WHO WE ARE
We (Roca Events Ltd, Us, Our, Promised Land, clubpromisedland.com) are a data controller. This means we determine the purpose and means of processing the personal data that we obtain from you. We collect personal data from online purchases, from people who register to follow our email newsletters and from people that visit our website or social media accounts. Furthermore, we also collect data for credit/debit card payments, security, legal, licensing and marketing purposes when customers enter the venue.
(1) THE PERSONAL DATA WE COLLECT
1.1(a) Online purchases
record of items purchased;
credit/debit card information when making a purchase
Cookies are small pieces of text stored to the browser of your computer/mobile device at the request of the websites/apps you are using. This allows the website to know information about your preferences (such as your preferred language and other settings). Cookies play an important role in making your experience easier and less frustrating.
(Insert link ‘ABOUT COOKIES’)
A visit to a page on our website may generate the following types of cookie:
Anonymous analytical cookies
Pixel cookies for social media advertising
1.2 AT THE VENUE (physical collection)
1.2(a) ID, Image Scan & CCTV
We will keep the retention period for this data to a minimum and we will regularly carry out manual reviews of any alert lists or records we utilise in identifying potential security risks at the venue. Your decision to present ID for scanning when entering the venue is always voluntary and by permitting us to scan your ID you agree for us to use your data in line with our policy as defined in this document and through any other safety, security, legal or licensing obligations. However, to enter the venue you must have a valid form of government issued photographic ID proving you are over the age of 18 and the management reserves the right to refuse admission.
All Personal Data will be deleted within set the frames (3 months for ID scans and 31 days for CCTV footage) unless by doing so it will cause us to be in breach of any of the principles of the 2003 Licensing Act, other licensing, safety, security or legal responsibilities. The data collected for these purposes are video imagery, a digital photograph of you as you enter the venue and the data taken from the ID you choose to present for scanning (e.g. driving license, passport, national identity card), such as but not limited to your scanned picture, name, gender, date of birth, nationality and country of issue. All personal data is highly
1.2(b) Club photograpy
Crowd shots and shots of performers may be taken by professional photographers at the venue during events for marketing and promotional purposes and these may include images of you. In accordance with the signage outside of the venue, by entering the venue you give consent to this and for us or third parties to use them as such. You can email us directly if you have any questions and/or issues email@example.com
1.2(c) Card payments at the venue
Card payments are securely taken when purchasing goods at the venue and will not be kept longer than is necessary than for its purpose, to process a card payment safely and securely.
(2) HOW & WHY WE USE YOUR DATA
2.1 Our commitment to you
We are fully committed to protecting the privacy of our customers and site users. We will not disclose the information we hold about our customers to third parties except where it is part of providing a service to you (e.g. ticket selling websites/apps or couriers to deliver goods), for a legal or licensing obligation or when we have established a legitimate interest of our own that is necessary and does not override those of another.
2.2 The How & Why
As well as through the occasions where we obtained express consent, we also acquire and use information which allows us to enter into and perform our contract with you*, to enable us to comply with legal obligations** and in order to pursue our legitimate interest of our own*** (provided your fundamental rights don’t over ride these). We have indicated by asterisks the purpose or purposes for which we are processing or will process your personal information.
2.2(a) Verifying your identity (*, **, ***)
2.2(b) To enable you to access the services we provide (*,***)
2.2(c) To enable you to register for marketing updates from us by email (*,***)
2.2(d) Making a decision and processing a ticket purchase (*)
2.2(e) To inform existing customers of related events they may wish to buy tickets for (***)
2.2(f) Determining the terms of a ticket purchase (*)
2.2(g) Administering any agreement we have entered into with you (*)
2.2(h) Administering any agreement you have entered into with another party on our platform (*)
2.2(i) Administering our payment processing services, including the receipt of payments from Customers and the making of payments to other parties to the sale or other Users (*,***)
2.2(j) To contact you about any events or other offers you have expressed an interest in (***)
2.2(k) To contact you about any events, offers or services which we feel may be of interest to you, including where we use information we obtain through you accessing Promised Land through a social media account (***)
2.2(k) To contact you in the event of an issue with your use of our site (*, ***)
2.2(l) To contact you if the event is cancelled (*, ***)
2.2(m) To contact you if there is a change to the event (change of artists) (*, ***)
2.2(n) Dealing with any complaints you may have (*, ***)
2.2(o) Business management and planning, including accounting and auditing (**, ***)
2.2(p) Conducting performance reviews, managing performance and determining performance requirements (***)
2.2(q) Complying with health and safety obligations (**, ***)
2.2(r) Complying with our tax obligations (**,***)
2.2(s) To detect and prevent fraud, money-laundering and other crimes (**)
2.2(t) To monitor your use of our systems to ensure compliance with our IT policies (***)
2.2(u) To ensure our systems interact successfully with social media platforms including Facebook, Twitter, Soundcloud and Instagram (***)
2.2(v) To ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution (***)
2.2(w) To conduct data analytics studies to review and better understand users use of your website and services (***)
2.2(x) To review and improve the performance of our website, systems, processes and staff (***)
2.2(y) To interact and respond to any communications you send us, including social media posts that you tag us in (***)
2.2(z) To let you know about any important changes to our business or policies. (***)
2.2(aa) To protect your interests, or the interests of others (such as in the event of criminality such as identity theft, piracy or fraud) (**, ***)
2.2(ab) Recording of close circuit television CCTV (**, ***)
2.2(ac) Scanning ID cards on entry through IDScan (*,**, ***)
2.2(ad) Taking Credit/Debit Card readings or details (*)
All our customers will have the option to opt-out of receiving marketing communications from us and/or selected third parties. If you do not wish to continue to receive marketing from us you can see section 3 (“CONTACTING Promised Land, MANAGING YOUR DATA CONSENT OR MAKING A COMPLAINT”).
You have rights in relation to you and your data, please see section 5 (“YOUR RIGHTS”) for more information on what they are and how to enforce and protect them.
(3) CONTACTING Promised Land, MANAGING YOUR DATA CONSENT OR MAKING A COMPLAINT
(4) WHERE & HOW WE STORE YOUR INFORMATION
4.2 The Where
The Information that we collect from you may be transferred to and stored at a destination outside the European Economic Area. Your Information may also be processed by staff operating outside the EEA who work for us or for one of the third parties we work with. By submitting Information to us, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your Information is treated securely and in accordance with the terms of the GDPR and any and all domestic legislation incorporating the Regulation into English law. We will inform the ICO within 72 hours of any breach and, where possible, we will endeavour to ensure any affected parties are notified.
4.2 The How
We use operational and physical safeguards designed to protect the security and integrity of all the Personal Data we control. This is structured to prevent unauthorised access or disclosure to unauthorised third parties (e.g. firewalls, encryption, anti-virus software, IT health checks and regular reviews of our IT security protocols).
(5) YOUR RIGHTS
5.1 You have the right to cancel your subscription to direct marketing from us
You have the right to cancel your membership to email correspondence from us at any time. You can do this by clicking the ‘unsubscribe’ button at the bottom of any email we send to you or by emailing us directly at firstname.lastname@example.org
5.2 You have the right to cancel your subscription and/or membership to third parties
5.3 You have the right to be informed
We have a legal obligation to provide you with concise, transparent, intelligible and easily accessible information about your personal information and our use of it. We have written this policy to do just that, but if you have any questions or require more specific information, you can get in touch with us (email@example.com)
5.4 You have the right to access your Personal Data
You have the right to ask us to confirm whether or not we hold any of your personal information. If we do, you have the right to have a copy of your information and to be informed of the following:
why we have been using your information;
what categories of information we were using;
who we have shared the information with;
how long we envisage holding your information
In order to maintain the security of your information, we will have to verify your identity before we provide you with a copy of the information we hold. The first copy of your information that you request from us will be provided free of charge, if you require further copies we may charge an administrative fee to cover our costs. You can get in touch with us firstname.lastname@example.org
5.5 You have the right to correct any inaccurate or incomplete Personal Data
Where you have requested a copy of the information we hold about you, you may notice that there are inaccuracies in the records, or that certain parts are incomplete. If this is the case you can update your information by contacting email@example.com so that we can correct our records. Where your Personal Data is imported into our server by a data controller (e.g. ticket selling site), you may also wish to contact that site in order for them to correct any inaccuracies in their records.
5.6 You have the right to be forgotten
There may be times where it is no longer necessary for us to hold personal information about you. This could be:
the information is no longer needed for the original purpose that we collected it for
you withdraw your consent for us to use the information (and we have no other legal reason to keep using it);
you object to us using your information and we have no overriding reason to keep using it;
we have used your information unlawfully; or
we are subject to a legal requirement to delete your information
In those situations, you have the right to have your Personal Data deleted as long as it does not prevent us from adhering to our legal obligations. If you believe one of these situations applies to you, please get in touch with us. Where you submit a request for us to delete your Personal Data, we will remove your data from our systems within a reasonable time.
5.7 You have the right to have a copy of your data transferred to you or a third party in a compatible format
Also known as Data Portability – you have the right to obtain a copy of your Personal Data for your own purposes. This right allows you to move, copy or transfer your Personal Data more easily from one IT system to another, in a safe and secure way. This right shall only apply where:
we are processing your information for the purposes of entering into or performing a contract; or
you have provided consent for us to process your information.
If you would like us to transfer a copy of your data to you or another organisation in a structured, commonly use and machine-readable format, please contact us. There is no charge for you exercising this right.
5.8 You have the right to object to us using your information for our own legitimate interests
Sometimes, we use your personal information to achieve goals that will help us as well as you. This includes:
when we tell you about products or services that are similar to ones that you have already bought;
when we use your information to help us make our business better; and
when we contact you to interact, communicate or let you know about changes we are making
We aim to always ensure that your rights and information are properly protected. If you believe that the way we are using your data is not justified due to its impact on you or your rights, you have the right to object. Unless we have a compelling reason to continue, we must stop using your Personal Data for these purposes.
In order to exercise your right to object to our use of your data for the purposes above, you can click the “unsubscribe” link which is set out in each of our communications to you, which will enable you to unsubscribe to communications. In addition, you can email us directly and request to be removed at firstname.lastname@example.org
5.9 You have the right to restrict how we use your Personal Data
You have the right to ask us to stop using your Personal Data in any way other than simply keeping a copy of it. This right is available where:
you have informed us that the information we hold about you is inaccurate and we have not yet been able to verify this;
you have objected to us using your information for our own legitimate interests and we are in the process of considering your objection;
we have used your information in an unlawful way, but you do not want us to delete your data; or
we no longer need to use the information, but you need it for a legal claim
If you believe any of these situations apply, please contact us at email@example.com
5.10 You have rights related to automated-decision making and profiling
Any automated decision-making or profiling we undertake is solely for the purpose of tailoring the information which we provide to you. We will not use automated decision-making or profiling to make any decisions which will have a legal effect upon you or otherwise significantly affect you and you have the right not to be subject to such decisions. We do not use automated decision making in regards to whether to allow a customer to enter the venue, our management team reserves the right to refuse admission to our management team. If you have any concerns or questions about this right, please contact us at firstname.lastname@example.org
(6) About Cookies
6.1 WHAT ARE “COOKIES”
“Cookies” are small piece of text sent to your browser by a website you visit. They help the website remember information about your visit, like your preferred language and other settings. That can make your next visit easier and the site more useful to you. Cookies play an important role. Without them, using the web would be a much more frustrating experience.
Cookies can be most broadly distinguished in: first & third party cookies
6.1(a) First party cookies
First party cookies are set by the website, you are visiting and they can only be read by that site.
6.1(b) Third party cookies
Third party cookies are set by a different organisation to the owner of the website you are visiting. For example, the website might use a third party analytics company who will set their own cookie to perform this service.
6.2(a) Session cookies
Session Cookies are stored only temporarily during a browsing session and are deleted from the user’s device when the browser is closed.
6.2(b) Persistent cookies
This type of cookie is saved on your computer for a fixed period (usually a year or longer) and is not deleted when the browser is closed. Persistent cookies are used where website need to know who you are for more than one browsing session.
6.2(c) Flash cookies
Many websites use Adobe Flash Player to deliver video and game content to their users. Adobe utilise their own cookies, which are not manageable through your browser settings but are used by the Flash Player for similar purposes, such as storing preferences or tracking users.
Flash Cookies work in a different way to web browser cookies (the cookie types listed above are all set via your browser); rather than having individual cookies for particular jobs, a website is restricted to storing all data in one cookie. You can control how much data can be stored in that cookie but you cannot choose what type of information is allowed to be stored.
6.2(d) Site performance cookies
This type of cookie remembers your preferences for tools found on the website, so you don’t have to re-set them each time you visit.
volume settings for our video player
whether you see the latest or the oldest article comments first
video streaming speeds that are compatible with your browser
6.2(e) Anonymous analytics cookies
Every time someone visits some websites, software provided by another organisation generates an anonymous analytics cookie’.
These cookies can tell whether or not you have visited the site before. Your browser will tell if you have these cookies and, if you don’t, we generate new ones.
This allows us to track how many individual users a website has, and how often they visit the site.
Unless you are signed in to a website these cookies cannot be used to identify individuals. They are used to gather statistics, for example, the number of visits to a page. If you are logged in, websites will also know the details you gave for this, such as your username and email address.
6.2(f) Geo-targeting cookies
These cookies are used by software which tries to work out what country you are in from the information supplied by your browser when you click on a web page. This cookie is completely anonymous, and it is used only to help target content – such as whether you see our UK or US home page – and advertising.
6.2(g) Registration cookies
When you register with a particular site, some cookies are generated to let webmasters know whether you are signed in or not.
Servers use these cookies to work out which account you are signed in with, and if you are allowed access to a particular service. It also allows us to associate any comments you post with your username.
If you have not selected ‘keep me signed in’, your cookies get deleted when you either close your browser or shut down your computer.
While you are signed into either of the sites, information from your registration cookies might be combined with analytics cookies, which can be used to identify which pages you have seen on the site.
6.2(h) First party advertising cookies
These cookies allows the website you are visiting to know whether or not you’ve seen an advert or a type of advert, and how long it is since you’ve seen it.
6.2(i) Third party advertising cookies
A lot of the advertisements you see on websites you are visiting are provided by other organisations. Some of these organisations use their own anonymous cookies to track how many people have seen a particular ad, or to track how many people have seen it more than once.
6.2(j) Other third party cookies
On some pages of our website, other organisations may also set their own anonymous cookies. They do this to track the success of their application, or to customise the application for you. Because of how cookies work, our website cannot access these cookies, nor can the other organisation access the data in cookies we use on our website.
For example, when you share an article using a social-media sharing button (for example, Facebook), the social network that has created the button will record that you have done this.
6.3 What types of cookie do we use on our website?
A visit to a page on our website may generate the following types of cookie:
Anonymous analytical cookies
Facebook pixel cookies for Facebook Ads
How do I turn cookies off?
It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website. However, we cannot tell if you are signed in without using cookies, so you would not be able to post comments. All modern browsers allow you to change your cookie settings. You can usually find these settings in the ‘options’ or ‘preferences’ menu of your browser. To understand these settings, the following links may be helpful, or you can use the ‘Help’ option in your browser for more details.
Deactivate Cookies in Google Chrome
Deactivate Cookies in Mozilla Firefox
Deactivate Cookies in Internet Explorer
Deactivate Cookies in Safari
Deactivate Cookies in Opera
(7) CONTACT DETAILS
If you have any question relating to this policy, or your personal data, you can contact us using one of the following methods
Email Promised Land’s Data Protection Officer: