Privacy Policy – Mikroton Residency for Contemporary Music

Last updated: March 2026

1. Responsible Entity

The responsible entity under data protection law is:
hp_sieben e.V.
Hans-Poeche-Straße 7
04103 Leipzig
Germany

Email: post@hp-sieben.de
Phone: +49 (0)1573 847 1113

2. Contact

If you contact us via email or telephone, we process the data you provide insofar as this is necessary to handle your inquiry. This includes in particular your name, contact details, and the content of your message.

Processing is based on Art. 6 para. 1 lit. b GDPR, insofar as your inquiry is directed at the conclusion or performance of a contract, and otherwise on Art. 6 para. 1 lit. f GDPR based on our legitimate interest in responding to inquiries.

Your data will be deleted after processing is complete, unless statutory retention obligations require otherwise, at the latest after 12 months.

3. Hosting and Server Log Files

This website is hosted by netcup GmbH. When you access the website, the hosting provider processes technical access data in server log files. This includes in particular IP address, date and time of access, pages accessed, amount of data transferred, browser type, and operating system.

Processing is based on Art. 6 para. 1 lit. f GDPR based on our legitimate interest in a secure, stable, and technically proper operation of our website.

Server log files are automatically deleted after 14 days at the latest, unless statutory retention obligations require otherwise.

4. Server-Side Usage Statistics

We additionally process server log data to a very limited extent in order to generate anonymized usage statistics for the purpose of improving, maintaining, and further developing our website.

In this process, IP addresses, browser identifiers, and referrer information are processed only temporarily and subsequently deleted or converted into non-personal, aggregated statistical data. After this processing is complete, attribution to individual persons is no longer possible with the data we retain.

Processing is based on Art. 6 para. 1 lit. f GDPR based on our legitimate interest in the technical analysis and improvement of our online services.

Non-aggregated log data is processed and subsequently deleted within 48 hours of import at the latest. The remaining aggregated statistics contain no personal data and are retained indefinitely.

For approximate geographic classification of requests, we use a locally operated geo-IP database. No IP addresses are transmitted to external providers for this purpose. Only broad regions such as state, country, or continent are considered; cities or precise coordinates are not stored.

5. Cookies and Client-Side Tracking

We do not use any cookies of our own and do not deploy any client-side tracking or analytics tools, in particular no Google Analytics, no Matomo, and no comparable services.

The usage analysis described in Section 4 is carried out exclusively on the server side based on log data and without any tracking technologies in users' browsers.

On pages with embedded content from external providers, in particular forms, it may however be technically necessary for a connection to be established to the servers of the respective provider when the page is accessed. In this context, the respective provider may use its own cookies or similar technologies, over which we have no control.

6. Web Fonts

The fonts used on this website are provided locally on our servers. As a result, no connections to external font providers are established when loading the page.

7. External Forms via Tally

For applications and submissions as part of our residency program, we use an embedded form provided by Tally BV (Ghent, Belgium). The form is integrated into our website via iframe.

When you access a page containing an embedded form, a connection to Tally's servers is established in order to load and display the form. In this process, technical data may be processed, in particular your IP address, date and time of access, browser and device information, as well as other connection data required for the delivery of the form. Where technically necessary, Tally may also use cookies or similar technologies.

When you enter data into the form and submit it, the content you provide is transmitted directly to Tally and processed on our behalf. Depending on the form, this may include in particular:

Name and contact details
Information relating to the application or submission
Project-related texts, links, and uploads
Other voluntarily provided information

The processing of form data you actively submit is carried out for the implementation of the application process and is based on Art. 6 para. 1 lit. b GDPR, insofar as the information is required for processing your application.

Where additional voluntary information is provided, processing is based on Art. 6 para. 1 lit. a GDPR, unless such information is also required for processing the application.

The technical embedding of the form is based on Art. 6 para. 1 lit. f GDPR based on our legitimate interest in providing our online services in a user-friendly and functional manner.

Certain fields in the application form are marked as required. Without this information, your application cannot be processed. All other fields are voluntary.

According to Tally, form data is encrypted in transit and at rest and stored in Europe. Further information on data processing by Tally can be found in Tally's privacy policy.

To the best of our current knowledge, no additional tracking or marketing integrations are activated in connection with the embedded form.

Retention period for application data

The retention period for data submitted via the form is determined by the purpose of the respective submission:

Non-selected applicants: Deletion within 6 months after the announcement of the selection decision.
Selected applicants: Deletion within 6 months after the conclusion and completion of the residency, unless further retention is required due to a subsequent contractual relationship or statutory retention obligations.

If you have questions about the processing of your application data or wish to have your data deleted, you can contact the responsible entity listed in Section 1 at any time.

8. Rights of Data Subjects

Under the GDPR, you have in particular the following rights:

Right of access under Art. 15 GDPR
Right to rectification under Art. 16 GDPR
Right to erasure under Art. 17 GDPR
Right to restriction of processing under Art. 18 GDPR
Right to data portability under Art. 20 GDPR
Right to object under Art. 21 GDPR
Right to withdraw consent with effect for the future under Art. 7 para. 3 GDPR

To exercise your rights, an informal communication to the contact details provided in Section 1 is sufficient.

9. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.

The authority responsible for our organization is in particular:
Saxon Data Protection and Transparency Commissioner
Maternistraße 17
01067 Dresden

10. Currency of this Privacy Policy

This privacy policy is currently valid as of March 2026.

Adjustments may be necessary due to further development of our website or as a result of legal or regulatory requirements. The current version is available on this website.