service providers which act on our behalf (such as providers of hosting services), we will take all steps to ensure that your personal information is afforded sufficient protection and is treated in accordance with this privacy policy. In particular, we contractually require third party service providers to handle your personal information only on our instructions and only for the purpose of the provision of their contracted services to us.

6. Data transfers

Your personal information is stored onto our securely protected servers located in the European Economic Area (“EEA”). In order to ensure the effective operation of the ISRC system at a global level, your personal information may be accessed from or transferred to countries outside of the EEA, including countries which may not offer an equivalent level of data protection to that of the EEA. However, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with applicable laws.

7. Data retention

Your personal information will be stored for no longer than necessary for us to carry out the purpose(s) in respect of which it was collected.

8. Your rights of access and/or correction

You have a right to access your personal information and update it as and when necessary, for instance where it is no longer factually accurate. This may be done by contacting isrc@ifpi.org. Please be aware that such access may be subject to the payment of a fee up to £10 and the verification of your identity.

We will not process your personal information for marketing purposes.

9. Changes to this privacy policy

Our website may, from time to time, contain links to and from the websites of third parties, such as national ISRC agencies. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these third parties.

10. Changes to this privacy policy

Any changes we may make to this privacy policy in the future will be posted on this page and, where appropriate, notified to you. Please check back frequently to see any updates or changes to this privacy policy.

11. Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to isrc@ifpi.org.

Last updated: 8th December 2015