Yours and Owls is owned and operated by Yours & Owls Events Pty Ltd (ACN 631 645 291) (referred to in this policy as we, us or our). ‘
We are committed to protecting your privacy. This policy applies where:
(a) you are using our services including attending one of our events, purchasing a ticket to one of our events, or making an enquiry regarding our services (the Services); and
(b) you use or access our website (www.yoursandowlsfestival.com.au/) or social media pages, including our Facebook, Instagram or Twitter page (we’ll refer to them together as the Websites).
We comply with the Privacy Act (1988) (Cth) (Privacy Act) and the Australian Privacy Principles (Privacy Principles) set out in Schedule 1 of the Privacy Act, as these govern the collection, storage, use, and disclosure of information by which individuals may be identified. Further, we comply with EU General Data Protection Regulation 2016/679 (GDPR).
WHAT INFORMATION DO WE COLLECT?
‘Usage Information’ means anonymous aggregate data that is automatically collected through your use of our Websites. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Websites. This information is used for statistical analysis to help us to improve the Services to the benefit of all users.
HOW DO WE COLLECT YOUR INFORMATION
Personal Information is collected directly from you when you:
• purchase a ticket to one of our events or an event for which we are a co-promoter; we, or a third-party ticketing intermediary (including Festicket, Giggedin or Moshtix), will collect your
Personal Information, including Personal Information for the purposes of complying with legislation, regulations or public health orders in place to prevent the spread of COVID-19;
• when you attend one of your events: including Personal Information for the purposes of complying with legislation, regulations or public health orders in place to prevent the spread of COVID-19;
• contact us via our Websites, email, telephone or otherwise;
• access, browse, use, follow, like, comment or otherwise interact with our Websites; and
• sign up to our mailing list: from time to time we may offer you the opportunity to subscribe to emails, newsletters or other direct marketing communications about our products and services. We will request your full name and a valid email address in order to sign you up to such lists.
It is your choice to provide Personal Information to us. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with us. Please be aware that it may be necessary for us to collect your Personal Information to enable us to provide the Services to you. As such, if you do not wish to provide your Personal Information, we may not be able to provide the Services to you in a fully operational form or at all.
We may collect anonymous Usage Information on our Websites through Google Analytics and Facebook Ad Analytics, which utilises cookies, pixel tags and other tracking technologies (collectively Cookies). Cookies are small packets of data that are downloaded onto your device when you access a website. Cookies hold specific information that helps a website ‘remember’ your actions and preferences over time. These are the types of Cookies that we may use to operate our Websites:
Strictly Necessary Cookies – these Cookies are essential to making sure the Websites work correctly, and record information that allows you to move around the Websites and navigate their features.
Performance Cookies – these Cookies collect information about how you use the Websites, such as how often you access the Websites and if you encounter any errors.
Functionality Cookies – these Cookies allow our Websites to remember the choices you make to provide a more personalised experience.
Targeting or Advertising Cookies – these Cookies deliver targeted advertising to you based on your interests and use of the Website.
Cookies can stay on your device temporarily (Session Cookies) or until you manually delete them (Persistent Cookies).
HOW DO WE USE YOUR INFORMATION
Legimate purposes that you agree we may use your Personal Data for include but are not limited to the following:
• to respond to requests or correspondence submitted by you;
• to process your order for a ticket;
• to provide the Services;
• to improve the functioning of the Websites;
• to prevent, detect and investigate potential illegal activities, security breaches and fraud;
• to provide you with information regarding the Services (that you have purchased a ticket for) including booking confirmation, event information and reminders; and
• to provide you with information regarding other goods or services offered by us or related entities; and
• to comply with any federal or state government law, regulation, order or direction in place related to COVID-19.
For the avoidance of doubt, we will only use your Personal Data for purposes that you would reasonably expect us to use your Personal Data for in connection with providing the Services to you, as specified above, or where we are required by law to collect your Personal Data. We will not sell or rent your email address or any of your Personal Data.
We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing, and as such these consents can be modified at any time by emailing us at firstname.lastname@example.org or clicking unsubscribe on any direct marketing communications.
WHO WE DISCLOSE YOUR INFORMATION TO
You agree and consent that we shall disclose your Personal Data (including in aggregate form) to:
• employees and contractors (including third party service providers for the purposes of operating the Websites and delivering the Services) of Yours and Owls;
• any co-promoter, event partner or venue operator for the purposes of delivering the Services only;
• authorities, including police and regulators if Yours and Owls is required to do so by law (including any law, regulation or health order in place related to COVID-19); and
• any successor to all or part of our business.
For the avoidance of doubt, all employees, consultants, contractors and agents of ours are bound by Australian privacy laws.
You can withdraw your consent for us to share your Personal Data with third parties at any time by emailing us at email@example.com, but please note that withdrawal of such consents may affect your ability to access and use the Services and access the Websites.
YOUR RIGHTS TO YOUR INFORMATION (GDPR)
In accordance with the GDPR, we acknowledge the right of EU citizens to:
• have their data erased that is no longer being used for a legitimate purpose;
• request a copy of all Personal Data held about you by us in a readable format; and
• request restricted processing of your Personal Data whilst any complaints or concerns are being resolved.
To erase, request a copy of or restrict processing of your Personal Data, please email us at firstname.lastname@example.org.
ACCESSING, REVIEWING AND CHANGING YOUR INFORMATION
We cannot modify your Personal Information without your instruction. You can update your details with us at any time by emailing us at email@example.com. You acknowledge that it is your responsibility to maintain the truth, accuracy, and completeness of your information at all times and your failure to do so may inhibit our ability to provide the Services. We shall have no liability to you or any third party arising from your failure to keep your information up to date.
We protect your Personal Data through technical security measures i.e. firewalls, encryption that limit the risk of loss, disclosure, or unauthorised access. No security measures are, however, 100% secure so we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss or misuse of any information or data or for the actions of any third parties that may obtain any information or data.
Notwithstanding the above, we acknowledge our obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where our data breach involves the information of EU citizens, report to the European Data Protection Supervisor. We will also inform you, where possible, if your data has been breached in circumstances where it poses a risk of serious harm or your rights and freedoms.
THIRD PARTY LINKS
We may, in the course of providing the Services to you, transfer your Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where we transfer data to a third party in a country where no adequacy decision has been made, we warrant that any person or entity handling your data in those countries are bound under contract to meet the requirements of the Privacy Act, Privacy Principles and GDPR.
For the avoidance of doubt, we may transfer any data to an overseas third party with your express or implied consent, and the above condition only applies in the case of a data transfer or transmission to our related business entities in other countries.