Grapevine Gathering National Pty Ltd (ACN 624 469 432) of 801 Glenferrie Road, Hawthorn VIC 3122 (“GGN”, “us”, “we” or “our”) is committed to protecting the privacy of all our customers. The Privacy Act (1988) (Cth) (Privacy Act) and the Australian Privacy Principles (APPs) set out in Schedule 1 of the Privacy Act, and the EU General Data Protection Regulation 2016/679 (GDPR) govern the collection, storage, use, and disclosure of information by which individuals may be identified. In this Privacy Policy, “Website” means https://www.grapevinegathering.com.au/.
This Privacy Policy details how we comply with the above laws regarding the collection, use, storage, sharing and protection of your information and data.
Amongst other things, it contains information on:
We may update this Privacy Policy from time to time at our sole discretion. Any variations become effective on posting the updated privacy policy to www.grapevinegathering.com.au/vic/privacy, www.grapevinegathering.com.au/nsw/privacy, www.grapevinegathering.com.au/wa/privacy and we shall have no obligation to provide you with individual notice of such changes. Your continued use of our products and services following the publication of any amended Privacy Policy shall signify your acceptance of that amended Privacy Policy, except where we are otherwise required by law to seek your direct consent.
PLEASE READ THIS PRIVACY POLICY CAREFULLY. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY, PLEASE DO NOT BROWSE, ACCESS OR USE OUR WEBSITE; MAKE A PURCHASE; ATTEND OR PURCHASE A TICKET TO GRAPEVINE GATHERING OR OUR OTHER EVENTS; OR OTHERWISE ENGAGE WITH OUR SERVICES.
Types of information we collect
“Personal Information” means information that can be used to personally identify you, such as your name, age or date of birth, gender, telephone number, address, email address, photographs or videos where you are personally identifiable, and in some circumstances financial information such as your credit card, direct debit or Paypal account information. If the information we collect personally identifies you or you are reasonably identifiable from it, the information will be considered Personal Information.
‘Usage Information’ means anonymous aggregate data that is automatically collected through your use of the Website. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Website.
We recognise that Usage Information, whilst for the most part anonymous, can be cumulatively used to directly or indirectly identify you. Usage Information that can be used to identify you in any way, together with your Personal Information, shall collectively be referred to in this Privacy Policy as “Personal Data”.
How we collect your Personal Data
We collect your Personal Data directly from you, unless it is unreasonable or impractical to do so.
We do this in a number of ways, including:
It is your choice to provide information to us. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with us. Please be aware that it is necessary for us to collect your Personal Data to enable us to process transactions. As such, if you do not wish to provide your Personal Data, we may not be able to accommodate your order.
We may also collect Personal Data from third parties including our contractors and business partners, advertisers, mailing lists, recruitment agencies and government entities.
COOKIES
We may collect Usage Data through cookies, pixel tags and other tracking technologies (collectively Cookies). Cookies are small packets of data that are downloaded onto your device when you access a website. Cookies hold specific information that helps the Website ‘remember’ your actions and preferences over time.
Cookies can stay on your device temporarily (Session Cookies) or until you manually delete them (Persistent Cookies). Data collected by Cookies does not identify you, but it does identify your device. Where such data can be cumulatively used to personally identify you, we will seek your consent to collect and process such information. You can disable Cookies at any time in your browser. If you disable Cookies, we cannot guarantee that the Website will be fully functional.
Why we collect your Personal Data
The primary purpose for which we collect information about you is to enable us to perform our business activities and functions and to provide you with products and services.
Other legitimate purposes that you agree we can collect, hold, use and disclose your Personal Data for include but are not limited to the following:
For the avoidance of doubt, we will only use your Personal Data for purposes that you would reasonably expect us to use your Personal Data for in connection with operating and providing our products and services to you, or where we are required by law to collect your Personal Data. We will not sell, rent, or license your email address or any of your Personal Data unless we have otherwise obtained your express consent to do so.
We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing, and as such these consents can be modified at any time by emailing us at cheers@grapevinegathering.com.au, or by clicking ‘unsubscribe’ on any direct marketing communications.
Who we disclose your Personal Data to
You agree and consent that we may disclose your Personal Data to:
For the avoidance of doubt, this privacy policy applies to all employees, consultants, contractors and agents of ours and covers all information collected via your use of the Website, purchase of our products or services, as well as information supplied to us in person, by phone, by writing (including email) or in any other way.
You can withdraw your consent for us to share your Personal Data with third parties at any time by emailing cheers@grapevinegathering.com.au, but please note that withdrawal of such consents may affect your ability to access and use the Website, purchase our products or services or attend Grapevine Gathering or our other events.
What are your rights to your Personal Data
In accordance with the GDPR, we acknowledge the right of EU citizens to:
To erase, request or restrict processing of your Personal Data, please email cheers@grapevinegathering.com.au, with the subject ATT: PRIVACY OFFICER.
Accessing and correcting personal information
We cannot modify your Personal Data. You can modify your own information by emailing us at cheers@grapevinegathering.com.au, You acknowledge that it is your responsibility to maintain the truth, accuracy, and completeness of your information and your failure to do so may inhibit our ability to provide the Website, process your orders with us or allow you to access Grapevine Gathering or our other events.
You acknowledge and agree that you remain solely responsible for maintaining the truth, accuracy, and completeness of your information at all times, and we shall have no liability to you or any third party arising from your failure to do the same. If you believe that Personal Data we hold about you is incorrect, incomplete or inaccurate, you may request that we amend it.
External Links
Our Website may contain links to other third party websites or applications, including links to our third-party ticket merchants or ticket resale merchants. We cannot be reasonably expected to be aware of nor held responsible for the privacy policies or practices of these other websites.
Security
We protect your Personal Data through technical security measures i.e. firewalls, encryption that limit the risk of loss, disclosure, unauthorised access and modification. No security measures are, however, 100% secure so we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss or misuse of any information or data or for the actions of any third parties that may obtain any information or data.
Notwithstanding the above, we acknowledge our obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where our data breach involves the information of EU citizens, report to the European Data Protection Supervisor. We will also inform you, where possible, if your data has been breached in the circumstance where it poses a risk of serious harm or your rights and freedoms.
We also warrant that our personnel who may have access to your Personal Data are trained and educated about this privacy policy and our obligations under the Privacy Act, Privacy Principles and GDPR. For more information on our internal policies, email us at cheers@grapevinegathering.com.au.
Overseas Disclosure
We may, in the course of providing any products or services to you, disclose Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where we transfer data to a third party in a country where no adequacy decision has been made, we warrant that such third parties in those countries are bound under contract to meet the requirements of the Privacy Act, Privacy Principles and GDPR.
Contact
Thank you for taking the time to read our privacy policy. If you have any questions regarding our Privacy Policy, you can reach our privacy officer at cheers@grapevinegathering.com.au.
If you believe your privacy has been breached by us, or have any questions or concerns about our Privacy Policy, please contact us using the details below.
We will treat your requests or complaints confidentially. We will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved.
Our contact details are:
Privacy Officer
Grapevine Gathering National Pty Ltd
15 Dover Street
Cremorne VIC 3121
If you are not satisfied with our handling of your Personal Data, or have any other concern over our privacy policy, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au) or with the European Data Protection Supervisor (for more information, please see https://edps.europa.eu).