Privacy Policy

This is the privacy and cookies policy (the “Policy”) for fixr.co, the FIXR mobile application, FIXR Entry Manager application, and FIXR Content Management System (individually and together the “Platform”). The Policy sets out how we VIPR Digital Limited (Company Number 08184813) located at 184 Shepherds Bush Road London W6 7NL (“FIXR”, “our” or “we”) process information about you which is personally identifiable when you use the Platform, whether you are a Customer, Organiser, or visitor.

VIPR Digital Limited is the data controller for the purposes of the Data Protection Act 1998 or, from 25 May 2018, the General Data Protection Regulation ((EU) 2016/679) or any successor, replacement or implementing legislation.

If you have any questions about this Policy, please contact us at team@fixr.co. For the purposes of this Policy, the following definitions shall apply:

“Customer” means an individual or individuals who purchase tickets for an Event via the Platform.

“Event” means an individual Event or Events listed on our Platform.

“Event Organiser(s)” means a third party supplier or suppliers of Events (which will typically include the sale of tickets for Events) which may include a venue, performer, promoter, university society or organisation, or general event organiser.

PERSONALLY IDENTIFIABLE INFORMATION (PII) / PERSONAL DATA

Personal data or PII means any information relating to a person who can be identified either directly or indirectly; it may include name, address, email address, phone number, credit / debit card number, IP address, location data, purchase history (“Personal Data”).

LAWFUL BASES OF PROCESSING

We will only collect and process Personal Data about you where we have a lawful basis for doing so. Lawful bases include consent, contract (where processing is necessary for the performance of a contract with you (e.g. to ensure you receive tickets you have purchased), legitimate interests and compliance with legal obligations to which we are subject.

Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. For further information, please see the section headed “Your Rights” below.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following information about you:

Customers

  • Personal information when you register with the Platform or enter details under the “Settings” section of the Platform or otherwise, including Personal Data, including any information you upload to the Platform or provide when contacting us (including to register complaints or claim a refund) or entering / accepting any promotional offers and including any CV or careers-related information or student loan application information you may upload.
  • Details of any transactions you make through the Platform.
  • If you make any purchases, your financial information (like your credit or debit card numbers), although we do not store this ourselves.
  • In connection with your account log-in, your log-in details and password.
  • Information from social networks you are a member of, where you choose to log-in via a social networking site or make use of the Platform’s social networking features.
  • Location data.
  • Ratings information, where you choose to make use of any ratings service provided by the Platform.
  • Details of any preferences, personal settings and responses to surveys or questionnaires we may send you.
  • Details of your visits to the Platform, Event information and resources you choose to access and any data you choose to download.
  • Technical data, including device properties such the type of internet browser you are using and any website you may have navigated from to use the Platform. For the purposes of this privacy policy, “technical data” includes “aggregate” and “de-personalised” information, which is data we collect about the use of FIXR’s services, from which any personally identifiable data has been removed. We may use tools or third party analytical software to automatically collect and use certain technical data that does not directly enable us to identify you. The types of technical data we may collect and use include, but are not limited to: (i) device properties, including, but not limited to Media Access Control (“MAC”) address and identifier for advertising (“IDFA”) or other device identifier; (ii) device software platform and firmware; (iii) mobile phone carrier; (iv) geographical data such as coarse location; (v) other technical data as reasonably required by FIXR to enhance our products and services.
  • Details of any complaints made against you by Event Organisers.
  • Information supplied by you when answering questions created by an Event Organiser in relation to an Event. For example, if attending a dinner, you may be asked to provide your dietary requirements. Such questions may be wide-ranging and cover a range of topics.
  • Details relating to validation of tickets held by you if these are processed using our Entry Manager software, including time and date of validation, and number of tickets admitted / rejected. Such information may be used to determine the validity of refund requests made by you.
  • Other information that you may consent to give us from time to time.

You are under no obligation to provide any such information. However, if you should choose to withhold requested information, we may not be able to provide you with certain services.

Event Organisers

  • Your name, address, contact details, links to your social media pages and/or website, and other information required for you to register with the Platform and create an account.
  • Payment details, to enable us to collect and make any payments owed to you.
  • In connection with your account log-in, your log-in details and password.
  • Information from social networks you are a member of, where you choose to log-in via a social networking site or make use of the Platform’s social networking features.
  • Location data.
  • Ratings information, where ticket purchasers are able to provide ratings and feedback about your venue.
  • Details of any preferences, personal settings and responses to surveys or questionnaires we may send you.
  • Details of your visits to the Platform, the resources you choose to access and any data you choose to download.
  • Technical data, including the type of internet browser you are using and any website you may have navigated from to use the Platform.
  • Details of any complaints made by Customers against you.

Visitors

  • Cookies information as set out under the section “Cookies Policy” below.
  • Any other data or information you choose to provide to us.

PURPOSES FOR WHICH WE PROCESS PERSONAL DATA

We will only process your Personal Data, in accordance with applicable law, for the following purposes:

  • To provide the Platform services to you, including allowing purchase of tickets and processing any purchases.
  • To contact you by post, instant messages, phone or email when necessary to discuss the transactions entered into by you on the Platform.
  • To help us build a profile for you so that we may offer you events, promotions and services based on your preferences. In order to tailor such offers appropriately, we will undertake profiling of you on the basis of our legitimate interests.
  • To monitor your use of the Platform and investigate any complaints or potential breaches of use of the Platform.
  • To notify you of any changes to the Platform, request feedback from you as to your use of the Platform, or respond to any communications you send us by using the contact details you have provided.
  • To identify users of the Platform.
  • To resolve any returns, refunds or disputes.
  • If you are an Event Organiser, to provide you with relevant reports and information concerning use of the Platform.
  • For other purposes to which you may consent from time to time.
  • To comply with applicable law, for example, in response to a request from a court or regulatory body, where such request is made in accordance with the law.

We will also use information you provide to us for the purposes of contacting you, or enabling third parties to contact you, with information or offers regarding upcoming events, products, services or surveys. This shall only be done with your consent and our direct marketing policy which is explained in full below.

NOTIFICATIONS AND MARKETING TO YOU

Notifications. From time-to-time, we may send you notifications, including by way of email, instant message, and push notification, provided you have indicated that you do not object to receiving such notifications. We will always give you the option to opt-out of receiving notifications by following the unsubscribe instructions on communications sent to you. You can also opt out of such notifications under the “Settings” section of your account. Notifications may include information about events, updates to our service, and surveys. In respect of the latter, we may use surveys (or similar) to gather additional information from you so that we can determine if we should introduce additional services or product lines. Notifications may also include communications distributed on behalf of FIXR and/or our commercial partners containing, inter alia, promotions, offers, competitions, career and internship opportunities, student loan information and advertisements.

Service messages. If necessary, we may send you service emails, for example notifying you of an event cancellation, regardless of your preference settings.

Third party marketing. Additionally, if you consent by opting-in to receive such information and offers, we may allow carefully selected third parties, to send you information directly which you may find useful regarding their products and services. If you decide to engage with such third parties, note that their terms and conditions and privacy policy will then apply.

Advertisements. From time-to-time we may display banner (or similar) advertisements or promotions for our commercial partners on the Platform, including within events listed on FIXR; on ticket receipts; and in follow-up communications if you have attended an event.

Recruitment Information. When registering an account with FIXR, you will be asked to supply additional information. If you are a student, this will include but not be limited to: name of university, course length and start year (“Recruitment Information”). In providing us with Recruitment Information, you will be asked if you are happy for us to use this to communicate with you about career and internship opportunities. This may include displaying advertisements or promotions relating to careers and internships within specific events listed on FIXR; on ticket receipts for that event; and in follow-up communications if you have attended that event. These events may have been selected based on the following criteria: location; university; event-type; links to academic or certain interests; and the demographic of event attendees. If you do not consent to us using Recruitment Information to communicate with you about career and internship opportunities, we will not do so however, we will retain the information you have provided, and may use this to send you other notifications, unless you opt-out of these.

Further third party sales and marketing. When you purchase a ticket from FIXR, you may at that time be offered an opportunity to purchase third party products or services or enter third party promotions or loyalty programmes. If you expressly consent to purchase those products or services or enter into the promotions or programmes you authorise us to share your name, phone number, e-mail address and, where necessary and only where you have consented for us to do so, your financial and billing details with that third party. The use of your Personal Data will be governed by the terms of that entity’s own terms of supply and privacy policy, so please ensure that you read the relevant terms and privacy policy carefully before you agree to purchase from, or engage with, that third party.

INFORMATION WE MAY SHARE WITH THIRD PARTIES

There are circumstances where we wish to disclose or are compelled to disclose your Personal Data to third parties. This will only take place in accordance with the applicable law and for the purposes listed above. These scenarios include disclosure:

  • To enable debit or credit card purchases to be transacted, for example through payment providers, banks, credit card companies and ticket merchants.
  • To third party merchants for the purposes of redeeming the tickets you purchase through the Platform.
  • To comply with any legal or regulatory obligation or so as to uphold or enforce our Terms of Service for Customers and Terms of Service for Event Organisers.
  • To exchange information with other companies for the purposes of fraud prevention and detection, including police authorities.
  • To share data with social networking sites, if you allow us to do so.
  • To check or verify your age or identity.
  • Subject to your consent, to third parties for marketing purposes, who may contact you by post, email, telephone, SMS or by other means.
  • To third party service providers and consultants in order to protect the security or integrity of our business, including our databases and systems and for business continuity reasons.
  • To potential partners, advertisers and merchants with a view to promoting the Platform and its services.
  • To another legal entity, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganisation, change of legal form, dissolution or similar event. In the case of a merger or sale, your Personal Data will be permanently transferred to a successor company; and
  • To any other third party where you have provided your consent.

INTERNATIONAL TRANSFER OF PERSONAL DATA

We may transfer your Personal Data to a third party in countries outside the country in which it was originally collected for further processing in accordance with the purposes set out above. In particular, your Personal Data may be transferred to our outsourced service providers located abroad. In these circumstances we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate technical, organisation, contractual or other lawful means.

PUBLIC FORUMS, EXTERNAL WEBSITES AND SOCIAL NETWORKING FEATURES

The Platform may, from time to time, make public forums available to its users. Any information that is disclosed in these areas becomes public information and you should exercise caution when using these and never disclose your Personal Data.

The Platform may, from time to time, contain links to external websites, or external websites may host our ticketing widget functionality. We are not responsible for the terms and conditions, data protection, privacy, or security (including SSL compliance and data encryption practices) or content of such websites.

Please take care when using the Platform’s social networking features since the information you choose to make available may be seen by other users of the social network. We do not monitor the use of such features in the normal course of business although we reserve the right to do so at our discretion.

HOW WE PROTECT YOUR INFORMATION

We treat the security of Personal Data provided by you very seriously. All information that you provide to us is stored by us or on our behalf on secure servers based in the UK or other European Economic Area (“EEA”) Countries.

No credit or debit card information is stored on our servers. We use Stripe, a leading PCI compliant service payment provider, to store your debit and credit card information. Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and holds the highest level of certification given by card issuers (PCI-DSS Level 1),

When moving your data we protect it with multiple layers of security, including leading encryption technology like HTTPS and Transport Layer Security.

Any transactions completed using our ticketing widget functionality are secured by SSL technology, and any payment information entered is encrypted by our payment provider Stripe in the same way as a direct transaction through the Platform.

Your data is backed up to servers in different geographical locations within the EEA in order to provide resilience against fire or other disasters.

We monitor our services and underlying infrastructure to protect them from threats, including spam, malware, viruses and other forms of malicious code.

RETENTION OF PERSONAL DATA

Your Personal Data will be retained until your last use or purchase of our services or goods from the Platform and normally for a period of three years thereafter, unless longer retention is required by applicable local law or where we have a legitimate and lawful purpose to do so. However, we will not retain beyond this period any of your Personal Data that is no longer required for the purposes set out in this Policy. The retention of your Personal Data will be subject to periodic review.

We may keep an anonymised form of your Personal Data, which will no longer refer to you, for statistical purposes without time limits, to the extent that we have a legitimate and lawful interest in doing so.

YOUR RIGHTS

Data protection law provides you with numerous rights, including the right to: access, rectify, erase, restrict, transport, and object to the processing of, your Personal Data. You also have the right to lodge a complaint with the relevant data protection authority if they believe that your Personal Data is not being processed in accordance with applicable data protection law.

  • Right to make subject access request (SAR). You may, where permitted by applicable law, request copies of your Personal Data. If you would like to make a SAR, (i.e. a request for copies of the Personal Data we hold about you) you may do so by writing to us using the heading “Subject Access Request” at the address above or at team@fixr.co. You may also be required to submit a proof of your identity and a fee.
  • Right to rectification. You may request that we rectify any inaccurate and/or complete any incomplete Personal Data. You can also access your own account details and amend them yourself at any time by going to “Settings”.
  • Right to withdraw consent. You may, as permitted by applicable law, withdraw your consent to the processing of your Personal Data at any time. Such withdrawal will not affect the lawfulness of processing based on your previous consent. Please note that if you withdraw your consent, you may not be able to access the entire Platform or benefit from certain service features for which the processing of your Personal Data is essential.
  • Right to object to processing, including automated processing and profiling. You may, as permitted by applicable law, request that we stop processing your Personal Data. In relation to automated processing and profiling, you may object to the processing.
  • Right to erasure. You may request that we erase your Personal Data and we will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping your Personal Data, such as, a legal obligation that we have to comply with, or if retention is necessary for us to comply with our legal obligations.
  • Right to data portability. In certain circumstances, you may request that we provide your Personal Data to you in a structured, commonly used and machine readable format and have it transferred to another provider of the same or similar services. We will comply with such transfer obligations as far as it is technically feasible. Please note that a transfer to another provider does not imply erasure of your Personal Data which may still be required for legitimate and lawful purposes.
  • Your right to lodge a complaint with the supervisory authority. We suggest that you contact us about any questions or if you have a complaint in relation to how we process your Personal Data. However, you do have the right to contact the relevant supervisory authority directly. To contact the Information Commissioner’s Office in the United Kingdom, please visit the ICO website for instructions.

AGE

Please note that the Platform is not intended for anyone under the age of 16.

COOKIES POLICY

We use certain cookies to help make the service we provide and your interaction with the Platform more meaningful. Cookies are encoded text files that help your browser navigate through a website and store information about your use of a website. We use both “Session” cookies, which last only for the duration of your browsing session and expire when you close the Platform. We also use “Persistent” cookies which remember you when you return to the Platform and last for a longer duration.

We use cookies to remember you have visited the Platform before, process and collect information and customise certain parts of the Platform. You can choose to disable cookies through your browser settings, although you should note that in doing so, your ability to use the Platform may be affected.

You can learn more about cookies at www.allaboutcookies.org.

Tracking GIFs may also be used by us or third parties to help us understand which parts of the Platform are being visited and are of interest.

AMENDMENTS

We may amend this Policy at any time to reflect changes to the Platform or services provided thereunder. We will give you notice of any material changes to the Policy.

This Policy was last updated on 4 May 2018.