This Privacy Policy explains how GAYM Entertainment Pty Ltd (referred to in this policy as “we”, “us” or “our”) and/or our subsidiaries or affiliates use, collect, store and disclose information supplied to us in connection with our products or services, whether that be through our website located at www.gaymentertainment.com.au or our social media pages (the “Sites”), or by contacting us in person, by phone, or over email (we will refer to the foregoing collectively as the “Services”).
This Privacy Policy details how we comply with the Privacy Act 1988 (Cth) (“Privacy Act”), the Australian Privacy Principles (“APPs”), and, to the extent that it applies, the EU General Data Protection Regulation 2016/679 (“GDPR”), in relation to the collection, storage, use, and disclosure of your information and data.
We may update this Privacy Policy from time to time at our sole discretion. Any variations become effective on posting the updated Privacy Policy on our Sites, and we shall have no obligation to provide you with individual notice of such changes. Your continued use of the Services following the publication of any amended Privacy Policy shall signify your acceptance of that amended Privacy Policy, except where we are otherwise obliged by law to seek your direct consent.
Please read this Privacy Policy carefully before using the Services. If you do not agree with any part of this Privacy Policy, please do not use the Services, including the Sites.
WHAT INFORMATION DO WE COLLECT?
This Privacy Policy covers all information collected via your use of the Services. The information we may collect from you can be broken down into the following types:
“Personal Information” means information that can be used to personally identify you such as your name, address, email address, phone number, profile picture, and payment details. We do not knowingly collect or process the Personal Information of anyone under the age of 18 without the express consent of their parent or guardian.
“Sensitive Information” is a special type of Personal Information that relates to health information, political beliefs, ethnicity, membership of a professional or trade association, sexual preferences, philosophical beliefs, or criminal record. We will not collect Sensitive Information except with your consent, and then only if collection of such information is necessary for a particular activity or function.
“Usage Information” means anonymous aggregate data that may be automatically collected through your use of the Services. This includes information that identifies your device, your operating system, your IP address, and dates and times that you access and use the Services. This information is used to resolve any technical issues that may arise, or for statistical analysis to help us to improve the Services.
The GDPR recognises that Usage Information, whilst for the most part anonymous, can be cumulatively used to directly or indirectly identify you. Usage Information that can be used to identify you in any way, together with your Personal Information, shall collectively be referred to in this Privacy Policy as “Personal Data”.
HOW WE COLLECT YOUR INFORMATION
Personal[A1] Information may be collected directly from you when you:
- when you buy our products or services;
- contact us via our Sites, phone or email;
- subscribe to our mailing lists or other direct marketing communications;
- complete a survey or questionnaire provided by us; or
- access, browse, use, or otherwise interact with the Sites.
It is your choice to provide Personal Information to us. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with us. Please be aware that it may be necessary for us to collect your Personal Information to enable us to provide the Services to you. As such, if you do not wish to provide your Personal Information, this may limit our ability to provide the Services to you.
Circumstances where we collect Personal Data about you from sources other than you directly include where:
- you have consented for a third party to share information with us;
- where we are authorised by law to collect the information from a third party;
- where it is unreasonable or impracticable to collect the information from you personally.
If we collect your Personal Data from third parties in circumstances where you may not be aware that we have collected such Personal Data, we will take reasonable steps to notify you of the collection and circumstances surrounding the collection.
COOKIES
We may from time to time collect anonymous Usage Information from the Services, by utilising cookies, pixel tags and other tracking technologies (collectively “Cookies”). Cookies are small packets of data that are downloaded onto your device when you access a website. Cookies hold specific information that helps a website ‘remember’ your actions and preferences over time. These are the types of Cookies that we may use to operate the Sites:
- ● Strictly Necessary Cookies – these Cookies are essential to ensure that the Sites work correctly, and record information that allows you to move around the Sites and navigate their features;
- Performance Cookies – these Cookies collect information about how you use the Sites, such as how often you access the Sites and if you encounter any errors;
- Functionality Cookies – these Cookies allow the Sites to remember the choices you make to provide a more personalised experience;
- [A2]
Cookies can stay on your device temporarily (“Session Cookies”) or until you manually delete them (“Persistent Cookies”). You can adjust your browser settings at any time to block Cookies, however please note that doing so may limit our ability to provide the Services to you in a fully operational form.
To request a full list of the individual Cookies and tracking technologies we use, please email our Privacy Officer (per the details at the end of this Privacy Policy).
THIRD PARTY SITES
The Services may contain plug-ins and links to third party sites to enhance your user experience (“Third Party Sites”). We do not have access to, or control over, the technologies that third parties (including the Third Party Sites) may use to collect information about you. Please refer directly to the privacy policies and statements of the operator of any Third Party Sites to obtain information regarding their data collection, use, and disclosure policies. We disclaim all liability in connection with the services of any Third Party Sites integrated or otherwise linked to the Services, and we encourage you to reach out to them directly should you have any questions in connection with their services. For a full list of Third Party Sites integrated or otherwise linked to our Services, please email our Privacy Officer (per the details at the end of this Privacy Policy).
HOW WE USE YOUR INFORMATION
You[A3] agree that we may use your Personal Data for legitimate purposes including, but not limited to, the following:
- to confirm your identity;
- to provide our products and/or services to you;
- to respond to requests submitted by you;
- to maintain and improve the functionality of our Sites;
- to prevent, detect and investigate potential illegal activities, security breaches and fraud;
- to comply with legal and regulatory requirements;
- to contact you via email or other instant message platforms to provide you with periodical promotional messages about new products or other information which we think you may find interesting, only where you have opted in to receiving such communication and until you ‘opt out’.
For the avoidance of doubt, we will only use your Personal Data for purposes that you would reasonably expect us to use your Personal Data for in connection with providing the Services to you, or where we are required by law to collect your Personal Data. We will not sell, rent, or license your email address or any of your Personal Data.
We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. How long we retain your Personal Data depends on the type of data and the legitimate purpose for which we process and/or retain the data.
‘Opt Out’
We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing, and as such these consents can be modified at any time by emailing the Privacy Officer or clicking unsubscribe on any direct marketing communications.
Please note certain non-marketing related correspondence from us, including messages relating to payment, will be automatically sent to you by virtue of your use of the Services and you may not have the option to unsubscribe from receiving this correspondence.
WHO WE DISCLOSE YOUR INFORMATION TO
You agree and consent to us disclosing your Personal Data to[A4] :
- our directors, officers, employees, consultants, contractors and agents;
- our existing or potential agents, business partners or joint venture entities or partners, including our third-party ticket merchants and ticket resale merchants;
- our sponsors or promoters (as advertised on our Sites from time to time);
- our venue partners;
- potential investors and financiers;
- debt collection agencies and credit reporting bodies;
- external counsel for the purpose of obtaining professional advice;
- service providers with whom we have entered into an agreement with to help us provide the services, including marketing agencies, financial service providers, and technical support;
- the police, government and regulatory authorities if we have reason to suspect you have committed a breach of our terms and conditions or have been engaged in unlawful activity, and we reasonably believe disclosure is necessary;
- any third party with your express approval; and
- where we are required to disclose such information by law or to otherwise prevent harm.
We will take reasonable steps to ensure that these third parties are bound by Australian privacy laws.
You can withdraw your consent for us to share your Personal Data with third parties at any time by emailing our Privacy Officer (per the details at the end of this Privacy Policy), but please note that withdrawal of such consents may affect your ability to access and use the Services.
YOUR RIGHTS TO YOUR INFORMATION
You have a general right to access any Personal Information that is held about you by us, unless a valid exception applies. You can request this at any time by contacting our Privacy Officer. Please note that we cannot modify your Personal Information. You can modify your own information at any time by emailing the Privacy Officer (per the details at the end of this Privacy Policy).
You acknowledge that it is your responsibility to maintain the truth, accuracy, and completeness of your information and your failure to do so may inhibit our ability to provide the Services to you. You acknowledge and agree that you remain solely responsible for maintaining the truth, accuracy, and completeness of your information at all times, and we shall have no liability to you or any third party arising from your failure to do the same.
In accordance with the GDPR, we acknowledge the additional rights of EU subjects to:
- have their data erased that is no longer being used for a legitimate purpose;
- request a copy of all Personal Data held about them in a readable format, along with supplementary information to verify that such Personal Data is being processed lawfully; and
- request restricted processing of their Personal Data whilst any complaints or concerns are being resolved.
To erase, request, or restrict processing of your Personal Data, please email the Privacy Officer (per the details at the end of this Privacy Policy).
SECURITY
We protect your Personal Data through technical security measures i.e. firewalls,encryption that limit the risk of loss, disclosure, or unauthorised access. No security measures are, however, 100% secure so we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss or misuse of any information or data, or for the actions of any third parties that may obtain any information or data.
Notwithstanding the above, we acknowledge our obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where our data breach involves the information of EU subjects, report to the European Data Protection Supervisor. We will also inform you, where possible, if your data has been breached in the circumstance where it poses a risk of serious harm or your rights and freedoms.
We also train our personnel who may have access to your Personal Data about this Privacy Policy and our obligations under the Privacy Act, APPs, and GDPR. For more information on our internal policies, email the Privacy Officer (per the details at the end of this Privacy Policy).
OVERSEAS DISCLOSURE
We may, in the course of providing the services to you, transfer your Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where we transfer data to a third party in a country where no adequacy decision has been made, we will take reasonable steps to ensure person or entity handling your data in those countries are bound under contract to meet the requirements of the Privacy Act, APPs, and GDPR (as applicable).
CONTACT
Thank you for taking the time to read our Privacy Policy. If you have any questions regarding our Privacy Policy, you can contact our Privacy Officer at:
GAYM Entertainment Pty Ltd
Att: Privacy Officer
Email: [email protected]
If you are not satisfied with our handling of your Personal Data, or have any other concern over our Privacy Policy, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au) or with the European Data Protection Supervisor (for more information, please see https://edps.europa.eu).
SPECIAL[A6] CONDITION: COVID-19 CONTACT TRACING
You acknowledge that there is currently a respiratory illness outbreak caused by a novel coronavirus (“COVID-19”) that is impacting various regions globally. Different States and Territories around Australia are managing the ongoing risks of COVID-19 by requiring businesses to collect Personal Information about their customers for the purpose of “contact tracing”. Contact tracing is the process of identifying people who may have come into contact with a positive case of COVID-19, and assists authorities with taking measures to help prevent the spread of COVID-19 (such as issuing directions to identified persons to get tested and/or self-isolate).
As a condition of entry into the our festivals and events, we or the venue may collect the following information from you in accordance with any applicable in force government direction or order for the purpose of contact tracing:
- Your full legal name;
- Your contact details (e.g. phone number and/or email address);
- Your postcode.
We or the venue may also require you to provide confirmation that:
- you do not have COVID-19, and are not awaiting test results for COVID-19 or otherwise have reason to suspect that you have contracted COVID-19;
- you have not knowingly been in contact with a person who has tested positive for COVID-19 in the last fourteen (14) days;
- you have not returned from international travel in the last fourteen (14) days;
- you have not visited a COVID-19 ‘hotspot’ (as advertised on the relevant State or Territory’s health department website) in the past fourteen (14) days;
- you are not experiencing cold or flu-like symptoms, including:
- a cough
- fever
- shortness of breath
- sore throat
- sneezing and runny nose
- temporary loss of smell.
This information will be collected from you directly, or from a parent or guardian where you are under the age of 18. Where contacting tracing is collected by a venue or other third party, we may request that the venue or other third party share such information with us for the purpose of complying with any government direction or order. Please note the privacy policies of those venues or third parties will apply to the collection of such information, and you should contact them directly should you have any queries about their privacy practices.
A direction or order may provide for the submission of contact tracing information to a government authority directly through an authorised mobile application or web check-in service (“Check-In Tool”). If you choose to use a Check-In Tool, your disclosure of Personal Information will be governed by the terms of the operator responsible for the Check-In Tool. We disclaim all liability in connection with your use of a Check-In Tool. If you have any concerns about the privacy practices of any Check-In Tool operator, we encourage you to reach out to them directly.
We will keep all Personal Information collected for the purpose of contact tracing separate from other data, and will restrict access to such information to our staff on a ‘need-to-know’ basis. We will only disclose Personal Information to relevant health authorities or other persons as required under any applicable direction or order. When we are no longer required to keep such information, we will take reasonable steps to anonymise or otherwise delete such information.
[A1]Please confirm if there are any other circumstances where you collect personal information.
[A2]Do you use these?
[A3]Please review list and let us know if there are any other circumstances we should consider
[A4]Are there any other parties we need to consider here?
[A5]Do you have a PO Box or office address to list here?
[A6]Hopefully you won’t need this moving forward, but have included in the circumstance that this becomes relevant again