This is the privacy and cookies policy (the “Policy”) for fixr.co, the FIXR mobile application, FIXR Entry Manager application, and FIXR Content Management System (individually and together the “Platform”). The Policy sets out how we VIPR Digital Limited (Company Number 08184813) located at 184 Shepherds Bush Road London W6 7NL (“FIXR”, “our” or “we”) process information about you which is personally identifiable when you use the Platform, whether you are a Customer, Organiser, or visitor.
VIPR Digital Limited is the data controller for the purposes of the Data Protection Act 1998 or, from 25 May 2018, the General Data Protection Regulation ((EU) 2016/679) or any successor, replacement or implementing legislation.
If you have any questions about this Policy, please contact us at email@example.com. For the purposes of this Policy, the following definitions shall apply:
“Customer” means an individual or individuals who purchase tickets for an Event via the Platform.
“Event” means an individual Event or Events listed on our Platform.
“Event Organiser(s)” means a third party supplier or suppliers of Events (which will typically include the sale of tickets for Events) which may include a venue, performer, promoter, university society or organisation, or general event organiser.
PERSONALLY IDENTIFIABLE INFORMATION (PII) / PERSONAL DATA
Personal data or PII means any information relating to a person who can be identified either directly or indirectly; it may include name, address, email address, phone number, credit / debit card number, IP address, location data, purchase history (“Personal Data”).
LAWFUL BASES OF PROCESSING
We will only collect and process Personal Data about you where we have a lawful basis for doing so. Lawful bases include consent, contract (where processing is necessary for the performance of a contract with you (e.g. to ensure you receive tickets you have purchased), legitimate interests and compliance with legal obligations to which we are subject.
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. For further information, please see the section headed “Your Rights” below.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following information about you:
You are under no obligation to provide any such information. However, if you should choose to withhold requested information, we may not be able to provide you with certain services.
PURPOSES FOR WHICH WE PROCESS PERSONAL DATA
We will only process your Personal Data, in accordance with applicable law, for the following purposes:
We will also use information you provide to us for the purposes of contacting you, or enabling third parties to contact you, with information or offers regarding upcoming events, products, services or surveys. This shall only be done with your consent and our direct marketing policy which is explained in full below.
NOTIFICATIONS AND MARKETING TO YOU
Notifications. From time-to-time, we may send you notifications, including by way of email, instant message, and push notification, provided you have indicated that you do not object to receiving such notifications. We will always give you the option to opt-out of receiving notifications by following the unsubscribe instructions on communications sent to you. You can also opt out of such notifications under the “Settings” section of your account. Notifications may include information about events, updates to our service, and surveys. In respect of the latter, we may use surveys (or similar) to gather additional information from you so that we can determine if we should introduce additional services or product lines. Notifications may also include communications distributed on behalf of FIXR and/or our commercial partners containing, inter alia, promotions, offers, competitions, career and internship opportunities, student loan information and advertisements.
Service messages. If necessary, we may send you service emails, for example notifying you of an event cancellation, regardless of your preference settings.
Advertisements. From time-to-time we may display banner (or similar) advertisements or promotions for our commercial partners on the Platform, including within events listed on FIXR; on ticket receipts; and in follow-up communications if you have attended an event.
Recruitment Information. When registering an account with FIXR, you will be asked to supply additional information. If you are a student, this will include but not be limited to: name of university, course length and start year (“Recruitment Information”). In providing us with Recruitment Information, you will be asked if you are happy for us to use this to communicate with you about career and internship opportunities. This may include displaying advertisements or promotions relating to careers and internships within specific events listed on FIXR; on ticket receipts for that event; and in follow-up communications if you have attended that event. These events may have been selected based on the following criteria: location; university; event-type; links to academic or certain interests; and the demographic of event attendees. If you do not consent to us using Recruitment Information to communicate with you about career and internship opportunities, we will not do so however, we will retain the information you have provided, and may use this to send you other notifications, unless you opt-out of these.
INFORMATION WE MAY SHARE WITH THIRD PARTIES
There are circumstances where we wish to disclose or are compelled to disclose your Personal Data to third parties. This will only take place in accordance with the applicable law and for the purposes listed above. These scenarios include disclosure:
INTERNATIONAL TRANSFER OF PERSONAL DATA
We may transfer your Personal Data to a third party in countries outside the country in which it was originally collected for further processing in accordance with the purposes set out above. In particular, your Personal Data may be transferred to our outsourced service providers located abroad. In these circumstances we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate technical, organisation, contractual or other lawful means.
PUBLIC FORUMS, EXTERNAL WEBSITES AND SOCIAL NETWORKING FEATURES
The Platform may, from time to time, make public forums available to its users. Any information that is disclosed in these areas becomes public information and you should exercise caution when using these and never disclose your Personal Data.
The Platform may, from time to time, contain links to external websites, or external websites may host our ticketing widget functionality. We are not responsible for the terms and conditions, data protection, privacy, or security (including SSL compliance and data encryption practices) or content of such websites.
Please take care when using the Platform’s social networking features since the information you choose to make available may be seen by other users of the social network. We do not monitor the use of such features in the normal course of business although we reserve the right to do so at our discretion.
HOW WE PROTECT YOUR INFORMATION
We treat the security of Personal Data provided by you very seriously. All information that you provide to us is stored by us or on our behalf on secure servers based in the UK or other European Economic Area (“EEA”) Countries.
No credit or debit card information is stored on our servers. We use Stripe, a leading PCI compliant service payment provider, to store your debit and credit card information. Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and holds the highest level of certification given by card issuers (PCI-DSS Level 1),
When moving your data we protect it with multiple layers of security, including leading encryption technology like HTTPS and Transport Layer Security.
Any transactions completed using our ticketing widget functionality are secured by SSL technology, and any payment information entered is encrypted by our payment provider Stripe in the same way as a direct transaction through the Platform.
Your data is backed up to servers in different geographical locations within the EEA in order to provide resilience against fire or other disasters.
We monitor our services and underlying infrastructure to protect them from threats, including spam, malware, viruses and other forms of malicious code.
RETENTION OF PERSONAL DATA
Your Personal Data will be retained until your last use or purchase of our services or goods from the Platform and normally for a period of three years thereafter, unless longer retention is required by applicable local law or where we have a legitimate and lawful purpose to do so. However, we will not retain beyond this period any of your Personal Data that is no longer required for the purposes set out in this Policy. The retention of your Personal Data will be subject to periodic review.
We may keep an anonymised form of your Personal Data, which will no longer refer to you, for statistical purposes without time limits, to the extent that we have a legitimate and lawful interest in doing so.
Data protection law provides you with numerous rights, including the right to: access, rectify, erase, restrict, transport, and object to the processing of, your Personal Data. You also have the right to lodge a complaint with the relevant data protection authority if they believe that your Personal Data is not being processed in accordance with applicable data protection law.
Please note that the Platform is not intended for anyone under the age of 16.
We use certain cookies to help make the service we provide and your interaction with the Platform more meaningful. Cookies are encoded text files that help your browser navigate through a website and store information about your use of a website. We use both “Session” cookies, which last only for the duration of your browsing session and expire when you close the Platform. We also use “Persistent” cookies which remember you when you return to the Platform and last for a longer duration.
You can learn more about cookies at www.allaboutcookies.org.
Tracking GIFs may also be used by us or third parties to help us understand which parts of the Platform are being visited and are of interest.
We may amend this Policy at any time to reflect changes to the Platform or services provided thereunder. We will give you notice of any material changes to the Policy.
This Policy was last updated on 4 May 2018.