Privacy and cookie statement
With this Privacy and cookie statement, ID&T Enterprise B.V. wishes to explain how it handles and uses your personal data. If you have any questions regarding this Privacy and cookie statement, please contact us at GDPR@id-t.com
If you have accepted this Privacy and cookie statement on an ID&T Enterprise platform, this permission also applies to multiple ID&T entities and its business units (cross-domain). The websites and apps for which a cross-domain permission applies are the following entities within the ID&T network:
• ID&T Merchandise B.V. • ID&T Design B.V. • ID&T Enterprise B.V. • ID&T Events B.V. • ID&T Participations Holding B.V. • Sensation B.V. • Mysteryland B.V. • Welcome to the Future B.V. • Thunderdome B.V. • Air Festival Holding B.V. • Amsterdam Open Air B.V. • Bass Productions BVBA • VD Events B.V. • B2S B.V. • Q-Dance B.V.
Personal data processed by one of these entities are also processed on behalf of the other entities within the ID&T network.
The entities within the ID&T network may provide their services through different websites. This Privacy Statement applies to all websites within the ID&T network (hereinafter together also referred to as: “Website”).
In this Privacy and cookie statement, the following terms or definitions are used:
Account: your personal registration via an Opt-in on websites or apps with which you access the Service. Devices: the devices, such as PCs, smartphones or tablets, with which access can be obtained to the Service. Content: information (including audio-visual material such as trailers and previews) that ID&T makes available as part of the Service. Service: the complete package of services that ID&T offers to you. For example, websites and apps, the Account, but also the events and the services provided at events. For example, the option of paying at an event for refreshments using an app. A service can also extend in the future by cashless payment or other new services. Personal data: any data whereby ID&T can directly or indirectly trace or distinguish you. For example, a name, e-mail address or an IP address. Advertising Network: An RTB/Programmatic Network (also called Real Time Bidding Network) offers advertisers the opportunity to purchase advertising space through an auction. To optimise advertising, advertisers and RTB networks place cookies. By means of these cookies, you are tracked and targeted to visit other sites that are connected to the same network. Privacy and cookie statement: this privacy and cookie statement of ID&T. ID&T: The private company with limited liability ID&T Enterprise B.V., Overhoeksplein 31, 1031 KS, Amsterdam, the Netherlands, is the data controller for the Processing of your Personal Data. Processing for the benefit of ID&T companies affiliated to ID&T and/or ID&T events also fall under ID&T. Processing (Process, Processed): All use of your Personal Data such as storing, modifying, forwarding or (partially) deleting these data. For example, ID&T processes Personal Data because you use ID&T websites or apps.
__2. Persons younger than 16 years__
Persons who have not yet reached the age of 16 (minors) may only register for an ID&T Account with the consent of a parent or legal guardian. The parent(s) or legal representative of the minor user must read this Privacy and cookie statement in the interests of the minor user and can exercise the rights of the user in question instead of the minor user.
ID&T advises parents or legal guardians to supervise the use that a minor user makes of the Service and to make such users aware of how their Personal Data can be used on the basis of this Privacy and cookie statement. ID&T makes reasonable efforts, with due observance of technology, to check that only users aged 16 or older can create an ID&T Account. ID&T does this for example by means of a birth date check when a profile is created.
__3. Which of your Personal Data are Processed by ID&T?__
ID&T Processes the following of your Personal Data for the purposes explained later in this Privacy and cookie statement:
• First Name; • Surname; • Email address; • Sex; • Date of birth; • Address; • Residence; • Telephone number; • Country; and • Preferences such as artist preference, event visit, music preference, clothing preference, clothing size and possibly geo-location only after explicit permission in an Optin of ID&T.
It is not the case that ID&T always uses all of your above-mentioned data. This depends on purposes as described later in this Privacy and cookie statement.
ID&T has deliberately chosen not to use special Personal Data such as race, ethnic origin, political opinions, religious convictions, union membership, orientation, health or criminal data.
__4. How does ID&T obtain your Personal Data?__
ID&T obtains your Personal Data in the following ways:
Directly from you: For example, if you sign up for a special campaign, ticket or promotion run by ID&T, if you send an e-mail or otherwise contact ID&T (for example with questions about the use of the Services).
As a result of using the Service: By means of your registration, you have access to the Service. In addition, ID&T can also offer the Service to persons without a registration. If you give permission for this, ID&T can read and store the unique characteristics of the device that has been used in the context of the Service. Based on the ID&T Account and/or the unique features of the Device which you use to access the Service, ID&T can keep track of your use of the Service, including the Content that is watched, read, listened, commented or shared using the ID&T Account. Insofar as mobile Devices are used, the location of the Device is passed on to ID&T in the context of the Service. Prior to installation of such apps on a mobile device, you are explicitly requested to allow your location data to be determined and used.
From third parties: For example, if you or another visitor of an ID&T website or app uses social network functions that are integrated in the Service, ID&T may receive certain information from the relevant social network, such as Facebook, Twitter and Google+. ID&T may also receive information from partners who are involved with the Service. For example, ID&T uses services provided by other parties that help it to map and analyse the way in which the Content and websites are used. An example of this is Google Analytics. This tool enables ID&T to monitor websites (where do you click and how often). Other examples are partners who on your behalf handle payment for the Service. Examples are iDeal, PayPal or Adyen, which handle the payment transactions between you and the services/products provided by ID&T.
At events: ID&T can also process visitor data at the events that it organizes, such as registering an event for commercial or security purposes (with camera). When entering an event location, the visitor is always informed of such processing.
You can withdraw your permission for use of personal data at any time by sending a message to: GDPR@id-t.com
5. What is the reason why ID&T Processes your Personal Information?
__ID&T processes your Personal Data for the following purposes:__
a. In order to provide the Service: Example; data that is entered when registering for a ticket or using a service (such as name and date of birth) can be used to check whether you meet the set requirements (e.g. to monitor age). Specified contact details can be used to inform you about (changes to) the Service or planned maintenance (service e-mails).
b. In order to process payments: Certain data that are requested when registering or using it, may be required for issuing invoices and processing payment for a Service.
c: In order to build a profile ID&T strives to ensure that the Service is as relevant as possible for you. To do this, ID&T keeps a profile based on your use of the Service to get an idea of your most likely interests. ID&T does this for example, by keeping track of what Content you request or which purchases (such as tickets, refreshments, merchandise or travel package) you make. Another way in which ID&T builds a profile is by using your location data at events (after gaining explicit permission to do so) to see which artists, music and experiences appeal to you. Based on these interests, ID&T can then change the Content, including adverts, that appear on ID&T touchpoints. As an example, ID&T can then show recommendations for similar Content that has certain artists or events.
ID&T can also use these profiles for campaigns run by online advertisers. ID&T is and will remain the owner of these profiles and will never make these profiles available to third parties. ID&T only shares the segments (tags) with the advertisers (e.g. ‘woman, age category 20 to 30 years), to ensure that the adverts match the interests.
d. In order to send newsletters and promotions: ID&T can also use contact information and other data that have been collected to keep you informed by phone, mail, e-mail, SMS, push messages from apps or other suitable media, about promotions or offers from ourselves (action e-mails), or to keep you informed about the Service and the Content (newsletter e-mails). You can unsubscribe from this at any time.
e. In order to improve the Service and to identify general trends: ID&T uses your usage data to analyse in a general sense how the Service is used and which trends can be observed, in order to make more informed decisions about, for example, further development of the Service and the Content offering. It is also possible to track purely technical trends for that purpose, for example which types of Devices or browsers are used to retrieve the Content.
f. In order to prevent misuse: ID&T also Processes your Personal Data and your use of the Service in order to prevent misuse of the Service and the Content, to prevent fraud (e.g. with credit card or other means of payment), and to protect the rights of others (including the right-holders to the Content).
g. In order to carry out market research: ID&T can contact you and former users and visitors of the Service that have provided their contact details for the purposes of market research. Participation in such research is always on a voluntary basis. ID&T can, based on this research, send offers to you and others who participated in this research, provided that prior permission has been given for this.
h. In order to ensure compliance with laws and regulations: Your Personal Data can be used to comply with laws and regulations that apply to ID&T, to deal with disputes and to have audits carried out.
i. ID&T can utilize profiling. Which means collecting, analysing and combining of (personal) data aiming to tag you in a specific (interest) category. (race, ethnic origin, political opinions, religious believes, trade union membership, orientation, health or criminal data) are consciously excluded within GDPR
The importance of profiling is that we can gain interests which content you may be interested in and which products or services (including commercial products or services) would suit you. Profiling ensures that both the content and ads are more in line with your personal interests. Profiling can impact your privacy. For example, if false (interest) categories are linked to you based on incorrect or outdated data. If you believe that this is the case, the GDPR provides you the right to have your data modified or removed. In this case, please contact ID&T. For more information on the Right of correction, postage and removal visit www.id-t.com/myprivacy
__6. Why does ID&T Process your Personal Data?__
The main reason why ID&T Processes your Personal Data is because this is necessary to provide its Service. For example, ID&T Processes your Personal Data so that it can grant you access to its websites, apps or events. It may also be the case that ID&T Processes your Personal Data because it is obliged to do so because of laws and regulations. For example, the Dutch General Act on Government Tax makes it mandatory to retain payment data for 7 years for the Tax Authorities.
Another reason why ID&T Processes Personal Data is because either ID&T or a third party has a legitimate reason for doing this, such as a commercial interest. In that case, ID&T will always make a thorough assessment as to whether this interest is greater than your privacy interest.
Finally, ID&T can Process Personal Data on the basis of your permission. For example, ID&T asks for your permission before placing and reading tracking cookies or before sending you (electronic) commercial messages. You can withdraw your permission for use of personal data at any time by sending a message to: GDPR@id-t.com
__7. Who does ID&T share your Personal Data with?__
Within the ID&T group: The Personal Data that are collected are Processed by ID&T also for the companies affiliated with ID&T. These companies can access your Personal Data insofar as this fits within the purposes described in this Privacy and cookie statement.
__With (other) suppliers of ID&T:__ ID&T can share your Personal Data with the suppliers it works with to realise the Service (for example a mailing company, call centre, collection agency, market research agency, event partners or the party that has been commissioned by ID&T for the technical realisation of a website or app). Where possible, ID&T places these third parties under the obligation to act in the capacity of data processor. This means that ID&T determines the purpose for which and the manner in which the personal data are to be Processed and the data processor is only allowed to handle your data according to the instructions and (security) standards of ID&T. These agreements determined by ID&T with each data processor are set out in a so-called processor agreement. If these third parties are outside the European Economic Area (EEA), ID&T has reached (additional) agreements with these parties. ID&T signs a model contract with these data processors that has been approved by the European Commission (also called standard contractual clauses). Where data are transferred to the United States, ID&T either agrees on the model contract or ID&T allows the transfer under the EU-US Privacy Shield.
__With other ID&T partners:__ In specific cases, in the context of the purposes described above, it is necessary to share Personal Data with third parties who use this Personal Data independently. In addition, ID&T can provide Personal Data for marketing purposes to other partners selected by ID&T. ID&T will first request separate permission from you to do this.
__With the authorities and others:__ In exceptional cases, ID&T may provide Personal Data to authorities or third parties, if ID&T is required to do so by law or by order of the court, or if there is reasonable reason to believe that this is necessary in order to prevent damage or misuse.
You can withdraw your permission for use of your personal data at any time by sending a message to: GDPR@id-t.com
Cookies are small files that can be placed on your Devices by the websites or apps of ID&T. For example, you can easily be recognised during a subsequent visit without having to log in again on your ID&T Account. Likewise, information relating to website use can be collected using cookies about other visitors of the ID&T websites (who are not logged in with an ID&T Account). There are different types of cookies. In some cases, cookies are automatically deleted when you close your browser; in other cases, these cookies are stored for longer and can be read the next time you use the Service. Where ID&T collects Personal Data using cookies, these Personal Data are Processed in accordance with the provisions set out in this Privacy and cookie statement. Before ID&T places non-functional cookies, ID&T will inform you about this and ask for your permission. It is only after permission has been given that these cookies are placed and read.
ID&T itself places cookies in order to identify you on your next visit without the need for you to log in again with your ID&T Account. ID&T can also place cookies for the purpose of creating profiles. ID&T can also place tracking cookies, which are used by ID&T if you as a visitor navigate to third party websites where ID&T can place ads via an RTB and/or Programmatic network (see: 1 - Definitions). Additionally, ID&T uses third parties to analyse the use of its Content, websites, apps and the Service. These third parties also place cookies for ID&T on your Devices, which are used to map your use of the Service. For example, Google Analytics.
Cookies from third parties are placed on your Devices by third parties, and only these third parties have access to those cookies and the information collected by the cookie. Third parties that have permission to place cookies via the Service are, for example, advertising networks that place the adverts on the ID&T websites. Ad networks usually leave so-called "tracking cookies" on your devices. Tracking cookies enable advertisers to track your browsing habits so that they can display as many relevant ads as possible on the websites that you visit. Social networking services such as Facebook, Twitter and Google+ can also place cookies via the websites of ID&T. This is done via the buttons of these social networks that may appear on the websites of ID&T to promote ("Like") or share ("tweet”) Content.
Below is an overview of (technical) partners on the websites or apps of ID&T:
• Graphlr Media Connect (functional for registration); • JW Player (video player analytics) • Amazon Webservices (Hosting & cloud infrastructure) • Akamai (CDN) • Formstack (forms) • SAP / Gigya (Identity management) • Braze (Marketing automation) • Embedly (Content embed service) • Arqive (asset management for personal content publishing) • Leaseweb (hosting & storage) • Fanalist (engagement tooling) • Cookie consent (functional for storing cookie preferences); • Google Tag manager (analytics pixel used to improve the Q-dance platform); • True SSL Certificates (website security) • Paylogic (ticket partner) • Mailchmip as mail provider • Hugo Events as Bot, mail- & survey provider • Google Analytics (analytics pixel used for research); • Google Tag Manager (tags used for re-targeting) • Facebook pixel (tracking pixel used for re-targeting within Facebook).
If you would like more information about the cookies that other parties place from the websites or apps of ID&T and the purposes for which and the manner in which these cookies are used, please read the privacy and cookie statements of these parties on their websites or apps.
Browser applications can be set so that new cookies are no longer received the next time you use the Service. This differs from browser to browser; we recommend that you consult the help function of the browser if necessary. This should also explain how to delete cookies that have been previously placed.
NB: A visitor to the website or a user who no longer wishes to receive cookies should change these settings in all browsers and on all devices that are used. If cookies are refused and/or removed, it is possible that your use of the Service and/or options related to the Service is rejected.
__9. How long does ID&T store your Personal Data?__
ID&T will keep your Personal Data for as long as necessary to get you the best service or in case of refund terms, warranty or recurring contact needed to keep you up to date. ID&T stores your data for at least as long as you use the Service and if your account is inactive, for a period of 2 years thereafter. The reason for ID&T doing this is so that you can easily return to using the Service when re-activating. If you have been inactive for a long period (longer than 2 years), ID&T will delete your data.
An exception to this is if the law prescribes that ID&T must retain certain data for a longer period of time. For example, the Dutch General Act on Government Tax makes it mandatory to retain payment data for 7 years for the Tax Authorities.
__10. How does ID&T protect your Personal Data? __
ID&T at all times maintains a level of security in the Processing of Personal Information that, in view of the state of the art, is sufficient to prevent the loss, alteration, disclosure of or unauthorised access to Personal Data. If ID&T engages third parties, then ID&T imposes the same level of security on them. ID&T has a close relation to its data processors and made clear agreements in our Processor Agreements
Questions about this security can be directed to GDPR@ID-T.com
__11. What are your rights? __
People whose Personal Data are Processed have certain rights under the law. You can at all times and at no cost view the Personal Data Processed by ID&T and alter it if required. You may also object to receiving information or targeted offers from ID&T via e-mail, telephone, post and/or SMS; you are also entitled to apply to have your data deleted in accordance with the applicable regulations. Finally, we would like to point out the right to file a complaint with the Dutch Data Protection Authority.
ID&T tries to ensure that you can exercise these rights as much as possible yourself. For example, you can exercise your rights by viewing, correcting or deleting your data in the ID&T Account. You can also exercise these rights by contacting us via the e-mail address Myprivacy@ID-T.com ID&T will try to respond to your request within 4 weeks. (read more : www.id-t.com/myprivacy)
__12. Changes to the Privacy and cookie statement __
It may be that ID&T decides in the future to (unilaterally) change this Privacy and cookie statement. ID&T therefore recommends that you regularly check this Privacy and cookie statement to see if there have been any changes. If there are any major changes, ID&T will inform you about this in advance by publishing the amended Privacy and cookie statement. The latest applicable version of the Privacy and cookie statement can always be consulted on the relevant ID&T websites or apps.
The most recent change to this document was on 18-02-2019. - Please check ID-T.com/privacy for the latest version of all our statements & policies and the way how to respond on our statements and execute your personal rights.