Headfirst want you to make informed decisions about your the information you share with us, so we have prepared this privacy statement in response to the new General Data Protection Regulation (GDPR) .
By using our website or our app (collectively ‘The Platform’), you consent to our collection and use of your Information as described in this policy. Headfirst may occasionally update this policy - we will prompt you to re-read this policy whenever you make a purchase or any time we request additional data.
2. What information do we collect?
We try to collect the minimum amount of data required to provide a tailored but respectful service. We will collect and request this information in a variety of ways:
2.1 Information required to make a purchase
In order to process your order, it is necessary for us to collect some data. For example:
Your name and email so the promoter can find your details if you arrive at the event without your ticket
Your postcode for verifying your card purchase.
A mobile number and password or Facebook login so your details are saved should you want to return.
2.2 Information you voluntarily provide
We collect and maintain Information that you voluntarily submit to us during any registration and/or use of our website or app. For example:
Age & gender
Facebook event rsvp status
You can choose not to provide us with certain Information, but this may limit the features that you can use on our website or an App. You can contact us at any time and request an export of your data or for us ti remove any data.
2.3 Information we collect through your use of our services
A cookie is a small file which is stored by the browser on your computer's hard drive. Cookies store some basic information that helps us:
Identify if a user of your computer has visited the site before and if you have provided us with some personalised information
Deliver content specific to your interests, to save your password (if you have supplied us with one) so you do not have to re-enter it each time you visit our site
Identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs.
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Displaying content from external platforms
The Platform uses content from external media platforms like Spotify, SoundCloud, YouTube, Vimeo and event location information from Google Maps. These services might still collect cookies and usage data for the pages where the service is installed, even when Users do not use it.
If you choose to log-in to the Headfirst through Facebook, Facebook will provide Headfirst with aggregate (anonymised) analytics, for example what times of day people use The Platform.
Please remember that when you use a link to go from our website or our app to another website, our Policy no longer applies. We do not control any Third-Party Sites, and is not responsible for any information they may collect.
3. How we use your information
In general, we use your Information as necessary or appropriate for our business purposes. These include:
Fulfill orders, for example sending your tickets.
Respond to account queries, for example finding your tickets if you’ve lost them.
Personalise the features of Headfirst, for example event recommendations.
Analyse, benchmark and conduct research on user interactions with the platform, for example detecting how many people use a certain feature and deciding whether to improve/remove/replace that feature.
Run targetted advert campaigns through Facebook.
4. Can I find out what information you are storing on me?
Users have know about their personal information, to verify its accuracy and to have it updated or corrected. You will not be charged for data requests under new GDPR regulations.
Any requests of this nature should be sent to the Data Controller: firstname.lastname@example.org
We are not responsible for updating or removing your Information contained in the lists or databases of third parties who have been provided with Information as permitted by this Policy.
5. When we disclose information to third parties
We are extremely careful to share as little information with third parties as possible. There are however situations when this is necessary, for example:
5.1 Sharing your information with promoters
When you buy a ticket from Headfirst, it is necessary to share some of your personal information with that event’s promoter.
Your name and email address, so they can check you in at the event if you’ve lost your tickets.
Aggregate (anonymised) demographic data (age, gender, fb music likes, event history, city), so they know what kind of guests to expect and invite to future events.
In the event of Test & Trace request, your mobile number will be given to the relevent event organiser so they can notify you of any potential exposure.
5.2 Sharing your financial information with our card processor
When you make a purchase on Headfirst, your consent is given to provide your financial or personal information to those third parties necessary to process your transactions with us.
5.3 Legal requests
We may be required to reveal personal data upon request of public authorities. In these cases,
your personal data may be used for legal purposes by us in court or in the stages leading to possible legal action arising from improper use of our services.
6. Where we store your information
The information that we collect from you may be transferred to and stored (typically on remote and backup servers) outside the European Economic Area. By submitting information to us, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Policy and the Act.
6.1 Methods of processing
We process your data in a proper manner and take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of it. In addition to our data controller, in some cases, the data will be accessible to staff involved with the operation of the site (administration, sales, marketing, legal, system administration). The updated list of these persons may be requested from us at any time: email@example.com
6.2 Retention time
The data is kept for the time necessary to provide the service, you can contact us at any time and request your data is destroyed.
7. Data security
We have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. You may choose to restrict the collection or use of your personal information in the following ways:
whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by emailing us
If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible: firstname.lastname@example.org