This policy describes how we collect and use your personal and business information.
Last Updated: Saturday 12 August 2017
DanceCloud is a dance event ticketing and management service - owned and operated by Cloud Creativity Limited. Our aim is simple: make organising dance events as easy as possible, so that there's more dancing in the world.
When you use the service, we may collect and use the following types of information:
For the purposes of this Policy, 'Business Data' refers collectively to Business Sensitive Data and Public Business Data.
To help us distinguish between the types of information we collect, the Service has two types of accounts:
When you interact with the Service, we may collect information from you, as further described below:
Business Sensitive Data: We collect data when you register an Organiser account and when you use our event management services, for example, but not limited to: event ticketing, event wait-listing, event door management, business management, business performance analysis. This information includes, but is not limited to: ticket sales and income, door sales and income, cash-flow management, rosters of roles that are not publicised, aggregation of data into business performance indicators and more.
Business Non-Sensitive Data: When you use our Service, we collect information as you use our event management services that is otherwise publically available, for these event management services to operate correctly. This includes, but is not limited to: times and dates of events, activities at events, those involved in publicised roles at the event (including, but not limited to: teachers, bands, DJs), event descriptions (free text and meta data, such as style of dancing). We will also collect publically available contact information from you, including but not limited to your Organiser email, address, website and telephone number.
Non-Personal Data: The Non-Personal Data we collect includes without limitation Internet Protocol (IP) addresses, Internet browser type, other characteristics of your device and software, domain names of your Internet Service Provider, your approximate geographic location, a record of your usage of the Services, the time of your usage and aggregated Personal Data that cannot be used to specifically identify you. Such information, which is collected passively using various technologies, cannot, in and of itself, be used to specifically identify you. We also collect Non-Personal Data (including, without limitation, of the type set forth above) from third parties. The information we collect from third parties may be combined with the information we collect.
This section of this Policy describes how we provide access to information that we collect to visitors and registered Dancers accessing our Service.
Public Business Data is accessible to any visitor to the Service, or any registered Dancer. When a Dancer accesses the Service, we use a Role Based Access Control ('RBAC') model to limit their access to Business Sensitive Data. The roles are as follows:
Roles are on a per-Organiser account basis. For example, a User could be an Owner of one Organiser account and a Delegate in another Organiser account. Their access to each Organiser's account will be based on their role for that specific account.
If a Dancer has none of the above roles for an Organiser's account, they are not able to access Business Sensitive Data for that Organiser.
Each Organiser account has a name that is used as their subdomain on the Service (the 'Organiser Subdomain'). For example, if an Organiser account's name is wedance, their subdomain will be wedance.dancecloud.com. When accessing an Organiser Subdomain, a visitor or registered Dancer will only ever be able to access Public Business Data or Business Sensitive Data (subject to their role) related to that Organiser.
When a visitor accesses our domain or a subdomain that is not an Organiser Subdomain, we may provide access to Public Business Data from multiple Organisers. When a registered Dancer is signed in to our domain or a subdomain that is not an Organiser Subdomain, we may provide access to Business Sensitive Data from multiple Organisers (subject to their role for each Organiser).
Personal Data can be accessed by the Dancer that it relates to and/or the Dancer that provided the information (for instance, if providing Attendee Contact Data as described below). It will not be made available to visitors to the Service.
When you purchase tickets for an event or join an event's wait-list, you consent to us providing your Personal Data to the Organiser of the event. The Organiser account Owner and Administrator will have access to your Personal Data, and Delegates who have been granted access to the event will also have access to your Personal Data. The granting of Delegate access to the event is at the Organiser's discretion. You agree that we are not responsible for which Dancers are given Administrator or Delegate access to an Organiser's account, or whom the current Owner is.
Non-Personal Data may be made available to Organisers if it relates to their Public Business Data or Business Sensitive Data. For clarity, this includes without limitation providing access to Non-Personal Data relating to an event, its tickets and its wait-list, as well as Non-Personal Data relating to access to the Organiser's Subdomain.
If you purchase event tickets on behalf of other individuals, you are required to provide their contact details ('Attendee Contact Data'), for instance and without limitation their email address. This is because event Organisers may need to send information regarding the event - for instance, but not limited to, if an event's venue and/or date and times change. For example, you will have to provide details of other attendees when purchasing tickets for a group.
If Attendee Contact Data can be positively matched to a registered Dancer then it will also be treated as their Personal Data. They will have access to the information, including but not limited to the ticket that you purchased on their behalf. Matching may involve techniques such as matching attendee email addresses to usernames of registered Dancers and may occur at any point after you have provided the data. We may use matched Attendee Contact Data in the manner described by this Policy for Personal Data.
If Attendee Contact Data cannot be matched to a registered Dancer, the Service will use it as part of its functions for managing the event to which the data relates. This includes without limitation, providing the data to the event Organiser, allowing the event Organiser to message the attendees via the Service, and for sending Service messages related to the event for which the Attendee Contact Data was provided.
By purchasing a ticket on behalf of another individual, you confirm that you have their permission to purchase their ticket and provide their Attendee Contact Data, with their consent that it will be used as described in this Policy.
We use Stripe as our payment service specifically because it means there is no need for us to collect or store your payment card information in our Service. All Personal Data relating to your payment is sent directly to Stripe from your web browser.
Payment information is accessible by the Organiser you have paid, within their Stripe account. We have access to the Organiser's Stripe account because they have granted us access to manage their payments for them - Stripe call this service 'Stripe Connect'. In addition, we may give you the option of storing your payment card details in our Stripe account so that you can use them to make purchases for any Organiser on our Service.
If you are an Organiser paying for subscription-only elements of our Service, your payment information for the subscription is stored on our Stripe account.
As per our Terms of Service, when you use Stripe to pay for tickets on the Service you are bound by Stripe's applicable terms of service, including but not limited to all applicable privacy policies. We, and all Organisers, are bound by all applicable Stripe terms of service, including but not limited to their privacy policies.
For more information, see Stripe's website for details of their policies and security procedures.
The section of this Policy describes how we use the information that we collect.
We use the Business Data that we collect in a manner that is consistent with this Policy, as follows:
We use the Personal Data that we collect in a manner that is consistent with this Policy, as follows:
Because Non-Personal Data cannot be specifically identified as you, we may use it for any lawful purpose.
We do not rent, sell or share Personal Data and/or Business Data about you with other people or non-affiliated companies except to provide or improve the products or services you have requested, when we have your permission, or under the following circumstances:
Every Owner and Administrator of an Organiser Account can access all the Business Data within that account by signing into our various services that are hosted on the Organiser Subdomain. This allows you to view edit or delete the information. Some information may be in a read-only state (i.e. you will not be able to edit or delete it yourself) because to do so may undermine the correct functioning of the Service. Any such read-only records can be deleted if you request that your Organiser account is closed and records deleted.
The Organiser account Owner has the right to ask for a copy of any Business Data that we hold about your business, to correct any inaccuracies and to update any out-of-date information. Please write to us at the address listed below should you wish to do so.
The Organiser account Owner may close their Organiser account by contacting us at the address listed below. If you close your Organiser account, you can also request that we delete your Business Data. Please note that if you do not request us to delete your Business Data, we will archive your Business Data for the period permitted by law following account closure, but will keep your archived information secure and confidential throughout this period.
You have the right to ask for a copy of any Personal Data that we hold about you in our records, to correct any inaccuracies and to update any out-of-date information. Please write to us at the address listed below should you wish to do so.
You may close your Dancer account by contacting us at the address listed below. If you close your Dancer account, you can also request that we delete your personal information. Please note that if you do not request us to delete your personal information, we will archive your personal information for the period permitted by law following account closure, but will keep your archived personal information secure and confidential throughout this period.
The Service may also offer you the opportunity to share or follow information about the Service (or the products and/or services available through it) using third party social networking functionality (such as through “share this”, “like” or “follow” buttons).
We offer this functionality in order to generate interest in the Service among the members of your social networks, and to permit you to share and follow opinions, news and recommendations about the Service with your friends. However, you should be aware that sharing personal or non-personal information with a social network may result in that information being collected by the social network provider or result in that information being made publicly-available, including through internet search engines.
If you do not agree to these changes, please do not continue to use the Service.