The Label Manager Logo

Legal

Privacy Policy

for “The Label Manager”

Last updated: April 2026

1. Controller

The responsible party for data processing within the meaning of the General Data Protection Regulation (GDPR) is:

Frank Dase
Gilleshütte 9
41352 Korschenbroich
Germany

Email: contact@thelabelmanager.com
Website: https://www.thelabelmanager.com

2. General Information on Data Processing

We process personal data of our users only insofar as this is necessary to provide a functional web application (“The Label Manager”) and to deliver our content and services.
Processing of personal data is generally carried out only after the user’s consent or when permitted by legal regulations.

3. Registration and User Account

To use the app, registration with an email address is required.
During registration we collect and store the following data:

  • Email address
  • Encrypted password
  • Date of registration
  • Label name or username (if applicable)

These data are used exclusively for the management of the user account and for the use of the app’s features.

Legal basis: Art. 6 (1) (b) GDPR (performance of a contract)

4. Access to Spotify Data (API Integration)

Our application allows users to retrieve and display data from Spotify (e.g. artist information, track statistics, popularity scores, previews).
This feature uses the Spotify Web API.
Users must authorize the connection to their Spotify account.
During this process, Spotify transmits certain personal data (such as user ID, public profile information, playlists, and statistics) in accordance with Spotify’s own terms of use and privacy policy.
These data are used solely to display the requested information within the application and are not permanently stored or shared with third parties, unless technically required.
Legal basis: Art. 6 (1) (a) GDPR (consent)
More information: Spotify Privacy Policy

5. Spotify Preview Player

The app may embed a Spotify preview player.
When you play music through this feature, a connection is established to Spotify’s servers.
Spotify may collect technical data such as your IP address and the time of access.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in providing a functional and appealing service)

6. Newsletter Delivery

Users can send newsletters to stored contact lists through “The Label Manager.”
In this process, recipients’ email addresses and the email content are processed and temporarily stored on our servers.
Email delivery occurs solely on behalf of the respective user (the controller) who uploaded the email addresses.
Frank Dase (“The Label Manager”) acts as a data processor within the meaning of Art. 28 GDPR.
A double opt-in procedure can be used for newsletter subscriptions.
Recipients can unsubscribe at any time using the unsubscribe link included in every email.

Legal basis: Art. 6 (1) (a) GDPR (consent of the recipient) and Art. 6 (1) (f) GDPR (legitimate interest in providing the service)

7. Consent Management and Regional Privacy Logic

We use a consent management mechanism to determine whether analytics and measurement technologies may be activated.
The exact banner and activation logic depends both on the type of page being visited and on the visitor’s detected country, based on IP-derived geo headers provided by our hosting or proxy infrastructure and, if unavailable, the browser’s language settings as a fallback.
Our main application, including the landing page, login area, and dashboard, uses an opt-in model only.
Public link pages and promo download pages may use either an opt-in or opt-out model depending on the detected country.
For visitors from the United States on public link pages and promo download pages, we use a separate opt-out variant with a “Do Not Sell or Share My Info” option.
If a visitor refuses tracking, consent-related cookies and tracking cookies are deleted where technically possible, and tracking is either stopped or limited depending on the applicable page type and region-specific setup.

Processed data categories: country code, consent decision, page type, browser metadata, referrer information, and technical identifiers required to enforce the selected privacy mode.
Legal basis: Art. 6 (1) (a) GDPR (consent), Art. 6 (1) (f) GDPR (legitimate interest in privacy-compliant and region-appropriate delivery of our website), and, where applicable, compliance with local privacy laws outside the EEA.

8. Main Application: Internal Measurement and Google Analytics

On our main application, including the landing page, login page, and dashboard, we use internal tools and Google Analytics to understand how visitors and users interact with our main site and product surfaces.
This helps us analyze usage patterns and prioritize improvements and new features.
Google Analytics may process technical usage data such as page views, approximate location derived from IP-based geolocation, browser and device information, referrer data, and interaction events.
On these pages, Google Analytics is loaded only after explicit consent.
If consent is denied or withdrawn, Google Analytics is disabled and related analytics cookies are deleted where technically possible.

Recipient: Google Ireland Limited / Google LLC
Legal basis: Art. 6 (1) (a) GDPR where prior consent is required; otherwise Art. 6 (1) (f) GDPR for audience measurement and service optimization, subject to the applicable regional privacy rules.

9. Public Link Pages: Internal Analytics and Optional Meta Pixel

Public link pages always use internal analytics to measure visits, page interactions, and link performance.
If Meta tracking is not enabled for the relevant link page, no data is shared with third-party advertisers from that page context.
Public link pages can optionally include Meta Pixel functionality and related conversion tracking features for the respective label or page operator.
When Meta is enabled for a specific link page, Meta may receive event data such as page views, clicks on streaming links, technical browser information, IP-derived geo information, referrer data, and Meta identifiers such as _fbp, _fbc or comparable event identifiers if available.
In addition to browser-side events, server-side conversion events may be sent where configured by the page owner.
In opt-in countries, Meta tracking remains disabled until the visitor provides consent.
In configured opt-out countries, Meta tracking may be active by default until the visitor objects.
For visitors from the United States on link pages, if the visitor uses the opt-out option, Meta tracking is not necessarily fully stopped; instead, Meta’s Limited Data Use / restricted processing mode may be applied in order to limit downstream use of the data in accordance with the selected US privacy handling.
Outside that US-specific setup, a refusal causes Meta tracking to be disabled and related cookies such as _fbp and _fbc to be deleted where technically possible.

Recipient: Meta Platforms Ireland Limited / Meta Platforms, Inc.
Legal basis: Art. 6 (1) (a) GDPR where prior consent is required; otherwise Art. 6 (1) (f) GDPR for marketing measurement and campaign effectiveness, subject to the applicable regional privacy rules.
Further information: Meta Privacy Policy

10. Promo Download Pages and Meta Ads Dashboard Integration

Public promo download pages use internal analytics to measure page visits and download-related interactions.
No data is shared with third-party advertisers from these download pages through Google Analytics or Meta Pixel.
Depending on the detected country, these public download pages may use either an opt-in or opt-out banner for internal analytics only.

Separately, within the authenticated dashboard, “The Label Manager” can connect to Meta Ads services so that authenticated users can access campaign-related data and manage advertising workflows inside the dashboard.
This may involve processing Meta account identifiers, campaign and ad metrics, account settings, connected business information, and other API-based metadata made available through the user’s Meta account authorization.
These data are processed only within the authenticated area and only in connection with the user’s requested dashboard functionality.

Legal basis: Art. 6 (1) (b) GDPR (performance of a contract) and, where required for additional optional integrations, Art. 6 (1) (a) GDPR.
Further information: Meta Privacy Policy

11. Contact by Email

If you contact us by email (e.g. via contact@thelabelmanager.com), we will process your personal data provided in the email (e.g. name, address, email content) solely for the purpose of responding to your inquiry.

Legal basis: Art. 6 (1) (b) GDPR (performance of a contract or pre-contractual measures)

12. Data Retention and Deletion

Personal data will be deleted once the purpose of storage no longer applies or upon the user’s request to delete their account, provided there are no legal obligations to retain such data.

13. Data Subject Rights

Under the GDPR, users have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)

Users also have the right to lodge a complaint with the competent supervisory authority:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI NRW)

PO Box 20 04 44
40102 Düsseldorf, Germany
https://www.ldi.nrw.de

14. Data Security

We implement appropriate technical and organizational measures to protect personal data against loss, misuse, and unauthorized access.
The connection to our app is encrypted via HTTPS (TLS).

15. Changes to This Privacy Policy

We reserve the right to update this privacy policy as necessary to reflect legal or technical developments.
The latest version is always available at:
👉 https://www.thelabelmanager.com/privacy