Piano Express’s GDPR Commitment
Record of Processing Activities
This Record of Processing Activities (Record) describes how Piano Express Solutions, LLC in the United States processes personal data. Piano Express Solutions, LLC recognizes that Article 30 of the EU General Data Protection Regulation (GDPR) imposes documentation requirements on controllers and processors. This Record is company confidential information but Piano Express Solutions, LLC will provide it to the appropriate supervisory authority on request as required by Article 30.
Controller Details:
Name: Piano Express Solutions, LLC
Address: 20608 Gordon Park Sq | Suite 190 | Ashburn, VA 20147
Telephone Number: (703) 723-5406
Website: grouplessons.com
Categories of Data Subjects
Piano Express Solutions, LLC collects personal data from the following categories of data
subjects:
- Piano Express Solutions, LLC’s customers or consumers.
Categories of Personal Data
Piano Express Solutions, LLC collects the following categories of personal data about customers:
- Personal details including name and contact information.
- User activity details and user preferences.
- Browser history details.
- Electronic identification data including IP address and information collected through cookies.
- Credit card information and payment details.
- Contractual details including the goods and services provided.
Purposes of Data Processing
Piano Express Solutions, LLC collects and processes personal data about customers for the following purposes:
- Maintaining and enhancing Piano Express Solutions, LLC products and services.
- Providing products and services and customer management.
- Account management.
- Direct marketing.
- Supporting network and system security.
- Auditing.
- Detecting and preventing fraud.
- Complying with legal obligations.
- Conducting web analytics.
Categories of Personal Data Recipients
Piano Express Solutions, LLC discloses personal data to the following categories of recipients, some of which may be located in third countries or may be international organizations as defined in Article 4(26) of the GDPR:
- Piano Express Solutions, LLC’s affiliated entities.
- Business partners.
- Auditors and professional advisors, such as lawyers and consultants.
- Federal, state, and local law enforcement officials.
- Third-party service providers, such as providers of:
- IT system management; or information security.
Personal Data Retention Periods
Except as otherwise permitted or required by applicable law or regulation, Piano Express
Solutions, LLC only retains personal data for as long as necessary to fulfill the purposes Piano Express Solutions, LLC collected it for, as required to satisfy any legal, accounting, or reporting
obligations, or as necessary to resolve disputes. To determine the appropriate retention period for personal data, Piano Express Solutions, LLC considers the amount, nature, and sensitivity of personal data, the potential risk of harm from unauthorized use or disclosure of personal data, the purposes for processing the personal data, whether the employer can fulfill the purposes of processing by other means, and any applicable legal requirements.
Piano Express Solutions, LLC typically retains personal data for the periods set out below,
subject to any exceptional circumstances or to comply with laws or regulations that require a specific retention period:
- Information about customers:
- personal details including name and contact information: 1 year;
- user activity details and user preferences: 1 year;
- browser history details: 1 year;
- electronic identification data including IP address and information collected through cookies: 1 year;
- contractual details including the goods and services provided: 1 year.
Technical and Organizational Security Measures
Piano Express Solutions, LLC has implemented the following technical and organizational security measures to protect personal data:
- Encryption of personal data.
- Segregation of personal data from other networks.
- Access control and user authentication.
- Employee training on information security.
- Written information security policies and procedures.
Changes to this Record of Processing Activities
Piano Express Solutions, LLC reserves the right to amend this Record of Processing Activities from time to time consistent with the GDPR and other applicable data protection requirements.
Effective Date:
1/3/2023
Last modified:1/3/2023