Customer Data Privacy Policy

Overview

Credential Management is committed to upholding the Data Protection principles of good practice. Protecting your privacy is important to us, and we strive to keep all information relating to you confidential in accordance with this statement and the law. As part of the normal operation of our services, you may voluntarily provide us with information about yourself. The purpose of this Data Privacy Policy is to explain what personal data we collect about you, how that personal data might be used and how we protect your personal data and privacy.

Credential Management uses the latest extended validation security (EV SSL) certificate and is PCI DSS compliant, ensuring that tickets are sold in a safe and secure environment.

Who Are We?

Credential Management is an online ticketing software provider. We have been contracted by the Event Organiser to deliver online ticketing services on their behalf. Therefore, Credential Management is the Data Processor acting on behalf of the Event Organiser, who is the Data Controller, and it is the Event Organiser who decides what happens to your Personal Data.

The Event Organiser / Data Controller is named as part of the booking process.

What Is The Legal Basis for Processing Your Personal Data?

Processing is necessary for the performance of a contract (i.e. the processing of ticket bookings on behalf of the Event Organiser or storing your information if you choose to join a waiting list for an event) and legitimate interest (storage or IP Addresses for risk management or Cookies to allow full access and smooth progression through our website).

How Do We Process Your Personal Data?

Credential Management complies with its obligations under the General Data Protection Regulations (GDPR) by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining unnecessary data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Credential Management only collects personal information about you when you specifically provide us with such information voluntarily. The information that we collect includes:

‣  Name
‣  Address
‣  Email
‣  Contact number
‣  Business name/position (for some business events)
‣  Payment card details – card details are encrypted for processing. Credential Management does not store card details within its system
‣  IP address – we may collect information about your computer, including where available your IP address, operating system and browser type, for system security, customer support and site analytics. This statistical data cannot be used to identify a customer.
‣  Cookies – cookies are used to track visitors through our site and to save booking information as you move from page to page of the booking process

We use your personal data for the following purposes:

‣  To process ticket bookings (including the booking, payment processing and ticket delivery)
‣  To send you email communication regarding your booking (to include booking reminders or to advise you of an event cancellation)
‣  To assist you with any query that you may have with your booking or payment
‣  To place you on a waiting list for a sold out event at your request, and send updates as tickets become available.
‣  We may also use your data to perform quality assurance, sales analysis or other business analyses.

Sharing Your Personal Data

Credential Management will not use your contact details for any marketing activities, and Credential Management does not sell Customer contact details to Third parties. Credential Management will only contact you regarding an existing booking or booking attempt.

As we act on behalf of the Event Organiser, we will forward your contact details and booking information to the Event Organiser of your selected event. The Event Organiser will use this information to:

‣  Manage ticketing for an event
‣  Facilitate ticket pick-up
‣  Dispute resolution
‣  Customer service
‣  Notification of any changes to the event
‣  Undertake sales, campaign or demographic analysis.

The Event Organiser is responsible for their own compliance with GDPR, and you agree that Credential Management is not responsible for the actions of the Event Organiser concerning your Personal Data.

Credential Management may share your Personal Data with our processing partners such as Merchant Service Providers or Email/Text Service Providers who are contracted to assist Credential Management with the booking of your tickets – known as Sub-Processors. Credential Management is responsible under GDPR to ensure that any Sub-Processor we contract is fully compliant with GDPR law and will also act to ensure the safety and confidentiality of your Personal Data.

Marketing Activities

During the booking process, the Event Organiser will ask if you would like to be included on their mailing list or that of other named Third Parties. If you decide to opt into these marketing lists, You agree that the Event Organiser or named Third Party can send you marketing information until such a time that you indicate to them a preference not to receive further information.

The Event Organiser is responsible for their own compliance with Data Protection laws, and you agree that Credential Management is not responsible for the actions of the Event Organiser concerning your personal data.

How Long Do We Keep Your Personal Data?

Credential Management will keep your Personal Data for no longer than reasonably necessary and will be deleted after TWO (2) yearS. Personal Data is retained by Credential Management for this period to assist us in responding to customer booking queries or any charge disputes that may arise.

An Event Organiser may well have a different retention period, which will be stated in their own Data Privacy Policy.

Your Rights and Your Personal Data

You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your Personal Data held by Credential Management, please contact the Data Security Officer using the contact details listed below.

Under GDPR, you have the following rights:

‣  Right to be informed of why your data is being processed (included within this Data Privacy Policy)
‣  Right of access to the Personal Data held
‣  Right of rectification if incorrect data is held
‣  Right to object to processing

To instigate any of your rights under GDPR, you must contact the Event Organiser (the Data Controller), who is responsible for how your Personal Data is used. Credential Management can either provide you with contact details for the Event Organiser or will forward your request on your behalf.

Further Processing

Credential Management will not undertake any further processing of your Personal Data beyond this booking and the activities outlined above under ‘How do we process your Personal Data’.

Other Websites

Our website may contain links to other websites (e.g. Event Organiser websites or social media pages). This Data Privacy Policy only applies to the Credential Management website, so when you link to other websites, you should read their own privacy policies.

Contact Details

To exercise any relevant rights, queries or complaints regarding Credential Management and the handling of your Personal Data, please contact:

Data Security Officer
Credential Management Pty Ltd
Email: support@credentialmanagement.com.au

Depending on your query, we may need to forward your request to the Event Organiser, who is the Data Controller and responsible for how your Personal Data is handled.

How to Make a Complaint

If you are unhappy with how your personal data has been processed by Credential Management, you may, in the first instance, contact The Data Security Officer using the contact details above.