Last update: 21 October 2022
IF YOU DO NOT AGREE WITH ANY PART OF THIS POLICY, PLEASE DO NOT BROWSE, ACCESS OR USE ANY WEBSITE OPERATED BY US, BUY A PRODUCT FROM US, PURCHASE A TICKET OR ATTEND ANY EVENT HELD BY US OR OTHERWISE ENGAGE IN OUR SERVICES.
1. Types of information that we collect and purpose of collection
At a high level, ‘Personal information’ means information or an opinion about an identified individual, or an individual who is reasonably identifiable. It may include your name, age, address and, in some circumstances, financial information.
The kinds of Personal Information we collect and hold about you will depend on the circumstances of collection. For example:
- If you are a mailing list subscriber or request access to ticket presales, we may collect contact details from you such as your full name, email address, country, postcode and year of birth.
- If you use our Websites, purchase event tickets or products from us, or receive a transferred event ticket, we may collect information about you such as your date of birth, address, phone number, information about goods or services ordered, billing and payment details, any enquiries or complaints you have lodged with us, and your transaction history with us.
- We may collect information from you prior to, at entry of, or during one of our events, including for the purposes complying with any government law, regulation, health order and other restrictions. Any collection of Personal Information as required by law will be in accordance with applicable laws, regulations and/or health orders.
- For recruitment purposes, we may collect and hold Personal Information about prospective employees, such as your tax file number, date of birth, driver’s licence number and employment history. We may also need to collect sensitive information about you such as your membership in professional or trade associations and certifications from police checks. Unless the collection of sensitive information is permitted under Privacy Act, we will only collect sensitive information with your consent where that information is reasonably necessary for our business.
2. How we collect your Personal Information
We collect your Personal Information when you interact with us directly via our Websites and social media accounts. We also collect your Personal Information when you purchase event tickets (either directly or via a third-party ticketing partner) or products from us, when you join competitions or giveaways organised by us, when you apply for a job with us, or when you apply for a grant application.
Collection through social media platforms
When you interact with us using social media platforms, you may provide Personal Information to the operators of these social media platforms. Such information is subject to those operators’ privacy policies. We are not responsible for the privacy practices and policies of these operators even if you accessed these platforms from our Websites. We encourage you to read and understand these operators’ privacy policies before providing them with your Personal Information.
Collecting Personal Information from other sources
Sometimes we collect Personal Information about you from other sources where you have consented to the collection, where we are authorised by law to collect information, or where it is unreasonable or impracticable to collect that information from you personally.
If you purchase a ticket for one of our events, we will collect Personal Information from our third-party ticketing intermediary (for example, Ticketmaster or Moshtix).
If you apply for a position with us, we may collect your Personal Information from third parties such as recruitment service providers, referees, former employers, educational institutions and, if appropriate, health providers and police.
Examples of other sources that we may collect Personal Information from are our business partners (including any co-promotion partners and ticketing companies) and related entities which include:
- UNIFIED Music Group Pty Ltd; WAU Recording Pty Ltd atf WAU Recording Trust; The Hills Are Alive Group Pty Ltd, Red Hill Entertainment Pty Ltd
If we receive unsolicited Personal Information about you from a third party and it is clear to us that we should not have received that information, we will destroy or securely delete that information (if it is lawful and reasonable for us to do so).
Notification of collection of Personal Information from third parties
If we collect your Personal Information from third parties in circumstances where you may not be aware that we have collected your Personal Information, we will take reasonable steps to notify you of the collection and the circumstances that surround the collection.
Use of tracking tools
- Cookies are text files placed in your computer’s browser to store your preferences. These cookies collect information on how you and other visitors use our Websites.
- Google Analytics is a service which transmits website traffic data. It will not identify individual users and IP addresses with any other data held by Google.
- Hotjar is a combination of various online tools that we use to track the behaviour of the people who use and visit our Websites.
We use tracking tools to maintain our site, identify and analyse trends, and to obtain broad demographic information. We may also use the information transferred through cookies for promotion or marketing purposes.
Most browsers are initially set to accept cookies or other tracking tools. If you prefer, you can set your browser to refuse these by selecting the appropriate settings or blockings, or deleting or disabling them in your browser or device permits. If you disable cookies, we cannot guarantee that our Websites will be fully functional.
3. Use and disclosure
Use and disclosure of Personal Information
We use Personal Information for a variety of purposes to conduct our business, including:
- to supply products and services to you (including products and tickets to our events);
- to plan, deliver and run our events;
- to provide you with access to the Websites;
- to contact and communicate with you and engage in marketing campaigns (including in relation to your purchases, our competitions, and to provide you with information about our events and products and services);
- to run our competitions and promotions;
- to conduct market research and website development;
- for internal record keeping;
- to consider applications for current and future employment;
- to consider any application for grant funding; and
- to comply with legal and regulatory requirements (including, without limitation, providing Personal Information to law enforcement and relevant State and Territory authorities, when required to do so).
We will not use or disclose Personal Information we hold about you that was collected for a particular purpose for another purpose, unless:
- you have consented to the use or disclosure of the information for another purpose; or
- the use or disclosure is otherwise permitted under the Privacy Act.
Direct marketing involves communicating directly with you for the purpose of promoting our events, merchandise and other goods or services. Direct marketing can be delivered by a range of methods including mail, telephone, email, SMS or social media.
We (and our artists, promoters, ticket merchants and other business partners) may carry out direct marketing activities from time to time. You have a right under the Spam Act 2003 (Cth) to opt out from direct marketing and you can opt out at any time by emailing our Privacy Officer at firstname.lastname@example.org or by clicking the ‘unsubscribe’ link on any direct marketing communications.
Disclosure to third parties
We may disclose Personal Information about you to third parties in connection with the purposes described above (including for direct marketing purposes). This may involve disclosing Personal Information to entities including:
- our related entities, including The Hills Are Alive Group Pty Ltd, UNIFIED Music Group Pty Ltd and WAU Recording Pty Ltd atf WAU Recording Trust;
- our business partners or joint venture entities in the music, entertainment and marketing industries;
- our third-party ticket merchants and ticket resale merchants;
- our artists (and their label and representatives) if you purchase their merchandise or a ticket to an event at which they are performing;
- other third-parties if you purchase their merchandise or products;
- our event partners, promoters or sponsors;
- our external service providers, including mail houses, couriers, payment processors or payment gateway providers and e-commerce website providers;
- our professional advisers, such as auditors, insurers and lawyers;
- debt collection agencies and credit reporting bodies;
- law enforcement, government agencies and regulatory authorities (as required or authorised by law or a court/tribunal order); and
- any other person where you have given your consent.
We take reasonable steps to ensure that these third parties are bound by privacy obligations in relation to your Personal Information.
We will not sell, gift, rent or trade your Personal Information to anyone.
In some circumstances, we may need to disclose your Personal Information to third party suppliers and service providers located overseas including PayPal, Shopify, Braintree and Afterpay. The locations of these overseas entities include the United States, Canada, the United Kingdom and Europe. We take reasonable steps to ensure overseas recipients of your Personal Information do not breach the Privacy Act.
Our Websites contain features or links to websites and services provided by third parties such as social media platforms, e-commerce platforms, online streaming services and external payment gateways. These third-party service providers have their own privacy policies and may disclose your Personal Information to overseas recipients.
4. Protecting Personal Information
Storing Personal Information
We store your Personal Information in different ways, including in physical and electronic form on site and with third party storage providers.
We maintain physical, electronic and procedural security measures designed to safeguard your Personal Information and protect it from misuse and unauthorised access, disclosure or interference. For example, we may implement:
- physical security measures for access to systems, including restricting access to authorised personnel only, control of access to buildings and use of user identifiers and passwords;
- electronic security systems such as firewalls and data encryption, backup and recovery of systems, use of rostering, staff management and finance software, use of secure payment portals and Secure Socket Layer (SSL); and
- procedural security measures, including imposing confidentiality obligations on employees, consultants and contractors, providing them with training and requiring them to comply with strict privacy and security policies and procedures including account decommissioning for exiting staff.
Although we take care with your Personal Information, we cannot 100% guarantee that there will not be any security breaches.
To the extent permitted by law, we accept no liability for any breach of security or direct hacking of our security or any unintentional disclosure, loss or misuse of any information or data or for the actions of any third parties that may obtain any information or data.
What happens if we no longer need your Personal Information?
If we no longer need your Personal Information for any purpose, we will take reasonable steps to destroy or permanently de-identify the information, unless the information is contained in a Commonwealth record or we are required by law, or a court/tribunal order, to retain the information.
5. Access to, and correction of, Personal Information
Access to Personal Information
You may request access to Personal Information we hold about you by contacting our Privacy Officer in accordance with the contact details set out at the end of this policy.
We will respond to a request for access within a reasonable time, and give you access in the manner you request, if it is reasonable and practicable to do so, unless an exception in the Privacy Act applies. For example, if providing this access may disclose information about another person and have an unreasonable impact on their privacy, we may need to refuse to grant you access.
We may need to verify your identity before we give you access to your Personal Information. Depending on the nature of the request, we may charge you a small fee to access that information.
It is your responsibility to maintain the accuracy and completeness of your Personal Information and that your failure to do so may impact our ability to undertake our various business functions, including processing your purchase of any ticket and allowing you access to any of our events.
You may request that we correct any information about you which you think is inaccurate, incomplete or out of date. We will respond to a correction request within a reasonable time.
If we correct your Personal Information that we have previously disclosed to another entity, and you ask us to tell the other entity about the correction, we will take reasonable steps to tell the other entity about the correction, unless it is impractical or unlawful to do so.
Refusal to allow access to, or correction of, Personal Information
If we refuse to allow you access to your Personal Information or to correct that information, then we will provide you with the reasons for our decision and will inform you of mechanisms available to complain about the refusal.
You have the option to remain anonymous, or to use a pseudonym when dealing with us where it is lawful and practical to do so. However, without your Personal Information we may not be able to provide you with our products and services. You will not be able to purchase any ticket for or attend any of our events without providing Personal Information.
Mail: 51 Wangaratta St, Richmond VIC 3121 Australia
When contacting us please provide as much detail as possible in relation to your question, comment or complaint. We will take any privacy complaint seriously and any complaint will be assessed with the aim of resolving any issue in a timely and efficient manner.
External complaint mechanism
If you are not happy with the outcome of the Privacy Officer’s investigation or we have not replied to you within 30 days, then you can raise your concern with:
The Office of the Australian Information Commissioner
Telephone: 1300 363 992
Mail: Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001