1. AGREEMENT TO THIS POLICY
1.3 This Policy, together with our Terms of Service found at https://livepass.asia/privacy-policy/ (also accessible through our mobile application) (“Terms of Service”) govern your access to and use of the Platform and/or Services.
1.4 Capitalised terms used herein shall have the meaning set out in our Terms of Service, unless the context requires otherwise.
2. CHANGES TO THIS POLICY
From time to time, we may revise, amend or supplement this Policy to reflect necessary changes in law, our personal data collection and usage practices, the features of our Platform and/or Services or certain advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on our website. The onus and/or responsibility is solely on you to periodically familiarise yourself with the contents of this Policy for your own information; and particularly to do so every time you access our Platform or make use of our Services. Changes to this Policy are effective when they are published. Unless stated otherwise, our current Policy applies to all information that we have about you and your account. Your continued access of the Platform and/or Services after such changes conclusively demonstrates your acceptance of those changes and/or updated content and your acknowledgement and/or agreement to abide by the updated Policy.
3.1 Age: By accessing or using the Platform and/or Services, you represent and warrant that you are at least eighteen (18) years of age or are of legal age to form a binding contract under applicable laws. If you are under the age of eighteen (18) or are of legal age to form a binding contract under applicable laws, you may not, under any circumstances or for any reason, use the Platform and/or Services.
3.2 Legality: You are solely responsible for ensuring that this Policy follows all laws, rules, and regulations applicable to you and in your specific jurisdiction. If your use of the Platform and/or Services, or any functionality provided or activity enabled thereby, is prohibited or conflicts with any applicable law, rule or regulation in your jurisdiction, you may not, under any circumstances or for any reason, use the Platform and/or Services.
3.3 Criteria: We may in our sole discretion refuse to offer the Platform and/or Services to any person or entity and change the eligibility criteria for use thereof at any time.
4. PRIVACY OF AND USAGE BY CHILDREN
Our Platform and/or Services are not directed to collect any data from people under the age of eighteen (18) years. We do not knowingly allow anyone under the age of eighteen (18) years to submit any data to our Platform and/or Services. If you believe your child may have provided us with their data, you can contact us using the information in the Contact Us section of this Policy and we will delete the data from our Platform and/or Services.
5.1 This Policy applies to all your interactions with us via the Platform and/or Services, your interactions with us in connection therewith, all Personal Information processing activities carried out by us, across platforms, websites, and departments of Livepass and Livepass Operators.
5.2 To the extent that you are a customer or user of our Platform and or Services, this Policy applies together with any terms of business and other contractual documents, including but not limited to any agreements we may have with you.
5.3 To the extent that you are not a relevant stakeholder, customer or user of our services, but are using our Platform and/or Services, this Policy also applies to you.
6. DATA PROCESSING IN CONNECTION WITH THE PLATFORM AND/OR SERVICES
6.1 The information you provide, or which we obtain from other sources will be used by us, in accordance with this Policy, our other policies, applicable laws and regulations, and the Personal Data Protection Act 2010. The below specifies which data points we collect, for what purposes and legal basis for our use of personal information.
6.2 We may collect and process the following about you:
a. When you create an account and buy tickets. When you create an account, buy a ticket, register for a presale or have a ticket transferred to you by a friend, we may collect information directly from you. Depending on the service we are providing, this may include your contact and billing information, such as your name, street address, zip or post code, email, phone number and credit card details.
b. When you buy tickets from third parties. Where you buy tickets from third-party e-commerce sites, the third party will send us information such as your contact and billing information and information about your ticket purchase for us to allocate tickets to you.
c. When using our Platform and/or Services. When you use our Platform and/or Services such as our websites or apps, we may use tracking tools like browser cookies and web beacons and technology like GPS and Wi-Fi to passively collect data about you, such as the browser and device you're using, your IP address, your location, the site you came from, what you did and didn't use our site/app for, or the site you visit when you leave us.
d. When you contact our fan experience and customer support teams. When you contact our Customer Services teams with a query or provide us with feedback, we record that interaction for evidentiary purposes and to provide support related to your query.
e. When you use social media and online public forums. When you use a social media feature within our website or apps, post to social media platforms, or post on a public space or on one of our websites, the social media site may provide us with some information about you.
f. When you book accessible tickets. If you have accessibility requirements, we want to make sure you have the best experience when attending events. To do this, we need to collect details of your requirements. We only do this once, with your requirements then on record for the next time you come back to purchase an accessible ticket.
g. When you sell a ticket on Livepass Asia. As we are transferring money to you, we need to collect information such as a valid ID as part of our Know Your Customer (KYC) requirements. Once your identity has been verified, we securely delete this information. We may also collect information from you when you use our services as a seller, including additional identification data such as tax identification numbers.
h. Geodemographic data. We might collect or use suppliers such as advertising and marketing partners who collate geodemographic data such as age range, gender, or information about events you like or products you buy, which assists us in better personalising our services to you. If you’d prefer that we do not do this, see Clause 10 on ‘YOUR PRIVACY RIGHTS AND CHOICES’ below.
i. Fan images and CCTV. When attending an event at a venue or festival we collect your image and likeness. This might be through CCTV cameras or videographers, photographers on-site. This is primarily collected for the safety and security of our fans; however, we sometimes use these images in our marketing or social media posts. If you wish to object to images being used for marketing, see Clause 10 on ‘YOUR PRIVACY RIGHTS AND CHOICES’ below.
j. Onsite safeguarding when attending an event. To provide a safe and secure event site we may process personal information to be able to enforce appropriate access management, confirm a person’s purpose for being onsite, or for any issues that may arise. As part of our safeguarding policies and procedures, we process personal information about incidents and visitor well-being.
k. Information used for health/ safety purposes. We may collect information from ticket purchasers and attendees for compliance purposes related to infectious disease to the extent required under applicable law. This information may include names, contact details, seat locations, along with entry and exit times.
6.3 We and our service providers use personal information for the following legal grounds and/or purposes:
a. For the performance of our contract with you.
When you make purchases. We use your information when you enter a contract or transaction with us (for example to buy merchandise or a ticket) so we can process your order, assign to you a dynamic quick response code, send you customer service emails including booking confirmations and event reminders, take payment, and to provide you with customer support.
Event Partner(s). To share with Event Partner(s) (artist, promoter, record label or venue) who provide services for the event such as the Promoter or Venue to enable them to run the event, allocate seating or notify you if there has been a change to the event or provide important event information.
Presale. Some of our events have user specific and/or user presale. If you enter, we process your data to profile you to limit fraudulent ticket purchases. If you are rejected and/or unable to qualify for such presales, it won’t stop you from purchasing tickets at a later date.
Contest, Competitions and Referrals. We may use your information to confirm your registration for an event or contest. You may give us your friend's information, for example via our referral service to tell a friend about our Platform and/or Services or to purchase a gift card. We will only use your friend's information to provide services you requested. Your friend may contact us to ask us to delete their information.
b. For our legitimate business interest.
Marketing. To contact you with information or offers regarding upcoming events, products or services (applicable to markets that rely on legitimate interest) this may be via email, via push and web notifications, via SMS, or social media platforms. You can change your marketing preferences at any time, see Clause 10 on ‘YOUR PRIVACY RIGHTS AND CHOICES’ below.
Advertising & cookies. To deliver tailored advertising and marketing communications on our websites and apps depending on your market.
Market research & fan feedback. To conduct market research and analysis which helps improve and customise our products and services and to contact you with satisfaction surveys, or to participate in user research (such as focus groups). We include an unsubscribe option for this kind of contact should you no longer wish to receive them.
Personalisation. To make sure our messages and website are relevant to you (depending on your market). For example, when you ‘favourite’ certain artists and genres, purchase tickets, attend shows with friends and sign up for presales, we will inform you about similar events we think you might be interested in. We create a user profile with the information we have and how you use our services. By turning personalisation off you won’t get any personal recommendations and any newsletters you’ve subscribed to will be generic (although if you’ve asked to receive alerts about specific artists or venues, you’ll still receive these).
We will still perform profiling activities where we need to so we can deliver our services to you, for example for fraud screening purposes and for the purposes of facilitating any presale.
c. For our overriding legitimate business interests.
To prevent or detect unlawful behaviour, to protect or enforce our legal rights or as otherwise permitted by law. For example, making sure tickets get into the hands of real fans. As such, we may use your information to prevent ticket touting, misuse of our intellectual property (e.g. our or our Event Partner's brands), fraud, or other crimes.
Event security. To protect our fans and ensure the security of our and our Event Partners’ operations.
d. Where you’ve given your consent.
Marketing. To contact you with information or offers regarding upcoming events, products or services (applicable to markets that rely on consent) – this may be via email, push and web notifications, SMS, or social media platforms. You can change your marketing preferences at any time, see Clause 10 on ‘YOUR PRIVACY RIGHTS AND CHOICES’ below.
Location-based services. For example, our apps request location permission for functions like browsing events near your location and receiving push notifications about them or seeing yourself on the map at an event.
Advertising & cookies. To deliver tailored advertising and marketing communications on our websites and apps, depending on your market.
Accessibility. To process your health data to meet your accessibility requirements, where specifically required and explicit consent is provided.
Commercial Partners. We sometimes work with Commercial Partners who we share data with. These are third party data controllers that we work with to provide additional value-add services, such as our travel packages, sponsors or exclusive presale deals. In some circumstances, where sharing is not necessary for us to perform the contract, you have requested, we will request your permission.
d. To protect your vital interests.
Health and Safety. Any information collected by us or our third-party partners in compliance with applicable health and safety requirements will only be used to contact attendees or shared with relevant local, government officials. This information is regularly deleted.
7. WE PROCESS AND USE AGGREGATED, ANONYMISED AND DE-IDENTIFIED DATA
7.1 We may also create, process, collect, use, and share aggregated, anonymised, coded or de-identified data such as statistical or demographic data for any purpose which may be derived from your personal data. We may use this data to comply with legal or regulatory obligations. For the purposes of this clause 7.1, “de-identified” means the identity of the individuals is not known to and ensure data is not traceable by the receiving party, its employees, agent and contractor associated with the Platform and/or Services (hereinafter referred to as the “Personnel”); and “coded” means that a number, letter, symbol, or combination thereof (i.e. the code) has replaced identifying individual information (such as name or national registered identification number) that would enable the Personnel to ensure that data is not traceable to the identity of the individual to whom the data belongs to. The data is provided to the Personnel without identifiers and we have established policies and procedures in place to prevent the release of the individuals’ personal information.
7.2 We may share your data with members of our group, service providers and our key partners. Some of these third parties may be in a jurisdiction not covered by the laws stated in this Policy, in which case we will take all necessary steps to ensure that your personal information is treated securely and that such transfers are permitted under the applicable data protection laws.
7.3 We may also use any or all of the personal information above to administer and manage our business in general, to detect and prevent misuse of our Services (including fraud and unauthorised payments), and to enforce our Terms of Service or any other contract to which we may be a party to.
8. WE MAY SHARE YOUR PERSONAL INFORMATION WITH THIRD PARTIES
8.1 We may have to share your personal data with a selected and trusted group of third party/ parties to fulfil our obligations under our contract with you, to meet government, regulatory and law enforcement requests, and to continue providing you with the Services. We will only disclose your personal information to third party service providers under strict terms of confidentiality. We do not allow our third-party service providers to use your personal data and information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions and any applicable data protection laws.
8.2 We may have to share or transfer your personal information in the specific circumstances listed below:
a. Livepass Asia Companies. Within the Livepass Asia group and associated family of companies who provide service for us such as marketing, profiling, reporting and technical and product support.
b. Third parties who perform services on our behalf. Our third-party service providers such as cloud computing providers who provide the IT infrastructure on which our products and systems are built, or outsourced customer service agents who support fan experience. Some of these third parties may be located outside of your jurisdiction.
c. Event Partner(s). Event Partner(s) are the entities we work with to put on the event, such as the promoter, the venue or the artist. We share your information with our Event Partners so that they can run the event and for other reasons described in their privacy policies. In some cases we will name the Event Partners when you purchase a ticket so you know who will receive your data, and you will be given the option to subscribe to receiving marketing from them (depending on your market).
d. Selling your ticket on Livepass Asia. If you buy or sell tickets on our platform, we may disclose your information to the buyer or seller (as applicable) for order fulfilment purposes – meaning that you get the ticket you’ve bought, or paid for the ticket you’ve sold.
e. Third party products. If you have bought any goods and services fulfilled by third parties (e.g. ticket insurance or merchandise), we’ll share data with them so that they can process and fulfil your orders.
f. Commercial Partners. These are third parties we work with to provide additional value-add services. As the Commercial Partners we work with varies between services, we use just-in-time information to let you know when data will be shared with them and that it will be processed in accordance with their privacy notice.
g. Disclosure under law. We may share information to respond to a court order or subpoena. We may also share information if a government agency or investigatory body here permitted or required by law. Or, we may share information when we are investigating potential fraud.
h. Successors. We may share information with any successor to all or part of our business. For example, if part of our business is sold we may give our customer list as part of that transaction.
We may share your information for reasons not specify and/or described in this Policy. We will inform you before we do this.
9. LINKS TO THIRD-PARTY WEBSITES
9.2 We specifically recommend that you, as a user (under this Policy) visit, familiarise, understand the privacy policies of such entities, as they are our partners in providing services under the facilities to you. However, even if not done as mandated herein, you undertake that you as the user accept their terms and conditions, their individual privacy policies, cookies policies, as third-party service providers to us.
10. YOUR PRIVACY RIGHTS AND CHOICES
10.1 Where you have given us your consent (applicable to our markets that rely on consent), you can withdraw it by doing the following:
a. To stop receiving our marketing you can change your preferences within your account, follow the unsubscribe instructions in any of the emails we send you or contact us and we will do it for you.
c. To opt out of location tracking and push notifications, you can change the settings on your device or keep your location off. To stop web push notifications, you will need to use your browser settings.
10.2 Where we have relied on a legitimate interest (applicable to our markets that rely on consent), you can object to it by doing the following:
a. To object to receiving our marketing you can change your preferences within your account, follow the unsubscribe instructions in any of the emails we send you or contact us and we will do it for you.
b. To object to personalisation you can change your preferences within your account. If this option is not available, you can contact us and we will do it for you.
c. To object to being contacted as part of fan feedback, you can unsubscribe through the mechanisms in the messages to you or contact us and we will do it for you.
10.3 As a global company, our fans are located all over the world, depending on your market there are specific laws and regulations around privacy rights such as the GDPR in Europe, LGPD in Brazil and CCPA in United States. The below rights may be applicable in your market.
Global Rights (excluding United States):
a. The right to request that your information be deleted, otherwise known as erasure or restricted from further use. The right to delete or erase your account cannot be made where you have a ticket or transaction for a future event even if you have printed or received these tickets so once the event has passed then this request can be exercised. A deletion of your account will result in loss of access to any digital assets (i.e. NFTs) that you may own.
b. The right to request a copy of the information we hold about you, also known as right of access.
c. The right to correct, amend or update information you have given us (where you have an account with us you can also do this by logging in and updating your information).
d. The right to contest any automated decision we make about you. An automated decision is a decision taken without any human intervention which has legal consequences (e.g. credit checking). We don’t typically carry out automated decision making but, if we do, we will make it clear where such decisions are being made
United States Rights:
a. Disclosure. You have the right to request a report showing the personal information collected, shared, and sold about you.
b. TDeletion. You have the right to request that we delete any personal information collected from or about you.
c. Correction. You have the right to request that we correct inaccurate personal information collected from or about you.
d. Opt-Out of Sale/Processing. You have the right to opt out of the sale of your personal information. You also have the right to opt out of the processing of your data for targeted advertising or profiling purposes.
e. Non-Discrimination. We shall not discriminate against you based on your exercise of any of the above rights.
a. Under and in accordance with the provisions of the Personal Data Protection Act 2010 (hereinafter referred to as the “PDPA”) and the Code of Practice approved and issued under the PDPA, you may:
i. check whether we hold data about you and of access to such data;
ii. request that we correct any data relating to you which is inaccurate;
iii. request clarification on our policies and practices in relation to data and to be informed of the kind of personal data held us;
iv. to request to be informed which items of data are routinely disclosed to third parties.
b. In accordance with the terms of the PDPA, we have the right to charge a fee for the processing of any data access request.
c. You can request for access to data, correction of data and types of data held by us. You will be asked to complete a data access/correction form and a fee is chargeable as provided in PDPA.
d. If you do not want us to further disclose your data to any member of Livepass Asia or third parties for the purposes of cross-selling and/or if you do not want to be contacted by us or the said third parties for the sale or promotion of any products or services, you may contact us to unsubscribe or click on the “unsubscribe” link at the end of the e-mail communication received. Your request to be removed from our marketing mailing list may take up to 30 days to be effective. Please note that in order to keep you updated on important messages, we will still send you selected notices even though you have unsubscribed.
10.4 If you have any queries relating to this policy or wish to exercise any of the rights set out above or any other laws concerning your personal information (in so far as same is applicable), please contact us at email@example.com in the first instance, so that we may resolve your query, feedback or complaint amicably. We may also need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This security measure is to ensure that your personal information is not disclosed to any person who has no right to receive it.
11. SECURITY PRECAUTIONS AND MEASURES EXERCISED BY US FOR PROTECTION OF YOUR PERSONAL INFORMATION DATA.
11.1 Your personal information is contained behind secured networks and is only accessible by a limited number of individuals who have special access rights to such systems and are required to keep the information confidential.
11.2 You acknowledge that the internet is an open system and Livepass cannot and does not warrant or guarantee that your personal information will not be intercepted by unauthorised third parties. Livepass disclaims any liability for interception of any personal information, electronic communications and/or data breach and your continue usage and/or access to our Platform and/or Services constitutes your entire agreement and/or acknowledgement that you hereby waive and hold Livepass Asia harmless against any such losses and/or damages suffered by you.
11.3 Please note that no transmission over the Internet or any method of electronic storage can be guaranteed to be absolutely secure. However, our best endeavours will be made to secure data and the ability to access your personal data.
11.4 Without prejudice to our efforts on protection of your data, nothing contained in this Policy constitutes a warranty of security of the facilities, and you agree to transmit personal data at your own risk.
11.5 Please note, that we do not guarantee that your personal data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
11.6 Please always check that any site on which you are asked for financial or payment information in relation to our reservations or services is in fact legitimately owned or operated by us. The risk of impersonating hackers exists and should be taken into account when using our Platform and/or Services.
11.7 If you do receive any suspicious communication of any kind or request, do not provide your information and report it us by contacting us at
11.8 Since we cannot guarantee against any loss, misuse, unauthorised acquisition, or alteration of your personal data, please accept that you play a vital role in protecting your own personal data, including the adoption of sufficient safety measures such as your choosing of an appropriate password (where applicable) of sufficient length and complexity and to not reveal this password to any third-parties.
11.9 Furthermore, we cannot ensure and do not warrant the security or confidentiality of data transmitted to us, or sent and received from us by Internet or wireless connection, including: email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us at firstname.lastname@example.org.
11.10 Please note that should your personal data be breached, and the security of your rights be at high risk, we shall notify the supervisory authority in your jurisdiction and promptly and immediately communicate to you the nature of the breach which has taken place, the likely consequences of such a breach and shall describe thoroughly the measures we have implemented to address the breach and to mitigate any and all adverse effects to you and your rights. In the unlikely event of a breach occurring, please reach out to us at email@example.com for further information and for further advise on how to mitigate the potential adverse effects of such a breach.
11.11 We also aim to conduct all applicable security risk assessments including data protection impact assessment to ensure the availability of risk mitigation controls, to better safeguard the integrity of user data.
12. DATA RETENTION PERIOD
12.1 We only keep your information for as long as required to provide you with the services you request, for the purposes outlined in this Policy. Our retention rules are dependent on whether the information is necessary to provide the product or service, what consents have been provided around the use of personal information and what statutory, contractual, or other legal obligations do we have to retain personal information. We will securely delete your information when it is no longer required for these purposes, in line with our company policies.
12.2 Sometimes business and legal requirements oblige us to retain certain information, for specific purposes. When we do so, we will take your explicit consent for the same. Reasons we might retain some data for longer periods of time include but not limited to:
a. Security, fraud and abuse prevention;
b. Financial record-keeping;
d. Complying with legal or regulatory requirements; and
e. Ensuring the continuity of our services at our Platform
13.3 Information collected from cookies is used by us to enhance your user experience, provide our Services and evaluate the effectiveness of our Platform and/or Services and analyse trends. The information collected from cookies allows us to determine such things as which parts of the Platform and/or Services are most visited and the difficulties our users may experience in accessing the Platform and/or Services. With this knowledge, we can improve the quality of your experience on the Platform and/or Services by recognising and delivering more of the most desired features and information, as well as by resolving access difficulties.
13.4 If you want to avoid using cookies altogether, you can disable cookies in your browser. However, disabling cookies might make it impossible for you to use certain features of the Platform and/or Services. Your use of the Platform and/or Services with a browser that is configured to accept cookies constitutes acceptance of our and third-parties’ cookies.
14.1 In the case of abuse or breach of security, we are not responsible for any breach of security or for any actions of any third parties which receive the information illegally.
14.2 We will not distribute customer information to be used in mailing lists, surveys, or any other purpose other than what is required to perform our services.
14.3 If you choose to restrict the collection or use of your confidential and personal information, please exit our Platform and/or Services.
14.4 In case of discrepancies between the English version and other versions of this Policy, the English version shall apply and prevail.
15. CONTACT US
If you have any questions, comments, concerns about the above, or our approach to your privacy, you may contact us by emailing to the following email address: firstname.lastname@example.org. We use the data that you provide in an email to us, which you may give voluntarily, only to answer your questions or to reply to your email in the best possible manner.