Privacy Policy
Revised and effective February 1st, 2024
Download | REGIONAL SUPPLEMENTS
This is the Privacy Policy of AXS Group LLC, a Delaware limited liability company, and its subsidiaries listed below (collectively, “AXS”). We take your privacy seriously and we know you do too. This Privacy Policy (“Policy”) describes how we collect, process, and share Personal Data, your rights & choices, and other important information about how we handle your Personal Data. Please note: We have separate privacy policies for our subsidiaries operating in the UK, Sweden, and Japan.
KEY POINTS
- AXS is a leader in providing ticketing and marketing services for live sports and entertainment events.
- AXS processes Personal Data to deliver services to you and to ensure that you have the best possible entertainment experience. Learn More.
- We use Personal Data for various business purposes (e.g. to improve our products and services, personalize your experience across your interactions with us, and to help you discover the best in entertainment). Learn More.
- We use Personal Data for commercial purposes, such as marketing and advertising. As part of these activities, and as described in this Policy, we may receive information from third parties, disclose information to third party partners and vendors, and may engage in “sales” or “sharing” of your data (as defined under applicable law). Learn More and Learn How to Opt-Out.
- You have rights and choices with respect to how we collect and use your Personal Data. Learn more about your Rights & Choices.
- We provide additional Information for specific regions: California/US States and Australia/New Zealand. We also have separate privacy policies for the UK, Sweden, and Japan.
- A separate privacy policy applies if you are an applicant, employee, former employee, independent contractor, or otherwise have Personal Data within our HR systems (available here).
- You can contact us at any time if you have questions. Learn More.
This Policy applies to your use of our “Services,”which include the following:
- AXS.com, the AXS Marketplace, and any other websites or services where we link to/post this Privacy Policy (including any subdomains or mobile versions, the “Site(s)”);
- our mobile applications (the “Mobile App(s)”);
- call centers from which tickets may be purchased; and
- automated ticket kiosks and other web-enabled technology.
Our current subsidiaries subject to this Privacy Policy include the following:
- AXS Group LLC
- AXS Group Canada
- AXS Australia Group PTY LTD
- AXS New Zealand Group LTD
The controller of your Personal Data under this Policy is AXS Group LLC, or the party specified in “REGIONAL SUPPLEMENTS” below. You may contact our Data Privacy Team as follows (for our address and contact details in other regions, please see the REGIONAL SUPPLEMENTS):
General Inquiries: | [email protected] |
---|---|
Data Protection Officer: | [email protected] |
Opt-Out of Data Sales or Sharing; Limit uses of Sensitive Personal Data: |
visit the AXS Privacy Request Portal, or email us at [email protected]. |
Regional Data Rights: | visit the AXS Privacy Request Portal, or email us at [email protected]. |
Direct Marketing Disclosure Inquiries: | send us mail to the mailing address below or email [email protected]. |
Physical Address (US): |
AXS Group LLC 110 East 9th Street, Suite B800 Los Angeles, CA 90079 Attn: Legal Department |
For additional mailing addresses for AXS subsidiaries, see the “Regional Supplements” section below.
The following describes how we process data relating to identified or identifiable individuals and households (“Personal Data”).
Categories of Personal Data We Process
The categories of Personal Data we process may include:
Audio/Visual Data - Recordings and images collected from audio files and records, such as voicemails, call recordings, photographs, and the like.
Transaction Data - Information about the Services we provide to you and about transactions you make with us or other companies for events and services and similar information via our Services, e.g. event name, date and location, artist, payment method/type, price, ticket or seat type, and the like.
Contact Data - Identity Data we can use to contact you, such as email and physical addresses, phone numbers, social media or communications platform usernames/handles.
Device / Network Data - Browsing history, search history, and information regarding your interaction with a website, application, or advertisement (e.g. IP Address, MAC Address, SSIDs, application ID/AdID/IDFA, session navigation history and similar browsing metadata, and other data generated through applications and browsers, including cookies and similar technologies or other device identifiers or persistent identifiers), online user ID, device characteristics (such as browser/OS version), web server logs, application logs, first party cookies, third party cookies, web beacons, clear gifs and pixel tags.
Identity Data - Information such as your name; address; email address; telephone number; gender; date of birth, age and/or age range; account login details, e.g. username and password, avatar, or other account handles/usernames; ticket/RFID identifiers; license plates.
Preference Data - Personal Data generated reflecting your preferences, characteristics, predispositions, behavior, demographics, household characteristics, market segments, likes, favorites and other data or analytics.
General Location Data - Non-precise location data, e.g. location information derived from social media tags/posts, or areas of events and venues you visited.
Sensitive Personal Data - Personal Data deemed “sensitive” under California or other laws, such as social security, driver’s license, state identification card, or passport number; account log-in and password, financial account, debit card, or credit card number; precise location data; racial or ethnic origin, religious or philosophical beliefs, etc. We collect the following categories of Sensitive Personal Data:
- “Government ID Data” - Data relating to official government identification, such as driver’s license or passport numbers, including similar Identity Data protected as Sensitive Data under applicable law.
- “Payment Data” - Data that includes financial account log‐in information, or financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to such financial account, including similar data protected as Sensitive Data under applicable law.
- “Precise Location Data” - Data from GPS, WiFi triangulation, certain localized Bluetooth beacons, or technologies used to locate you at a precise location and time.
- “Race or Ethnic Origin” - Data relating to your race, ethnic, or national origin.
See your Rights & Choices to limit processing of Sensitive Personal Data
User Content - Unstructured/free-form data that may include any category of Personal Data, e.g. data that you give us in free text fields such as comment boxes.
Sources of Personal Data We Process
We collect Personal Data from various sources, which include:
Data you provide us - We receive Personal Data when you provide them to us, when you purchase our products or services, complete a transaction via our Services, or when you otherwise use our Services.
Data we collect automatically - We collect Personal Data about or generated by any device used to access our Services.
Service Providers - We receive Personal Data from third party service providers who collect Personal Data when performing services on our behalf (e.g. AXS Marketplace).
Event partners - We collaborate with various entities to put on events, which may include promoters, artists, sports teams or leagues, venues, and other parties (collectively, “Event Partners”). If you purchase products and services through our Services that may be fulfilled by an Event Partner, we may receive certain Personal Data (e.g. Transaction Data) from that Event Partner in connection with the fulfilment of those products and services.
Aggregators and advertisers - We may receive Personal Data from ad networks, data brokers, Targeted Advertising vendors, market research, and social media companies or similar companies who provide us with additional Personal Data, e.g. Preference Data in relation to Targeted Advertising and Profiles (where permitted by law).
Social media & other companies - We receive Personal Data from social media and other companies when you use third-party single sign on, or interact with that social media or other company on or in connection with our Services.
Data we create or infer - We, certain partners, social media companies, and third parties operating on our behalf, create and infer Personal Data such as Preference Data or Aggregate Data based on our observations or analysis of other Personal Data processed under this Policy, and we may correlate this data with other data we process about you.
Account registration
We process Identity Data, Preference Data, and Contact Data when you register and create an account for our Services. We process Payment Data if you associate payment information with that account.
We use this Personal Data to create and maintain your account, to provide the products and services you request, and for our Business Purposes. We may process Identity Data, Preference Data, and Contact Data for Commercial Purposes (which may include data sales/sharing). We do not sell or “share” Payment Data or use it for Business Purposes not permitted under applicable law.
Sensitive Personal Information. We may also process Payment Data if you choose, for example, to store Payment Data for future purchases.
Data Retention | Regional Data Rights
Purchases and transactions
We process Transaction Data, Identity Data, Payment Data, Preference Data, and Contact Data when you complete a purchase or sale transaction. We do not permanently store your Payment Data, except at your request. In certain cases, Preference Data may reveal Race or Ethnic Origin (see “Profiles” for more information). If you elect to receive tickets via SMS, we may process Contact Data in order to deliver your tickets via SMS.
We process this Personal Data as necessary to perform or initiate a transaction with you, process your order, payment, or refund, carry out fulfillment and delivery, document transactions, and for our Business Purposes.
We may process Identity Data, Transaction Data, Contact Data, Race or Ethnic Origin, and Device/Network Data for Commercial Purposes(which may include data sales/sharing). We do not sell or “share” Payment Data or process it for Business Purposes not permitted under applicable law. We do not share Contact Data collected as part of SMS ticket delivery with third parties for their own marketing or Commercial Purposes unless you elect to receive such SMS communications from those third parties.
Third party businesses/controllers may receive your information. Third Party data controllers/businesses (such as Event Partners) provide many products and services related to your purchase through our Services. We may disclose Identity Data, Transaction Data, Contact Data, and Device/Network Data to those third parties to facilitate your purchase. You may also direct us to disclose this data to or interact with these third parties as part of your purchase (which does not involve a sale by AXS.) For example, when you enter into a transaction for a ticket to a National Hockey League event, you direct us to share your Identity Data, Contact Data, and Commercial Data relating to the ticket purchase with NHL Interactive CyberEnterprises, LLC, and its affiliates, including NHL Enterprises, L.P., NHL Enterprises Canada, L.P., and the National Hockey League ("NHL"). We share this with the NHL so that they can conduct analysis to better understand NHL fans and fan engagement across the NHL, including its member clubs. NHL may also use and share insights to enable the NHL, including its member clubs, to customize and improve their services, advertising and communications, as further set forth in the NHL Privacy Policy.
Data Retention | Regional Data Rights
RFID products and digital tickets
We process Identity Data, Transaction Data, Payment Data, Preference Data, General Location Data, and Contact Data when you use digital ticketing or RFID technologies at an event. See above for information collected in connection with original Ticket Purchases.
We process Identity Data, Transaction Data, Payment Data, Preference Data, General Location Data, and Contact Data to authenticate your access to an event, complete a transaction you request, for our Business Purposes, and our other legitimate interests, including:
- verifying your identity for authentication and security purposes;
- helping us to ensure ticket purchasers are genuine and to prevent fraud;
- managing access to specific areas of events; and
- to create market research and statistical analysis of guest engagement, movement, or other matters.
We may process Identity Data, Transaction Data, Preference Data, General Location Data, and Contact Data for our Commercial Purposes (which may include data sales/sharing). We do not sell or “share” Payment Data or process it for Business Purposes not permitted under applicable law.
Data Retention | Regional Data Rights
Marketing communications
We process Device/Network Data, Contact Data, Identity Data, and Preference Data in connection with marketing emails, SMS, push notifications, telemarketing, or similar communications, and when you open or interact with those communications (“Marketing Communications”). You may receive Marketing Communications if you consent and, in some jurisdictions, as a result of account registration or a purchase. In some cases, Preference Data may reveal Race or Ethnic Origin (see “Profiles” for more information). We may also collect Precise Location Data in order to deliver relevant communications in our Mobile App (see “Mobile Apps” for more information).
We process this Personal Data to contact you about relevant products or services and for our Business Purposes. We may use Device/Network Data, Contact Data, Identity Data, and Preference Data for our Commercial Purposes (which may include data sales/sharing). We also process Race or Ethnic Origin Data and Precise Location Data to personalize Marketing Communications as permitted by applicable law, but we do not process this data for Targeted Advertising, or where users have opted out or not provided necessary consents. We do not sell or “Share” Race or Ethnic Origin Data and Precise Location Data or process it for Business Purposes not permitted under applicable law. See your Rights & Choices to limit processing of Precise Location Data or Race or Ethnic Origin Data.
We do not share Contact Data collected as part of SMS marketing campaigns with third parties for their own marketing or Commercial Purposes unless you elect to receive such SMS communications from those third parties.
Data Retention | Regional Data Rights
Digital Services
Generally
We process Device/Network Data, Contact Data, Identity Data, General Location Data, and Preference Data. You may also be able to complete purchases, register for an account, or enroll in Marketing Communications through our Services.
We use this Personal Data as necessary to operate our Services, such as keeping you logged in, delivering pages, etc., for our Business Purposes, and our other legitimate interests, such as:
- ensuring the security of our websites, mobile applications and other technology systems; and
- analyzing the use of our Services, including navigation patterns, clicks, etc. to help understand and make improvements to the Services.
We may process this Personal Data for our Commercial Purposes (which may include data sales or “sharing.”)
Data Retention | Regional Data Rights
Mobile Apps
If you use our Mobile Apps, we may process Identity Data, Device/Network Data, Preference Data, General Location Data, and, with your consent, Precise Location Data.
We process this Personal Data to provide our Mobile Apps, for our Business Purposes, and our other legitimate interests, such as:
- to optimize the display and functionality of the Mobile App on your device;
- determine your location within a certain area (e.g. near an event where you have a ticket);
- provide directions and contextual information to you at your request (e.g. information about venues where events are held);
- deliver features that require the use of Precise Location Data; and
- creating aggregate information about users’ location and patterns, which we use to help improve our Services.
We may process Identity Data, Device/Network Data, Preference Data, and General Location Data for our Commercial Purposes (which may include data sales/sharing). If you opt in to the collection of Precise Location Data, we also process Precise Location Data for Marketing Communications, such as in-app notifications about offers from us or our partners when you are present at an event. We do not sell or “share” Precise Location Data or process it for Business Purposes not permitted under applicable law. You have the right to limit our use of Precise Location Data by withdrawing consent to or disabling the collection of Precise Location Data through your mobile device’s settings menu.
Data Retention | Regional Data Rights
Cookies and other tracking technologies
We process Identity Data, Device/Network Data, Contact Data, Preference Data, General Location Data, and other non-Personal Data in connection with our use of cookies and similar technologies on our Services. We may collect this data automatically.
We and authorized third parties may use cookies and similar technologies for the following purposes:
- for “essential” purposes necessary for our Services to operate (such as maintaining user sessions, CDNs, and the like);
- for “functional” purposes, such as to enable certain features of our Services (for example, to allow a customer to maintain an online shopping cart);
- for “analytics” purposes and to improve our Services, such as to analyze the traffic to and on our Services (for example, we can count how many people have looked at a specific page, or see how visitors move around the website when they use it, to distinguish unique visits/visitors to our Services, and what website they visited prior to visiting our website, and use this information to understand user behaviors and improve the design and functionality of the website);
- for “retargeting,” Targeted Advertising, or other advertising and marketing purposes, including technologies that process Preference Data or other data so that we can deliver, buy, or target advertisements which are more likely to be of interest to you;
- for “social media” e.g. via third-party social media cookies, or when you share information using a social media sharing button or “like” button on our Services or you link your account or engage with our content on or through a social networking website such as Facebook or Twitter.
We may also process this Personal Data for our Business Purposes and Commercial Purposes (which may include data sales/sharing). See your Rights & Choices for information regarding opt-out rights for cookies and similar technologies.
Third parties may view, edit, or set their own cookies or place web beacons on our websites. We, or third party providers, may be able to use these technologies to identify you across platforms, devices, sites, and services. Third parties may engage in Targeted Advertising using this data. Social Media companies and third parties engaged in Targeted Advertising are third party controllers and may have their own privacy policies and their processing is not subject to this Policy.
Data Retention | Regional Data Rights
Contests and promotions
We may collect and process Identity Data, Preference Data, certain Contact Data, and User Content when you enter a contest/sweepstakes or take part in a promotion. If you are a winner of a contest, sweepstakes, or certain other promotions, we may (where permitted by law) collect Government ID Data.
We process this Personal Data as necessary to provide the contest/promotion, notify you if you have won, or to process delivery of a prize, for our Business Purposes, and other legitimate interests, such as:
- verifying your identity for authentication, anti-fraud, and security purposes (in which case we may process Government ID Data to complete verification);
- to improve our Services and to create a personalized user experience; and
- to contact you about relevant products or services, and in connection with Marketing Communications and Targeted Advertising.
If you win a special promotion (e.g., a sweepstakes), your acceptance of a prize may allow us to make certain Personal Information public, e.g. posting your first name and last initial, hometown and/or state on a winner’s list (or making physical copies of the winner’s list available, upon request or as required by law). See the special program agreement(s) for additional details and terms.
We may process Identity Data, Contact Data, and User Content information for our Commercial Purposes (which may include data sales/sharing). We do not sell, “share,” or process Government ID Data for any Commercial Purposes or any Business Purposes not permitted under applicable law.
Data Retention | Regional Data Rights
Contact us; support
We collect and process Identity Data, Contact Data, and User Content when you contact us, e.g. through a contact us form, or for support. If you call us via phone, we may collect Audio/Visual data from the call recording.
We process this Personal Data to respond to your request, and communicate with you, as appropriate, and for our Business Purposes. If you consent or if permitted by law, we may use Identity Data and Contact Data to send you Marketing Communications and for our Commercial Purposes (which may include data sales/sharing).
Data Retention | Regional Data Rights
Employees and contractors are subject to separate privacy notices. If you are an applicant, employee, independent contractor engaged by AXS, former employee/independent contractor, or beneficiary, your Personal Data is subject to the HR Privacy Notice.
Posts and social media
We process Identity Data, Preference Data, Contact Data, and User Content you post (e.g. comments, forum and social media posts, etc.) on our Services. We also process Identity Data, Contact Data, and User Content if you interact with or identify us, or relevant Event Partners on social media platforms (e.g. if you post User Content that engages with or tags our official accounts.)
We process this Personal Data for our Business Purposes, and Commercial Purposes (which may include data sales/sharing).
Posts may be public, or reposted on our Services. Content you provide may be publicly-available when you post it on our Services, or in some cases, if you reference, engage, or tag our official accounts.
Data Retention | Regional Data Rights
Feedback and surveys
We process Identity Data, Contact Data, Preference Data, and User Content collected in connection with guest surveys or questionnaires.
We process this Personal Data as necessary to respond to guest requests/concerns, for our Business Purposes, and other legitimate interests, such as analyzing guest satisfaction and to allow our third-party partners to communicate with guests.
We may process this Personal Data for our Commercial Purposes (which may include data sales/sharing). We may share Feedback/Survey data relating to third party partners with those partners, who may use it for their own purposes.
Data Retention | Regional Data Rights
Business Purposes
We and our Service Providers process Personal Data we hold for numerous business purposes, depending on the context of collection, your Rights & Choices, and our legitimate interests. We and our Service Providers generally process Personal Data for the following “Business Purposes.”
Service Delivery
We process Personal Data as necessary to provide our Services and the products and services you purchase or request. For example, we process Personal Data to authenticate users and their rights to access the Services, events, or venues, as otherwise necessary to fulfill our contractual obligations to you, provide you with the information, features, and services you request, and create relevant documentation.
Internal Processing and Service Improvement
We may use any Personal Data we process through our Services as necessary in connection with our legitimate interests in improving the design of our Service, understanding how our Services are used or function, for customer service purposes, for internal research, technical or feature development, to track use of our Service, QA and debugging, audits, and similar purposes.
Security and Incident Detection
We may process Personal Data in connection with our legitimate interest in ensuring that our Services are secure, identify and prevent crime, prevent fraud, and verify or authenticate users/individuals, and ensure the safety of our guests. Similarly, we process Personal Data on our Services as necessary to detect security incidents, protect against, and respond to malicious, deceptive, fraudulent, or illegal activity. We may analyze network traffic, device patterns, and characteristics, maintain and analyze logs and process similar Personal Data in connection with our information security activities.
Contextual Advertising
We may display contextual advertising on our Services. In which case, we may customize such advertisement using data processed based on your current interaction with the Service (e.g. time, general location). We may also document and audit ad impressions and related data relating to the delivery and display of contextual advertisements.
Personalization
We process certain Personal Data as necessary in connection with our legitimate interest in personalizing our Services. For example, aspects of the Services may change so they are more relevant to you. We may personalize based on Preference Data and your current interactions with the Service using Personal Data we hold about you. We may also personalize based on Profiles, where permitted by law, e.g. by displaying your name and other appearance or display preferences, to display content that you have interacted with in the past, or to display content that we think may be of interest to you based on your interactions with our Digital Services and other content.
Aggregated Data
We process Personal Data in order to identify trends, including to create aggregated and anonymized data about buying and spending habits, use of our Services, and other similar information (“Aggregated Data”). Aggregated Data that does not contain Personal Data is not subject to this Privacy Policy.
Compliance, Health, Safety, Public Interest
We may also process Personal Data as necessary to comply with our legal obligations, such as where you exercise your rights under data protection law, for the establishment and defense of legal claims, where we must comply with requests from government or law enforcement officials, and as may be required to meet national security or law enforcement requirements or prevent illegal activity. We may also process data to protect the vital interests of individuals, or on certain public interest grounds, each to the extent required or permitted under applicable law. Please see the How We Share Personal Data section for more information about how we disclose Personal Data in extraordinary circumstances.
Commercial Purposes
We and certain third parties process Personal Data to further our commercial or economic interests (“Commercial Purposes,”) depending on the context of collection and your Rights & Choices.
Please Note – We may require your consent, or we may not engage in processing of Personal Data for Commercial Purposes in some jurisdictions. See the “REGIONAL SUPPLEMENTS” section below for more information.
Profiles
Entertainment is personal, and we are always working to help you find the best concerts, festivals, sports, and other events for you to enjoy. In order to understand our customers’ preferences, and better recommend products and services that are personalized to our customers, we may create a “Profile” by linking together and analyzing Personal Data processed in the following contexts:
- Account Registration
- Purchases and Transactions
- RFID Products/Digital Tickets
- Our Digital Services
- Contest and promotions
- Contact Us; Support
- Posts & Social Media
- Feedback & Surveys
We may augment Profiles with Personal Data that we receive from Event Partners, affiliates or third parties, e.g. information about Services you have used or purchased previously, events and venues you visited, or locations at those events/venues, or demographic data and data from your publicly-available social media profiles.
In some cases we process Preference Data that reveals Race or Ethnic Origin as part of our Profiles. We typically process this information in relation to marketing for certain events (e.g. cultural or heritage events.) Depending on applicable laws, we may not collect this information, and we may require your consent before collecting it. We will limit the use and disclosure of your Race or Ethnic Origin according to applicable law. See the “Regional Supplements” section below for more information about your rights in Sensitive Data.
We use Profiles for our legitimate interests in market research and statistical analysis in connection with the improvement of our Services. For example, we may analyze the Personal Data of customers who have purchased tickets for a future event, and then compare them with other customers in our database. If we identify other customers in our database who have similar Personal Data to the original purchasers, we may direct marketing about that event to the similar customers. We may conduct the profiling and send the direct marketing emails automatically.
Profiles involve processing that is automated, in whole or in part.
Personalized Marketing Communications
We may personalize Marketing Communications based on your Profile. If consent to Consumer Profiling or Targeted Advertising is required by law, we will seek your consent.
Targeted Advertising
In some jurisdictions, AXS affiliates and certain third parties operating on or through our Services, may engage in advertising targeted to your interests based on Personal Data that we or those third parties obtain or infer from your activities across non-affiliated websites, applications, or services in order to predict your preferences or interests (“Targeted Advertising” or “Sharing”). This form of advertising includes various parties and service providers, including third party data controllers, engaged in the processing of Personal Data in connection with advertising. These parties may be able to identify you across sites, devices, and over time.
The parties that control the processing of Personal Data for Targeted Advertising purposes may create or leverage information derived from Personalization, Profiles, and Marketing Communications. In some cases, these parties may also develop and assess aspects of a Profile about you to determine whether you are a type of person a company wants to advertise to, and determine whether and how ads you see are effective. These third parties may augment your profile with demographic and other Preference Data, and may track whether you view, interact with, or how often you have seen an ad, or whether you purchased advertised goods or services.
We generally use Targeted Advertising for the purpose of marketing our Services and third-party goods and services, and to send Marketing Communications, including by creating custom marketing audiences on third-party websites or social media platforms.
Data Sales
We may engage in “sales” or “sharing” of data as defined by applicable law. For example, we may “sell” certain Personal Data when we engage in marketing campaigns with or on behalf of sponsors, conduct Targeted Advertising or data “sharing,” or we may sell or grant access to Personal Data to our marketing partners, Event Partners, and other advertisers in relation to Targeted Advertising, joint promotions, and other marketing initiatives. See the US Regional Supplement section for a list of categories of Personal Data sold or “shared.”
We may share Personal Data with the following categories of third-party recipients and/or for the following reasons. Note, some parties may be third party controllers who process data subject to their own privacy policy.
Affiliates - we will share your Personal Data with any of our current or future affiliated entities, subsidiaries, and parent companies in order to streamline certain business operations, and in support of our Business Purposes and Commercial Purposes.
Service Providers - We may share your Personal Data with service providers who provide certain services or process data on our behalf in connection with our general business operations, product/service fulfillment and improvements, to enable certain features, and in connection with our (or our Service Providers’) Business Purposes.
Sponsors, Advertisers, and Social Media Platforms - We may share certain Personal Data with social media platforms, advertisers, ad exchanges, data management platforms, or sponsors in support of our Business Purposes and Commercial Purposes. We may allow these third parties to operate on or through our Services. These parties may be third party controllers, and may have their own privacy policies and their processing is not subject to this Policy. We do not share Contact Data collected in connection with SMS marketing or ticket delivery with these parties unless you elect to receive such SMS communications from those third parties.
Public Disclosure - If you use any social media plugin, API, or other similar feature, use an event hashtag or similar link, or otherwise interact with us or our Services via social media, we may make your post available on our Services or to the general public. We may share, rebroadcast, or redisplay Personal Data or other information in the post to the extent permitted by the relevant social media service.
Event Partners - We may share your Personal Data with Event Partners who have engaged us to provide Services on their behalf in connection with the events that are provided or promoted by that third party. You may also direct us to disclose this data to or interact with these third parties as part of attending an event or making a purchase (which does not involve a data sale by us). However, in other cases, these parties may also receive data for our Business Purposes and in connection with Data Sales and Sharing. We do not share Contact Data collected in connection with SMS marketing or ticket delivery with Event Partners unless you elect to receive such SMS communications from those third parties.
Data Aggregators - We may share Personal Data with third party data suppliers in support of our Commercial Purposes and in connection with Data Sales and Sharing. These disclosures/sales can help better personalize our Services, the services of third parties, enrich Profiles, and help ensure that you see advertisements that are more relevant to your interests.
Successors - We may share Personal Data if we go through a business transition, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets. For example, Personal Data may be part of the assets transferred, or may be disclosed (subject to confidentiality restrictions) during the due diligence process for a potential transaction.
Lawful Recipients - In limited circumstances, we may, without notice or your consent, access and disclose your Personal Data, any communications sent or received by you, and any other information that we may have about you to the extent we believe such disclosure is legally required, to prevent or respond to a crime, to investigate violations of our Terms of Use, in the vital interests of us or any person (such as where we reasonably believe the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual or to public health or safety) or in such other circumstances as may be required or permitted by law. These disclosures may be made to governments that do not ensure the same degree of protection of your Personal Data as your home jurisdiction. We may, in our sole discretion (but without any obligation), object to the disclosure of your Personal Data to such parties.
If you are located outside the US, we may transfer or process your Personal Data in the US, UK, European Economic Area (EEA), and other jurisdictions where AXS or our service providers operate. Where required by local law, we ensure your data remains protected in connection with any international transfers. See the “Regional Supplement” section below for more information.
EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework
AXS Group LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. AXS Group LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. AXS Group LLC has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
AXS Group LLC is responsible for the processing of personal data it receives, under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, and subsequently transfers to a third party acting as an agent on its behalf. AXS Group LLC complies with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions.
The Federal Trade Commission has jurisdiction over AXS Group LLC’s compliance with the EU-U.S. DPF and Swiss-U.S. DPF. In certain situations, AXS Group LLC may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, AXS Group LLC and its subsidiary companies commit to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. These dispute resolution services are provided at no cost to you.
For complaints regarding EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2
You may have certain rights and choices regarding the Personal Data we process. Please note, these rights may vary based on the country or state where you reside, and our obligations under applicable law. See the following sections for more information regarding your rights/choices in specific regions:
Your Rights
You may have certain rights and choices regarding the Personal Data we process. See the “Regional Supplement” section below for rights available to you in your jurisdiction. To submit a request, contact our Data Privacy Team. We verify your identity in connection with most requests, as described below.
Verification of Rights Requests
If you submit a request, we typically must verify your identity to ensure that you have the right to make that request, reduce fraud, and to ensure the security of Personal Data. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf.
We may require that you match personal information we have on file in order to adequately verify your identity. If you have an account, we may require that you log into the account to submit the request as part of the verification process. We may not grant access to certain Personal Data to you if prohibited by law.
Your Choices
Marketing Communications
You can withdraw your consent to receive Marketing Communications by clicking on the unsubscribe link in an email (for email), by responding with “opt-out” or other supported unsubscribe message (for SMS), by adjusting the push message settings for our mobile apps using your device operating system (for push notifications), or for other communications, by contacting us using the information below. To opt-out of the collection of information relating to email opens, configure your email so that it does not load images in our emails.
Withdrawing Your Consent/Opt-Out
You may withdraw any consent you have provided at any time. The consequence of you withdrawing consent might be that we cannot perform certain services for you, such as location-based services, personalizing or making relevant certain types of advertising, or other services conditioned on your consent or choice not to opt-out.
Precise Location Data
You may control or limit Precise Location Data that we collect through our Services by changing your preferences in your device’s location services preferences menu, or through your choices regarding the use of Bluetooth, WiFi, and other network interfaces you may use to interact with our Services. Note, we may collect general location data even if you opt out of the collection of Precise Location Data.
Cookies, Similar Technologies, and Targeted Advertising
General - If you do not want information collected through the use of cookies, you can manage/deny cookies (and certain technologies) using your browser’s settings menu or our Cookie Preferences link. You may need to opt out of third-party services directly via the third party. For example, to opt-out of Google’s analytic and marketing services, visit Google Analytics Terms of Use, the Google Policy, or Google Analytics Opt-out.
Targeted Advertising - You may opt out or withdraw your consent to Targeted Advertising by visiting AXS Privacy Request Portal or through our Cookie Preferences link. In some cases, you may be able to opt-out with third parties directly by submitting requests to third party partners, including for the parties listed below
- Facebook Custom Audience Pixel
- Twitter Audience Pixel
- Digital Advertising Alliance’s opt-out
- Network Advertising Initiative opt-out
Global Privacy Control (GPC) - Our Services may support certain automated opt-out controls, such as the Global Privacy Control (“GPC”). GPC is a specification designed to allow Internet users to notify businesses of their privacy preferences, such as opting-out of the sale/sharing of Personal Data. To activate GPC, users must enable a setting or use an extension in the user’s browser or mobile device. Please review your browser or device settings for more information regarding how to enable GPC.
Please note: We may not be able to link GPC requests to your Personal Data in our systems, and as a result, some sales/sharing of your Personal Data may occur even if GPC is active. See the “REGIONAL SUPPLEMENTS” section below for more information regarding other opt-out rights.
Do-Not-Track - Our Services do not respond to your browser’s do-not-track request.
DATA SECURITY
We implement and maintain reasonable security measures to secure your Personal Data from unauthorized processing. While we endeavor to protect our Services and your Personal Data unauthorized access, use, modification and disclosure, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others. When we process information, we may pseudonymize data (i.e. store or use Personal Data using only a non-identifying number) or anonymize data (i.e. store data in a form that is not linked to or reasonably able to identify you personally) in order to protect your Personal Data during processing.
Our Services are neither directed at nor intended for use by persons under the age of 13 in the US, or under the age of 13 to 16 in the EEA, UK, Switzerland, Cayman Islands, or 15/16 in Australia and New Zealand. Further, we do not knowingly collect Personal Data from minors. If we learn that we have inadvertently done so, we will promptly delete it. Do not access or use the Services if you are not of the age of majority in your jurisdiction unless you have the consent of your parent or guardian.
We retain Personal Data for so long as it is reasonably necessary to achieve the relevant processing purposes described in this Privacy Policy, or for so long as is required by law. What is necessary may vary depending on the context and purpose of processing. We generally consider the following factors when we determine how long to retain data (without limitation):
- Retention periods established under applicable law;
- Industry best practices;
- Whether the purpose of processing is reasonably likely to justify further processing;
- Risks to individual privacy in continued processing;
- Applicable data protection impact assessments;
- IT systems design considerations/limitations; and
- The costs associated continued processing, retention, and deletion.
We will review retention periods periodically and may pseudonymize or anonymize data held for longer periods.
THIRD PARTY WEBSITES AND MOBILE APPLICATIONS
Except for processing by our service providers (described above), this Privacy Policy does not apply to third party websites, products, or services. For example, we handle some of the purchase process on our Services directly, and third party businesses (such as payment processors) may manage others. Third parties may operate or develop some of Our Group’s websites and mobile apps, may operate or host a contest/sweepstakes on our Services. In these cases, the terms, conditions, and privacy practices of the third party, not Our Group, may govern your transactions, and we may have no control over the Personal Data collected.
CHANGES TO OUR POLICY
We may change this Policy from time to time. We will post changes on this page. We will notify you of any material changes, if required, via email or notices on our Services. Your continued use of our Services constitutes your acknowledgement of any revised Policy.
US States/California
US State & California Privacy Rights & Choices
Under the California Consumer Privacy Act (“CCPA”) and other state privacy laws, residents of certain US states may have the following rights, subject to regional requirements, exceptions, and limitations.
Confirm - Right to confirm whether we process your Personal Data
Access/Know - Right to request any of following: (1) the categories of Personal Data we have collected, sold/“shared,” or disclosed for a commercial purpose; (2) the categories of sources from which your Personal Data was collected; (3) the purposes for which we collected or sold/“shared” your Personal Data; (4) the categories of third parties to whom we have sold/“shared” your Personal Data, or disclosed it for a business purpose; and (5) the specific pieces of Personal Data we have collected about you.
Portability - Right to request that we provide certain Personal Data in a common, portable format
Deletion - Right to delete certain Personal Data that we hold about you.
Correction - Right to correct certain Personal Data that we hold about you.
Opt-Out (Sales, Sharing, Targeted Advertising, Profiling) - Right to opt-out of the following:
- If we engage in sales of data (as defined by applicable law), you may direct us to stop selling Personal Data.
- If we engage in Targeted Advertising (aka “sharing” of personal data or cross-context behavioral advertising,) you may opt-out of such processing.
- If we engage in certain forms of “profiling” (e.g. profiling that has legal or similarly significant effects), you may opt-out of such processing.
Opt-out or Limit Use and Disclosure of Sensitive Personal Data - Right to opt-out of the processing of certain Sensitive Data, or request that we limit certain uses of Sensitive Personal Data. This right does not apply in cases where we only use Sensitive Personal Data where necessary, or for certain business purposes authorized by applicable law.
Opt-in/Opt-out of Sale/Sharing of Minors’ Personal Data - To the extent we have actual knowledge that we collect or maintain personal information of a minor under age 16 in California, those minors must opt in to any sales/sharing of personal information (as defined under CCPA), and minors under the age of 13 must have a parent consent to sales/sharing of personal information. All minors have the right to opt-out later at any time.
Non-Discrimination - California residents have the right to not to receive discriminatory treatment as a result of your exercise of rights conferred by the CCPA
List of Direct Marketers - California residents may request a list of Personal Data we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year.
Remove Minors’ User Content - Residents of California under the age of 18 can delete or remove posts using the same deletion or removal procedures described above, or otherwise made available through the Services. If you have questions about how to remove your posts or if you would like additional assistance with deletion you can contact us using the information below. We will work to delete your information, but we cannot guarantee comprehensive removal of that content or information posted through the Services.
Submission of Requests
You may submit requests, as follows (please our review verification requirements section). If you have any questions or wish to appeal any refusal to take action in response to a rights request, contact us at [email protected]. We will respond to any request to appeal within the time period required by law.
Access/Know, Confirm Processing, Portability,Deletion, andCorrection |
|
---|---|
Opt-Out of Sales, “Sharing,” Targeted Advertising or ProfilingOpt-out/Limit Use and Disclosure of Sensitive Personal DataOpt-in/Opt-out of Sale/ “Sharing” of Minors’ Personal Data |
|
List of Direct Marketers Remove Minors’ User Content |
|
Categories of Personal Data Disclosed for Business Purposes
For purposes of the CCPA, we have disclosed to Service Providers for “business purposes” in the preceding 12 months the following categories of Personal Data, to the following categories of recipients:
Category of Personal Data |
Category of Recipients |
---|---|
Audio/Visual Data |
Affiliates; Service Providers; Business Partners; Successors; Lawful Recipients; Data Aggregators; Public Disclosure |
Transaction Data |
|
Contact Data |
|
Device/Network Data |
|
Identity Data |
|
Preference Data |
|
General Location Data |
|
Precise Location Data |
|
Sensitive Personal Data |
|
User Content |
Categories of Personal Data Sold, Shared, or Disclosed for Commercial Purposes
For purposes of the CCPA, we have “sold” or “shared” in the preceding 12 months the following categories of Personal Data in the, to the following categories of recipients:
Category of Personal Data |
Category of Recipients |
---|---|
Transaction Data |
Sponsors, Advertisers, and Social Media Platforms; Data Aggregators |
Contact Data |
|
Device/Network Data |
|
Identity Data |
|
Preference Data |
|
General Location Data |
|
User Content |
Categories of Sensitive Personal Data Used or Disclosed
For purposes of CCPA, we may use or disclose the following categories of Sensitive Personal Data Government ID Data; Payment Data; Precise Location Data; Race or Ethnic Origin. However, we do not sell or “share” Sensitive Personal Data, or use it for purposes other than those listed in CCPA section 7027(m).
Australia/New Zealand
Rights and Choices
Residents of Australia and New Zealand have the following right in their Personal Data under their respective Privacy Acts.
Access - You may request a copy of your Personal Data that we hold about you.
Correction - You may seek to correct any Personal Data that we hold about you. For Registration Data, you may be able to make changes via your account settings menu.
Withdraw Consent - If you have provided your consent to Process Personal Data, you may withdraw it at anytime.
Erasure - You may request that we delete your Personal Data.
If you wish to exercise your right, you may visit the AXS Privacy Request Portal or email us at [email protected]. If you make a request, we will require you to verify your identity before we provide you with any access.
Purposes of Processing
In certain cases, we may not automatically process your Personal Data for certain purposes. We rely on your consent to process Personal Data as follows:
Sources of Personal Data
- Aggregators and Advertisers
Contexts
- Cookies and other tracking technologies for Targeted Advertising
- Any context where we process Sensitive Personal Data
- Marketing communications
Purposes
- Targeted Advertising
- Data Sales
Disclosures
- Sponsors, Advertisers, and Social Media Platforms
Consequences of not providing information
If you do not provide information that we need in order to provide our Services, we will not be able to perform certain Services for you, such as location-based Services, personalizing or making relevant certain types of advertising, or other Services conditioned on your consent.
Information about Third Parties
We receive any Personal Data that you provide to us about third parties on the understanding that you have the relevant individual's consent for us to collect and handle their personal information in accordance with this Privacy Policy.
Complaints
If you have a complaint about the way in which AXS handles your personal information under Australian privacy laws, or you believe that a breach of your privacy has occurred, please contact AXS using the details in the section How to Contact Us.
Your complaint will be considered and dealt with by an AXS nominated representative, who may escalate the complaint internally within the organization if the matter is serious or if necessary to resolve it.
Please allow AXS a reasonable time to respond to your complaint. If you are not satisfied with AXS' resolution, you may make a complaint to the Office of the Australian Information Commissioner, whose contact details can be found at: https://www.oaic.gov.au (if you reside in Australia), or to the Office of the Privacy Commissioner, whose contact details can be found at https://www.privacy.org.nz (if you reside in New Zealand).
Submission of Requests
General Inquiries: | [email protected] |
---|---|
Data Rights Requests: |
visit the AXS Privacy Request Portal (Open in new tab) or email us at [email protected]. |
Marketing Choices: |
visit the preference center at https://fanaccount.axs.com/ (Open in new tab) or visit the AXS Privacy Request Portal (Open in new tab) |
Data Protection Officer: |
Federico Zanetti, [email protected] |
Physical Address: |
AXS Australia Group Pty Ltd Level 2, 50-56 York Street South Melbourne VIC 3205 |