PRIVACY POLICY

PRIVACY POLICY

Last Updated: December 18, 2025

 

1. Introduction

 

Welcome to Bismuth Records. We are committed to protecting your privacy and handling your personal data with transparency and care. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, create an account, or purchase our products.

This Privacy Policy applies to all users of our website at bismuth-records.com (the “Site”) and should be read alongside our Terms of Service.

By using our Site, creating an account, or making a purchase, you acknowledge that you have read and understood this Privacy Policy.

 

2. Who We Are (Data Controller)

 

For the purposes of data protection law, the data controller responsible for your personal data is:

Hanan Bismuth

(doing business as Bismuth Records)

Harav Maimon 35

Netanya, 4222355

Israel

Email: info@bismuth-records.com

Website: bismuth-records.com

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at the email address above.

 

3. What Personal Data We Collect

 

We collect different types of personal data depending on how you interact with our Site:

 

3.1 Account Registration

 

When you create an account on our Site, we collect:

  • Your name
  • Email address
  • Password (stored in encrypted form)
  • Account preferences

 

3.2 Purchases

 

When you make a purchase, we collect:

  • Your name and email address
  • Billing address
  • Purchase history and order details

Important: We do not collect or store your payment card details. All payment processing is handled by Paddle.com Market Limited (“Paddle”), our Merchant of Record. Paddle collects and processes your payment information directly and securely. Please refer to Paddle’s Privacy Policy at paddle.com/legal/privacy for information on how they handle your payment data.

 

3.3 Newsletter Subscription

 

If you subscribe to our newsletter or marketing emails, we collect:

  • Your email address
  • Your name (if provided)
  • Subscription preferences
  • Email engagement data (opens, clicks)

 

3.4 Product Reviews

 

If you submit a product review, we collect:

  • Your name or display name
  • The content of your review
  • The date and time of submission

 

3.5 Communications

 

If you contact us via email or through our website, we collect:

  • Your name and email address
  • The content of your message
  • Any other information you choose to provide

 

3.6 Automatically Collected Data

 

When you visit our Site, we may automatically collect certain technical data, including:

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website
  • Date and time of visit

 

4. How We Use Your Personal Data

 

We use your personal data for the following purposes:

 

4.1 To Provide Our Services

  • Processing your orders and delivering your purchased products
  • Managing your account and providing access to your downloads
  • Sending order confirmations, download links, and account notifications
  • Providing customer support and responding to your inquiries

4.2 To Communicate With You

  • Sending transactional emails (order confirmations, password resets, etc.)
  • Sending marketing emails about new products, updates, and promotions (only if you have opted in)
  • Responding to your questions and support requests

4.3 To Improve Our Services

  • Understanding how visitors use our Site
  • Improving our website, products, and customer experience
  • Troubleshooting technical issues

4.4 To Protect Our Business

  • Preventing fraud and unauthorised access
  • Enforcing our Terms of Service
  • Complying with legal obligations

 

5. Legal Basis for Processing (GDPR)

 

If you are located in the European Union, European Economic Area, or United Kingdom, we process your personal data based on the following legal grounds:

 

5.1 Performance of a Contract

 

We process your data when necessary to fulfil our contractual obligations to you, including:

  • Processing your purchase and delivering your products
  • Managing your account
  • Providing customer support

 

5.2 Consent

 

We process your data based on your consent for:

  • Sending marketing emails and newsletters
  • Setting non-essential cookies

You may withdraw your consent at any time (see Section 9 for details).

 

5.3 Legitimate Interests

 

We process your data based on our legitimate interests for:

  • Improving our website and services
  • Preventing fraud and protecting the security of our Site
  • Analysing how our Site is used

We ensure these interests do not override your fundamental rights and freedoms.

 

5.4 Legal Obligation

 

We may process your data when required by law, such as for tax, accounting, or regulatory purposes.

 

6. Who We Share Your Data With

 

We do not sell your personal data. We only share your data with trusted third parties who help us operate our business:

 

6.1 Payment Processing

 

Paddle.com Market Limited — Paddle is our Merchant of Record and handles all payment processing, tax collection, and billing. When you make a purchase, Paddle collects your payment information directly. Paddle’s Privacy Policy is available at paddle.com/legal/privacy.

 

6.2 Email Marketing

 

We use a third-party email marketing service to send newsletters and marketing emails. Your email address and name may be shared with this service provider for the purpose of sending you communications you have opted in to receive.

 

6.3 Website Hosting

 

WP Engine — Our website is hosted on WP Engine’s servers located in the United States. WP Engine may process technical data to provide hosting services.

 

6.4 Other Disclosures

 

We may also disclose your personal data if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

 

7. International Data Transfers

 

We are based in Israel, and our website is hosted on servers in the United States. If you are located in the European Union, European Economic Area, or United Kingdom, your personal data may be transferred to and processed in countries outside your jurisdiction.

When we transfer your data internationally, we take steps to ensure your data is protected, including:

  • Transferring data to countries that have been deemed to provide an adequate level of data protection by the European Commission
  • Using standard contractual clauses approved by the European Commission
  • Working with service providers who participate in recognised data protection frameworks

Israel has been recognised by the European Commission as providing adequate protection for personal data.

If you have questions about international data transfers, please contact us.

 

8. How Long We Keep Your Data

 

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Account data: As long as your account remains active. If you delete your account, we will delete your personal data, except where we are required to retain it for legal purposes.
  • Purchase history: Retained for as long as your account exists to provide you access to your products, and as required for accounting and tax purposes (typically 7 years from the date of transaction).
  • Marketing data: Until you unsubscribe from our mailing list or request deletion.
  • Support communications: Retained for a reasonable period to provide ongoing support and maintain records of our communications.
  • Technical/log data: Typically retained for up to 12 months for security and troubleshooting purposes.

 

9. Your Rights

 

Depending on your location, you may have the following rights regarding your personal data:

 

9.1 Rights Under GDPR and UK GDPR

 

If you are located in the European Union, European Economic Area, or United Kingdom, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete personal data.
  • Erasure: Request deletion of your personal data (“right to be forgotten”) in certain circumstances.
  • Restriction: Request that we restrict processing of your personal data in certain circumstances.
  • Data portability: Request to receive your personal data in a structured, commonly used, machine-readable format.
  • Object: Object to processing of your personal data based on legitimate interests or for direct marketing purposes.
  • Withdraw consent: Where we rely on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

 

9.2 How to Exercise Your Rights

 

To exercise any of these rights, please contact us at info@bismuth-records.com. We will respond to your request within one (1) month. In some cases, we may need to verify your identity before processing your request.

For marketing emails, you can unsubscribe at any time by clicking the “unsubscribe” link at the bottom of any marketing email.

 

9.3 Right to Lodge a Complaint

 

If you are located in the EU, EEA, or UK and believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection supervisory authority.

 

10. Cookies and Tracking Technologies

 

Our website uses cookies and similar technologies to enhance your experience, remember your preferences, and understand how you use our Site.

 

10.1 What Are Cookies?

 

Cookies are small text files stored on your device when you visit a website. They help websites remember information about your visit, making your next visit easier and the site more useful to you.

 

10.2 Types of Cookies We Use

  • Essential cookies: These are necessary for the website to function properly. They enable core features like user authentication, shopping cart functionality, and account access. These cookies cannot be disabled.
  • Functional cookies: These remember your preferences and choices (such as language or region) to provide a more personalised experience.
  • Performance/Analytics cookies: These help us understand how visitors interact with our website by collecting information anonymously. This helps us improve our Site.

 

10.3 Managing Cookies

 

When you first visit our Site, you will be presented with a cookie consent banner that allows you to accept or decline non-essential cookies. You can change your cookie preferences at any time through your browser settings or through our cookie settings on the Site.

Most web browsers allow you to control cookies through their settings. Please note that disabling certain cookies may affect the functionality of our Site.

 

11. Third-Party Links

 

Our Site may contain links to third-party websites (such as Paddle, Xfer Records, or social media platforms). We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.

 

12. Children’s Privacy

 

Our Site and services are intended for users who are at least eighteen (18) years of age. Users under the age of 18 may only use the Site with the involvement and consent of a parent or legal guardian who agrees to be bound by our Terms of Service and this Privacy Policy. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at info@bismuth-records.com and we will take steps to delete such information.

 

13. Data Security

 

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Secure HTTPS encryption for all data transmitted to and from our Site
  • Secure password storage using industry-standard encryption
  • Regular security updates and monitoring
  • Limited access to personal data on a need-to-know basis

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

 

14. Changes to This Privacy Policy

 

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make changes, we will update the “Last Updated” date at the top of this policy.

We encourage you to review this Privacy Policy periodically. Your continued use of our Site after any changes constitutes acceptance of the updated Privacy Policy.

 

15. Contact Us

 

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us:

Hanan Bismuth

(doing business as Bismuth Records)

Harav Maimon 35

Netanya, 4222355

Israel

Email: info@bismuth-records.com

For payment-related privacy inquiries, please contact Paddle at paddle.com/legal/privacy.

* * *

By using our website, you acknowledge that you have read and understood this Privacy Policy.