Amongst other things, it contains information on:
- how you can access your personal information held by Beyond the Valley;
- how to correct personal information held by Beyond the Valley;
- how you may complain about a breach of the APPs or the Privacy Act; and
- the process by which Beyond the Valley will deal with any such complaint.
Types of information we collect
“Personal Information” means information that can be used to personally identify you, such as your name, age or date of birth, gender, telephone number, address, email address, photographs or videos where you are personally identifiable, and in some circumstances financial information such as your credit card, direct debit or Paypal account information. If the information we collect personally identifies you or you are reasonably identifiable from it, the information will be considered Personal Information.
‘Usage Information’ means anonymous aggregate data that is automatically collected through your use of the Website. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Website.
How we collect your Personal Data
Beyond the Valley collects your Personal Data directly from you, unless it is unreasonable or impractical to do so.
We do this in a number of ways, including:
- when you contact us by email, telephone or in writing; and
- when you fill out a form on our Website when completing an application or order;
- when you purchase a ticket via one of our third-party ticket merchants;
- recording or photographing you at a Beyond The Valley festival or event.
It is your choice to provide information to us. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with us. Please be aware that it is necessary for us to collect your Personal Data to enable us to process transactions. As such, if you do not wish to provide your Personal Data, we may not be able to accommodate your order.
We may also collect Personal Data from third parties including our contractors and business partners, advertisers, mailing lists, recruitment agencies and government entities.
We may collect Usage Data through cookies, pixel tags and other tracking technologies (collectively Cookies). Cookies are small packets of data that are downloaded onto your device when you access a website. Cookies hold specific information that helps the Website ‘remember’ your actions and preferences over time.
Cookies can stay on your device temporarily (Session Cookies) or until you manually delete them (Persistent Cookies). Data collected by Cookies does not identify you, but it does identify your device. Where such data can be cumulatively used to personally identify you, we will seek your consent to collect and process such information. You can disable Cookies at any time in your browser. If you disable Cookies, we cannot guarantee that the Website will be fully functional.
Why we collect your Personal Data
The primary purpose for which we collect information about you is to enable us to perform our business activities and functions and to provide you with products and services.
Other legitimate purposes that you agree we can collect, hold, use and disclose your Personal Data for include but are not limited to the following:
- to provide you with access to the Website;
- to approve transactions you wish to make;
- to send you invoices and receipts;
- to respond to requests submitted by you;
- to enhance our products and services;
- to verify your identity;
- for our administrative, planning, product/service development, quality control and research purposes, or those of our contractors or external service providers;
- to contact you with information which we think you may find interesting, only where you have opted in to receiving such communication and until you withdraw such consents;
- to prevent, detect and investigate potential illegal activities, security breaches and fraud ; and/or
- as otherwise required or permitted under any applicable law.
For the avoidance of doubt, we will only use your Personal Data for purposes that you would reasonably expect us to use your Personal Data for in connection with operating and providing our products and services to you, or where we are required by law to collect your Personal Data. We will not sell, rent, or license your email address or any of your Personal Data unless we have otherwise obtained your express consent to do so.
We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing, and as such these consents can be modified at any time by emailing us at [email], or by clicking ‘unsubscribe’ on any direct marketing communications.
Who we disclose your Personal Data to
You agree and consent that we may disclose your Personal Data to:
- our employees, contractors or external service providers for the operation of our business, and our professional advisers such as accountants and solicitors;
- our existing or potential agents, business partners or joint venture entities or partners, including our third-party ticket merchants;
- our sponsors or promoters;
- specific third parties authorised by you to receive information held by us;
- the police, any relevant authority or enforcement body, or your Internet Service Provider or network administrator, if we have reason to suspect you have committed a breach of our terms and conditions or have been engaged in unlawful activity, and we reasonably believe disclosure is necessary;
- as required or permitted by any law (including the Privacy Act).
You can withdraw your consent for us to share your Personal Data with third parties at any time by emailing [email], but please note that withdrawal of such consents may affect your ability to access and use the Website, purchase our products or services or attend any Beyond the Valley festival or event.
What are your rights to your Personal Data
In accordance with the GDPR, we acknowledge the right of EU citizens to:
- have their data erased that is no longer being used for a legitimate purpose;
- request a copy of all Personal Data held about you by us in a readable format; and
- request restricted processing of your Personal Data whilst any complaints or concerns are being resolved.
To erase, request or restrict processing of your Personal Data, please email [email] with the subject ATT: PRIVACY OFFICER.
Accessing and correcting personal information
We cannot modify your Personal Data. You can modify your own information by emailing us at [email]. You acknowledge that it is your responsibility to maintain the truth, accuracy, and completeness of your information and your failure to do so may inhibit our ability to provide the Website, process your orders with us or allow you to access any Beyond the Valley festival or event.
You acknowledge and agree that you remain solely responsible for maintaining the truth, accuracy, and completeness of your information at all times, and we shall have no liability to you or any third party arising from your failure to do the same. If you believe that Personal Data we hold about you is incorrect, incomplete or inaccurate, you may request that we amend it.
Our Website may contain links to other third party websites or applications, including links to our third-party ticket merchants. We cannot be reasonably expected to be aware of nor held responsible for the privacy policies or practices of these other websites.
We protect your Personal Data through technical security measures i.e. firewalls, encryption that limit the risk of loss, disclosure, unauthorised access and modification. No security measures are, however, 100% secure so we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss or misuse of any information or data or for the actions of any third parties that may obtain any information or data.
Notwithstanding the above, we acknowledge our obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where our data breach involves the information of EU citizens, report to the European Data Protection Supervisor. We will also inform you, where possible, if your data has been breached in the circumstance where it poses a risk of serious harm or your rights and freedoms.
We may, in the course of providing any products or services to you, disclose Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where we transfer data to a third party in a country where no adequacy decision has been made, we warrant that such third parties in those countries are bound under contract to meet the requirements of the Privacy Act, Privacy Principles and GDPR.
We will treat your requests or complaints confidentially. We will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved.
Our contact details are:
Beyond the Valley Music Festival Pty Ltd
Level 3, 159 High Street Prahran, 3181