EU Data Transfer/GDPR


EU Data Transfer/GDPR

Reverb Terms & Policies Home > Privacy Policy > EU Data Transfer/GDPR

Reverb is dedicated to growing its presence in the EU and doing its best to provide amazing gear and customer service to its EU citizen members. As such, Reverb takes the security and privacy of its EU citizen members very seriously. Reverb is intent on complying with the European Union's General Data Protection Regulation (GDPR) and has created the following policy and disclosures in accordance with GDPR.


1. GDPR Data Processing Policy
2. Entity/Data Controller
3. Lead Data Protection Authority
4. Data Processing Officer
5. Categories of Data Subjects and Data Collected
6. Basis for Processing
7. Cross-Border Transfer
8. Potential Recipients
9. Use of Data
10. Data Retention Period
11. Security Policies for Data
12. Withdrawal of Consent/Erasure
13. Right to Correct, Access and Portability of Data and Associated Procedure

1. GDPR Data Processing Policy

Reverb.com LLC (“Reverb”) recognizes that the European Economic Area (the “EEA”) has established strict protections regarding the handling of EEA personally identifiable information, in particular the EU General Data Protection Regulation (“GDPR”). In recognition of the importance of GDPR, Reverb has adopted the following GDPR Data Processing Policy (the “Policy”).

This Policy is intended to ensure that you understand the following: (a) the entity that is collecting your personal data; (b) the purposes for which your personal data is collected; (c) how and why your personal data will be used; (d) the period during which your data will be retained; and (e) how you can contact Reverb regarding your data.

This Policy supplements the Reverb Privacy Policy located here and unless specifically defined in this Policy, defined terms in this Policy have the same meaning as they do in the Privacy Policy.

2. Entity/Data Controller

Any data collected through reverb.com or lp.reverb.com (collectively the “Reverb Websites”) or any other website associated with, or related to, the Reverb Websites will be collected by Reverb.com, LLC which is a limited liability company formed in Chicago, Illinois USA with its principal place of business located at 3345 N. Lincoln Ave, Chicago, IL USA 60657.

3. Lead Data Protection Authority

The Reverb Websites' lead data protection authority is:

Autoriteit Persoonsgegevens
Postbus 93374
2509 AJ DEN HAAG
Telephone number: (+31) - (0)70 - 888 85 00
Fax: (+31) - (0)70 - 888 85 01

You may lodge any complaints about Reverb’s data processing with this Lead Data Protection Authority.

4. Data Processing Officer

You can contact the Reverb Data Processing Officer by emailing DPO@reverb.com.

5. Categories of Data Subjects and Data Collected

Reverb only collects data from users who either join, or engage with, the Reverb Websites. Reverb is committed to only collecting data that is necessary for Reverb to provide the content and services on the Reverb Websites.

The Reverb Privacy Policy describes the categories of personally identifiable information that Reverb may receive including: (a) name, (b) postal address, (c) e-mail address, (d) telephone number, or any other information the Reverb Websites collect that is defined as personal or personally identifiable information under an applicable law or any other identifier by which you may be contacted online or offline.

Depending on which services you choose to use, Reverb may require additional information, such as a shop name, billing information (including billing address, phone number, credit card information), a mobile telephone number, a physical mailing address, and/or payment information. As a shop owner if you choose to enable Reverb Payments, Reverb may require information such as your social security number, or the equivalent, applicable tax ID, date of birth, bank account information and/or credit card information in order to verify your identity and provide this service to you.

You may also provide information to Reverb such as the following: (a) information that you provide by filling in forms; (b) information provided at the time of registering to use Reverb Websites; (c) information when you enter a promotion sponsored by Reverb; (d) information when you report a problem with Reverb Websites; (e) records and copies of your correspondence (including email addresses), if you contact Reverb; (f) your responses to surveys that we might ask you to complete for research purposes; (g) details of transactions you carry out through the Reverb Websites and of the fulfillment of your orders; (h) financial information before placing an order through the Reverb Websites; and (i) your search queries on the Reverb Websites.

See Section 2(A) of Reverb's Terms of Use which prohibits the use of the Reverb Websites by users under the age of 18. Reverb does not intentionally solicit, collect or process information from anyone under the age of 18.


6.Basis for Processing

Reverb processes data based on (a) consent of the user; and (b) the necessity of the data for providing the services that users are contracting for when they become members of the Reverb Websites. IF YOU DO NOT CONSENT TO THE PROCESSING OF YOUR DATA IN ORDER TO ACCESS AND USE THE REVERB WEBSITES, PLEASE DO NOT USE, OR ENGAGE WITH, THE REVERB WEBSITES.

7. Cross-Border Transfer

Data centers hosting Reverb’s data, including user data, are located within the United States. Accordingly, as an EU citizen, in order to access the services and content provided by Reverb, your data may be transferred outside of the EU. By using the Reverb Websites, you consent to the cross-border transfer of your data in order to receive access to the Reverb Websites.

8. Potential Recipients

Reverb does not provide your data to third party recipients who are not necessary to the services and content provided on the Reverb Websites without your permission. Third parties who may receive your data so that Reverb can provide the services and content on the Reverb Websites include Reverb’s cloud infrastructure provider and Reverb’s third party marketing cloud provider.

9. Use of Data

Please refer to the Reverb Privacy Policy located here for more information on how Reverb uses your personal data.

10. Data Retention Period

Reverb will retain your information for as long as your account is active or as needed to provide you services.  If you no longer want Reverb to use your information to provide you services, you may follow the “Withdrawal of Consent/Erasure” provision below. After closing your account, Reverb will solely use your information as necessary to comply with any applicable legal obligations.

11. Security Policies for Data

Reverb’s data security policy is detailed in the Privacy Policy located here. In summary, Reverb has implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to Reverb is stored on secure servers behind firewalls. Any payment transactions and other sensitive information will be encrypted using secure socket layer (SSL) technology. Reverb follows generally accepted industry standards to protect the personal information submitted, both during transmission and once Reverb receives it.

The safety and security of your information also depends on you. Where Reverb has given you (or where you have chosen) a password for access to certain parts of the Reverb Websites, you are responsible for keeping this password confidential. Reverb asks you not to share your password with anyone. 

12. Withdrawal of Consent/Erasure

If, at any point, you no longer wish to have your personal data processed by Reverb, simply send an email to consentwithdrawal@reverb.com with the phrase “consent withdrawn” or “erase” in the subject line. Your request should include your name, shop name, email address and physical address. Reverb will move expeditiously to stop the processing of your personal data and to remove your personal data from its systems. Please understand that, without access to your personal data, Reverb may not be able to provide certain services. For example, Reverb will not be able to send you communications, sales, offers, newsletters. Additionally, it may be impossible for Reverb to fulfill purchases or sales without access to personal information.

13. Right to Correct, Access or Portability of Data and Associated Procedure

You have the right to have any inaccurate data corrected by a data controller. You also have the right to request access to your data or request that Reverb make your data portable to another data controller. In order to effect any such request, you should send the request to CorrectionAccessPortability@reverb.com. Your request should include your name, shop name, email address and physical address. Reverb will endeavor to correct the data or to provide you your data in a simplistic and easily readable format as quickly as possible, but in no more than thirty (30) days.