This policy was last updated on 18 October 2021 to clarify how customer data will be used by our Event Partners.
1. ABOUT US
1.2. We are a disclosed ticketing agent selling tickets via the Services on behalf of promoters, organisers, managers, artists and venues of music, entertainment, sports and similar events (the “Event Partners”).
2.1. For the purpose of the General Data Protection Regulation (GDPR) and applicable UK laws, DICE is the “Data Controller” where you are using our services.
2.2. DICE and the Event Partners are not joint controllers. DICE serves as an agent, so the partners are also data controllers and they also own the customer data.
3. THE BASIS FOR THE PROCESSING OF YOUR DATA
3.1. DICE processes your data for the performance of the contract that you have entered into for the use of the DICE Services and that is governed by our Terms and Conditions, and/or in order to take steps at your request to enter into this contract.
3.2. In addition, some data is processed based on DICE’s legitimate interest, notably photographs, audio and video recordings of the events in order to successfully provide the Services, as part of the event experience set up for the customers. Legitimate interest would as well be the lawful basis in the case of in-app analytics for the purposes of enhancing app performance, account activity, website logs etc, to prevent fraudulent or other malicious activities, website visitor logs for cybersecurity and/or error tracking purposes. Furthermore, we rely on our legitimate interest to collect your date of birth, in order to ensure you are allowed to acquire the tickets, since some of the events require to be at least 18. We also rely on our legitimate interest to share some aggregated information with the Event Partners for their own internal statistical and sales control purposes.
3.4. We may ask for your consent in other cases where we process your data. Such consent can be revoked at any time by contacting us at email@example.com.
4. COLLECTED INFORMATION
4.1. All personal information you provide to us when registering with the Services, and any personal information generated by your navigation and use of the Services, will be processed and stored by DICE to manage registration and ticket sales. We also use this information to analyse trends in our users' behaviour to help us to determine your preferences, habits, tastes, geographic location and favourite artists and events in order to maximise your use and enjoyment of the Services; this is the Discovery feature. Additionally, we may take some information from the emails communications between you and DICE and store it in separate documents. We have further listed the ways in which we use your personal information at Clause 6 below.
4.2. The types of personal information we collect may include:
- Contact details – including your name, email address, phone number, postal address and date of birth;
- Payment card and billing details – when you buy tickets via the Services we will require payment and billing information (such as your address and postcode) in order to handle the processing and despatch of ticket orders;
- Location data – we may collect your IP address, and if you allow us to connect to your device’s geolocation functionality, we may collect your GPS data. We will use the location data to improve personalised recommendations in the Services on what events are near you. You can turn off the App's ability to access your geolocation at any time through your device’s general or privacy settings;
- Your image or recordings – we may obtain photographs, audio or video recordings of events listed on the Services. We may reproduce and/or publish your image in the App, our website, and in other promotional materials, social networking channels and other materials related to the Services;
- Your preferences – we may collect information about your purchase history, events you have viewed, attended or enquired about, any events you have joined a waiting list for, shared or invited people to attend and any feedback you may give or reviews you may submit;
- Music library (e.g. Spotify or Apple Music) – if you allow us to connect to your music library, we may collect and hold information on your musical interests in order to improve the personalised recommendations through the Services;
- Your interactions with us – for example if you send us information via email, survey, social media, customer service communications or other methods, this may be stored on our systems; and
- Technical information – when you use the Services, DICE automatically receives and records information on its server logs from your browser or mobile platform, including the location, IP address, cookie information and details about the page you requested. We also collect information regarding your use of the Services, mobile device information and browser information.
5.3. We use the following cookies on our website:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose. Where a marketing purpose is pursued in this regard, we will ask for your consent first.
5.4. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
6. USE OF YOUR PERSONAL INFORMATION
6.1. As well as the purposes described above at Clause 4.1, we use the personal information we collect to:
- administer the App and the Services or any other purposes required in order to allow us to provide the Services;
- communicate with you via email, SMS, in-App notifications and push notifications about your purchases via the Services, including tickets (and the events they relate to) and any other non-ticket items;
- fulfil your orders for tickets and other non-ticket items purchased via the Services;
- provide better content, services, marketing, and support to you. For example, we may need to use your information to administer your account or provide you with information in connection with any purchases or events you have expressed an interest in;
- administer and fulfil any competitions available to users via the Services and communicate with you about those competitions. Note that there may be specific terms in the competition terms and conditions relating to your personal data; and
- to profile individual and demographic trends of people attending or showing an interest in certain events or artists. This helps us to provide you with recommendations of similar things you might like or find interesting, via the Discovery feature or otherwise. We do this by making assumptions based on an analysis of the information we hold, including the events you have viewed, waiting lists you have joined, and tickets you have purchased. For example, if you purchased tickets to an event, we might show you more events of this specific genre or type, or events by similar artists.
6.2. We also use information that we collect about you to for operational purposes, including:
- to provide customer service, including to respond to your enquiries and fulfil any of your requests for information;
- carry out verification checks, including to verify your identity when collecting tickets at a venue, to check that you meet any minimum age requirements, or to check that any restrictions on the reselling of tickets have been complied with;
- to send you important information regarding the Services, or other technical notices, updates, security alerts, and support and administrative messages; and
- as we believe to be necessary or appropriate under applicable law, to enforce our rights or to respond to requests from law enforcement and other government authorities.
6.3. As stated in Clause 3, we use your personal data on the following legal basis:
- your consent;
- as necessary to perform a contract to which you are a party;
- in our legitimate interests, including to improve the performance of the Services and in order to enhance our users’ experience of the Services, or in an Event Partner’s legitimate interests; and/or
- to comply with a legal obligation.
7.1. We may send you marketing communications via email and push notifications. You are given the opportunity to opt in to marketing communications and push notifications on registration. If you change your mind and do not want to receive any marketing emails from us, you can edit your preferences in the communication controls centre in App (called ‘Messages’) or unsubscribe from emails by following the unsubscribe directions provided in the footer of each one. If you do not want to receive push notifications from us you may opt out by changing your preferences in the ‘Messages’ control centre in the App or change the appropriate settings directly on your mobile device. Please note that to access the communication controls centre (‘Messages’) you must have the App version 3.17.0 or above.
7.2. Where you opt out of receiving these marketing communications, we may still process your personal data for other required purposes, as specified in Clauses 5 and 6 above.
7.3.On registration, we will also ask you to provide your consent to receive marketing messages from our Event Partners and other third parties involved in the provision of an event you have purchased ticket(s) to. If you opt in to such marketing messages, we will pass your details to the relevant Event Partner or third party so that they can contact you for this purpose. If you change your mind and do not want to receive such marketing messages, you can opt out by contacting that third party direct or by unsubscribing using any available ‘unsubscribe’ link or similar in that third party’s emails to you. Alternatively, to opt out of marketing messages for all third parties, you could edit your preferences in the communication controls centre in App (called ‘Messages’). We will notify the relevant third parties of your change in preferences, normally within 7 business days. Note that it may take longer for each third party to action your request.
8. DISCLOSURE OF YOUR INFORMATION
8.1. We do not rent or sell your personal information to anyone without your explicit consent, but, subject to the need to perform the contract with you based on our Terms and Conditions and our legitimate interests, we may share your personal information in the ways described below:
- Agents and suppliers – We employ other companies and individuals to perform functions on our behalf, including our payment processing suppliers and data analytics services providers. We do not share your personal information with our agents or suppliers except as is necessary in order to enable them to provide us with a service.
- We may disclose your personal data to the following categories of third-party recipients:
|Hosting||We may share your personal data with cloud storage providers.|
|Analytic tools||We may share your personal data with analytics and search engine service providers.|
|Administration and support tools||We may share your personal data with support software providers.|
|Emailing||We may share your personal data with emailing service providers.|
|CRM||We may share your personal data with CRM providers.|
|Payment processing||We may share your personal data with online payment processing providers.|
|Messaging and collaboration tools||We may share your personal data with messaging and collaboration software providers.|
- Third Parties – We may integrate with other third party products and services such as Spotify to enable certain features of the Services. We do not share your personal information with them except as is necessary in order to allow them to perform the features requiring their integration.
- Competition partners – When offering competitions or other prize draw, via the Services, we may process your personal data in order to manage your entry and contact you if you are a winner.(i) We may share your name and country of residence with anyone who asks for winner’s details; and(ii) We may use your name and image in publicity materials as we see fit. We may share your personal information with our competition partner for the purpose of administering the competition (for example, arranging for the prize to be provided to the winner).
- Event Partners – We are a ticketing agent, so we sell you tickets to events on behalf of the Event Partner for that event. We therefore need to share your personal details with them and other parties involved in the provision of the event (such as the venue) so they can provide you with information about the event such as last-minute changes, or for the purposes of ticket validation upon entry to a venue. We may also need to share your information with them in terms of sales control. Event partners can access customer information such as name, email address and a phone number. If you follow an artist using the App, we may also share your information with them. We are not responsible or liable for the actions of such third parties, and if you wish to complain about the use of your personal information by such third party then you should contact the relevant third party directly.
- Other reasons – We may also share your personal information with a purchaser or potential purchaser of our business and in some circumstances, we may have to disclose your personal information by law, either because a court or the police or other law enforcement agency has asked us for it, to enforce our legal rights, or to prevent fraud or ticket-touting for example.
8.2. We may also provide our partners with anonymous information about how users, collectively, use the App and website so that they can understand how often people use their services, the App and the website.
9. INFORMATION ABOUT OTHER INDIVIDUALS
9.1. If you give us information (including personal information) on behalf of someone else, you confirm that the other person has given you permission to act on his/her behalf and has agreed that you can:
- provide their personal information to us;
- give consent on their behalf to the processing of their personal data;
- receive on their behalf any data protection notices; and
- give consent to the transfer of the individual’s personal data abroad.
9.2. Such consent should be proved by providing DICE with the written authorisation from the data subject or the document which demonstrates power to represent him or her. In case these documents are not available, additional alternatives can be settled.
10. SECURITY AND INTERNATIONAL TRANSFERS OF DATA
10.1. We are committed to ensuring that your information will be treated confidentially and securely, and we have put in place appropriate measures to ensure the security of your personal data.
10.2. The personal data that we collect from you may be transferred to, and stored at, destinations outside the European Economic Area (EEA) where the laws on processing personal data may be less stringent than in your country. It may also be processed by staff operating outside the EEA who work for us or for one of our agents or suppliers.
10.3. Presently personal data collected from you is stored in data centres as well as cloud networks which are located or hosted in Ireland.
10.4. When your personal data is transferred to parties located outside of the EEA we shall undertake an assessment and take appropriate measures to ensure such third party will provide adequate security of such personal data and respect your rights to privacy. These safeguards are intended to ensure a similar degree of protection is afforded to your data wherever it may be transferred and may include:
- only transferring your personal data to countries which have been deemed to provide an adequate level of protection for personal data by the European Commission;
- entering into specific contractual terms which have been approved by the European Commission and which give personal data the same protection as within the EEA; or
- where your data will be transferred to the US, ensuring that the third party to which we are transferring your data is part of the Privacy Shield.
For further information on the safeguards used, please contact us at firstname.lastname@example.org.
11. DATA RETENTION
11.2. When calculating the appropriate retention period for your data, we consider the nature and sensitivity of the data, the purposes for which we are processing the data, and any applicable statutory retention periods. Using these criteria, we regularly review the personal data which we hold and the purposes for which it is held and processed. Once processing has been completed, we may securely delete or anonymise your personal data.
11.3. We may delete accounts or specific information before account deactivation where we believe it may no longer be relevant or where an account has been inactive for more than a year. Purchase history may be deleted after 8 years.
For more details about our retention periods, please contact us at email@example.com.
12. YOUR RIGHTS
Under the EU General Data Protection Regulation (GDPR) and any equivalent rules in the UK, you are entitled to certain rights in relation to our handling of your personal data, as described below.
12.1. You may request details of the personal information that we hold about you under data protection laws. If you would like a copy of the information held about you please write to us at firstname.lastname@example.org.
12.2. If you think any information we have about you is incorrect or incomplete, please write to us or email us at email@example.com as soon as possible. We will correct or update any information as soon as we can.
12.3. You have the right to erasure of your data, which you can exercise by means of the deactivation of your account. We are not required to delete the information important for the establishment, exercise or defence of legal claims, or that we need to retain in order to comply with the law.
12.4. You have the right of restriction of processing, where the data is wrongfully processed but should not be erased for a reason listed in Article 18 (1) of the GDPR.
12.5. Until a download option has been developed based on universally recognised standards, you may exercise your right of data portability by obtaining your data by sending us an email request.
If you would like to exercise these rights, please write to us or email us at firstname.lastname@example.org.
13. CONTACT AND COMPLAINTS
Should you have any complaints about how we handle your personal information, please contact us at email@example.com. Should we be unable to resolve your complaint and you wish to take your complaint further, you may do so by contacting the UK Information Commissioner’s Office.
14. DATA PROTECTION OFFICER CONTACT DETAILS
DICE has appointed a data protection officer for you to contact if you have any questions or concerns about the DICE’s personal data policies or practices. DICE’s data protection officer’s name and contact information are as follows:
163 City Rd
London EC1V 1NR
Contact email: firstname.lastname@example.org
Contact telephone: (+44) (0)20 3917 4158