Privacy Policy

Privacy Policy

Last updated: 03.06.2026

This Privacy Policy explains how AMPMUSE processes your personal data when you visit ampmuse.com (the “Site”) and use our services, including the purchase of sample packs, templates and courses, and our newsletter. We process personal data exclusively in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Controller

The controller responsible for data processing on this website is:
Roman Halva, Marienstraße 2, 12459 Berlin, Germany · Email: info@ampmuse.com

2. Your Rights

You have the right of access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and the right to object to processing (Art. 21). Where processing is based on consent, you may withdraw it at any time with effect for the future (Art. 7(3) GDPR). To exercise these rights, contact info@ampmuse.com.

Right to lodge a complaint (Art. 77 GDPR): You may lodge a complaint with a supervisory authority. The authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Alt-Moabit 59–61, 10555 Berlin.

Right to object (Art. 21 GDPR): Where we process data based on legitimate interests (Art. 6(1)(f)), you may object at any time for reasons arising from your particular situation. You may object to the use of your data for direct marketing at any time without giving reasons.

3. Legal Bases

We process personal data on the basis of your consent (Art. 6(1)(a) GDPR), the performance of a contract or pre-contractual measures (Art. 6(1)(b)), compliance with a legal obligation (Art. 6(1)(c)), and our legitimate interests (Art. 6(1)(f)).

4. Hosting

Our website is hosted by ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany. The provider processes data such as your IP address on our behalf under a data processing agreement pursuant to Art. 28 GDPR. Legal basis: Art. 6(1)(f) GDPR.

5. Server Log Files

When you access our Site, the server automatically stores log data including IP address, date and time of the request, browser type and version, operating system, referrer URL and pages visited. This data is processed for the technical operation and security of the website (Art. 6(1)(f) GDPR) and is not merged with other data.

6. Cookies and Consent Management

Our Site uses cookies and similar technologies. Cookies that are not technically necessary are only set with your consent (Art. 6(1)(a) GDPR), obtained via our consent banner powered by CookieYes. Technically necessary cookies are based on Art. 6(1)(f) GDPR. You can change or withdraw your settings at any time via the cookie banner.

7. Online Shop, Accounts and Orders

When you order or create an account through our WooCommerce-based shop, we process the data you provide (e.g. name, email, invoicing address, order details) to perform the contract and manage your account (Art. 6(1)(b) GDPR). Data required under tax and commercial law is retained for the statutory periods (generally 6–10 years) on the basis of Art. 6(1)(c) GDPR.

8. Payment Processing

To process payments we use payment service providers (e.g. WooCommerce Payments / Stripe and other providers you may select at checkout). The payment data you enter is transmitted to and processed by the respective provider. Legal basis: Art. 6(1)(b) GDPR. Please also refer to the privacy policy of the respective provider.

9. Digital Products and Downloads

For digital products (sample packs, templates) we process your email address and order data to deliver download links and grant access (Art. 6(1)(b) GDPR).

10. Newsletter

If you subscribe to our newsletter, we process your email address to send information about products, offers and news. Subscription uses the double opt-in procedure: after signing up you receive a confirmation email, and your subscription becomes active only once you click the confirmation link. Legal basis: your consent (Art. 6(1)(a) GDPR). We store your IP address and the time of subscription and confirmation to document your consent. You can unsubscribe at any time via the link in every newsletter or by contacting us; withdrawal does not affect processing carried out before withdrawal. The newsletter is managed with the “Newsletter” plugin within our own WordPress/hosting environment; emails are delivered via SMTP2GO (see below).

11. Email Delivery (SMTP2GO)

We use SMTP2GO to reliably deliver transactional and newsletter emails. Your email address and message content are processed by SMTP2GO as a processor on our behalf. Where data is transferred outside the EU/EEA, the transfer is safeguarded by EU Standard Contractual Clauses (Art. 46 GDPR). Legal basis: Art. 6(1)(a)/(b)/(f) GDPR.

12. Analytics and Marketing (Google, Jetpack)

Subject to your consent, we use analytics and marketing services to understand and improve use of our Site, including Google services (e.g. Google Analytics / Site Kit, Google Ads) provided by Google Ireland Ltd. and Jetpack Stats provided by Automattic Inc. These services may set cookies and process usage data including your IP address. Legal basis: Art. 6(1)(a) GDPR; you can withdraw consent at any time via the cookie banner. Data may be transferred to the USA on the basis of the EU–U.S. Data Privacy Framework and/or EU Standard Contractual Clauses.

13. Web Fonts

Our Site may load Google Fonts. In this case your browser connects to Google servers, which may process your IP address. Legal basis: your consent or our legitimate interest in a consistent presentation (Art. 6(1)(a)/(f) GDPR).

14. Security (Wordfence)

We use the Wordfence security plugin to protect the Site against attacks and misuse. Data such as IP addresses may be processed for IT security on the basis of Art. 6(1)(f) GDPR.

15. Recipients and Processors

We share your data with third parties only where necessary, legally permitted or based on your consent — in particular with the processors named above (hosting, email delivery, payment, analytics), each engaged under a data processing agreement pursuant to Art. 28 GDPR.

16. International Transfers

Where personal data is transferred outside the EU/EEA, we ensure an adequate level of protection through appropriate safeguards such as the EU–U.S. Data Privacy Framework or EU Standard Contractual Clauses (Art. 44 ff. GDPR).

17. Data Retention

We retain personal data only as long as necessary for the purposes described or as required by statutory retention obligations. Thereafter the data is deleted or anonymised.

18. Data Security

This Site uses SSL/TLS encryption to protect data in transit. We take appropriate technical and organisational measures to protect your data; however, no method of internet transmission is completely secure.

19. Changes

We may update this Privacy Policy to reflect changes to our services or legal requirements. The current version is always available on this page. Questions? Contact info@ampmuse.com.