1. Data Collection and Use
1.1 Whose personal data we collect and how we collect it
1.1.1 SISTIC collects personal data from a range of individuals in the context of its business activities, including our customers, representatives of our suppliers, Providers, Venue Hosts and other business contacts; contractors; users of the Site; individuals who contact us by any means; and job applicants.
1.1.2 We collect personal data voluntarily provided by you when you: visit our Site and/or complete one of our web forms; register with our Site; contact our customer service team or request information from us in any other way; visit our premises and kiosks; submit an order for any of the Services, or make a Ticket booking for any event, whether through physical kiosks, our Site, or selected sales channels of SISTIC, our Providers or other third parties (including through selected third party platforms linked to our ticketing system); attend any events organised or managed by us or our Providers, or enter any premises of ours or our Venue Hosts; communicate with us, including via social networking websites, third party applications or similar technologies; or subscribe to our newsletters or emails.
1.1.3 We receive personal data from third party sources including API sales channels and promoter sales channels.
1.2 For whom do we collect your personal data
1.2.1 For SISTIC’s use:
We collect your personal data in our own capacity as Ticket seller, for use and disclosure by SISTIC and its agents, for the purpose of Ticket sale processing and issuance..
1.2.2 For the Provider’s & Venue Host’s use:
We also collect your personal data as ticketing agent and data intermediary on behalf of:
(i) the entity or entities operating, managing, producing, promoting or providing the Service and their agent(s) (each a "Provider"), for the Provider’s use and disclosure for the purposes of Ticket sales, Service management and administration, providing Service-related services, processing bookings or Tickets for admission to the Service, or other related activities (collectively “Service Administration”);
(ii) the entity or entities owning, operating, or managing the Venue hosting the Service and their agent(s) (each a “Venue Host”), for the Venue Host’s use and disclosure for the purposes of managing Venue admission, seating, and/or access (collectively “Venue Administration”).
Where you have consented to receiving marketing materials from SISTIC, Provider, and/or Venue Host, and their respective marketing agents, your personal data will be used and disclosed for such marketing purpose in accordance with Section 2 below.
It is the Provider’s and/or Venue Host’s obligation to notify you and to obtain any legally required additional consents if it wishes to use your personal data for any other purpose, or if it wishes to share your personal data with any third party.
1.3 What personal data we collect and why we collect it
1.3.1 We collect and use your personal data to allow us to provide services and features to meet your needs, and to customize and improve our services to make your experience more secure and convenient and for the other purposes in Section 1.2. We only collect personal data about you that we consider necessary for achieving these purposes.
1.3.2 If you choose to use our services, we may require you to provide contact and identity information, including your name, address, email address, phone number and other personal data as indicated on the forms throughout the Site, or which you choose to provide us with. Where relevant, we will indicate which fields are mandatory and which fields are optional.
1.3.4 We may also look across multiple users to identify problems or resolve disputes, and in particular, we may examine your personal data to identify users using multiple user-IDs or aliases. We may also compare and review your personal data for errors, omissions and/or accuracy.
1.3.5 Under some circumstances, we may require certain financial information from you. We use your financial information (including credit card information) only to verify the accuracy of your name, address, and other information, to detect any fraud or other criminal activity, and to bill you for your use of our services.
1.3.6 We may take photographs or video recordings at a Service, event, Venue or premises of ours or our Providers or Venue Hosts. We take these photographs or video recordings for publicity and promotional purposes or for such other purposes notified to you at the Service, event, Venue or premises. Where we do so, we may capture your image or likeness as part of the wider crowd of attendees at the event. If you do not wish for your image to be used in this way, or would like us to remove a photo that contains your image, please contact us using the methods detailed in Sections 9 and 11 below. In situations where we intend to take more close up or individual photos or video recordings of you, we will always seek your consent before doing so.
1.4 Cookies and Similar Technologies
1.4.2 Cookies are text files which are downloaded to your device when you visit a website, allowing your device to be recognised.
1.4.4 When you use our Site, we collect certain standard information that is sent by your browser to our Site. This includes technical information, such as your IP address, browser type, operating system, language, time zone setting, access times, country and any referring website addresses.
2. Marketing opt-in and opt-out provisions
2.1 When you register for a SISTIC account or purchase Tickets for a Service, you may opt-in to receive marketing information via email from: SISTIC, Providers, Venue Hosts, and/or such parties’ marketing agents. This information will include the latest news on Services, including shows, events, promotions, contests and/or lucky draws.
2.2 If you opt to receive marketing information from SISTIC and its marketing agents:
2.2.1 We will use your email address to inform you about online and offline offers, products, services, and updates, and send you our e-newsletters and/or electronic direct marketing materials such as the SISTIC Buzz and SISTIC Buzz Special, which provide information on Services that are jointly promoted by SISTIC. The SISTIC Buzz features multiple Services organised by various Providers, while the SISTIC Buzz Special features one or more Services organised by a single Provider. We may also display event-related content and advertising on our Site where we believe this may be of interest to you.
2.2.3 If you change your mind at any time and wish to un-subscribe from SISTIC’s marketing material, you may easily do so via the unsubscribe link found on each email, or through our hotline at +65 6348 5555. Alternatively, you may also log into "My Account" at www.sistic.com.sg and opt out directly by editing your email preferences.
2.3 If you opt to receive marketing information from a Provider, Venue Host, and/or their marketing agent(s), as applicable (each a “Marketing Entity”):
2.3.2 If you change your mind at any time and wish to un-subscribe from any Marketing Entity's marketing material, please contact the Marketing Entity to do so. If you wish to obtain the contact particulars of the Marketing Entity, you may call our hotline at +65 6348 5555.
3. The legal basis for SISTIC processing your personal data
3.1 If you are located outside of the UK and the EU
3.2 If you are located in the UK or the EU
In order to comply with applicable data privacy laws, SISTIC is required to set out the legal basis for the processing of your personal data. In accordance with the purposes for which we collect and use your personal data, as set out above, the legal basis for SISTIC processing your personal data will typically be one or more of the following:
3.2.1 your consent;
3.2.2 the performance of a contract that we have in place with you or other individuals;
3.2.3 SISTIC or our third parties' legitimate business interests as an event organising and/or ticketing platform (for example, to protect the security and integrity of our systems, to provide you with customer service, to promote and publicise our services to other customers); or
3.2.4 compliance with our legal obligations.
4. Sharing with and Disclosure to Third Parties
4.2 We may share your personal data with people within our organisation, including people within our group companies, who have a “need to know” that data for business or legal reasons, for example, in order to carry out an administrative function such as processing an invoice, or to direct a query that you have submitted to the relevant department within SISTIC.
4.3 We may disclose your personal data to third parties in the event that we sell, buy or merge any business or assets, including to the prospective seller or buyer of such business or assets.
4.4 Finally, we may share non-personal data with other third parties that are not described above. When we do so we may aggregate, anonymise, or de-identify the information so that a third party would not be likely to link data to you, your computer, or your device.
4.5 When you purchase a Ticket or otherwise register for a Service, the relevant Provider and Venue Host will receive the personal data that you provide. Other third parties involved in the Service may also receive your personal data. We are not responsible for the actions of these Providers, Venue Hosts or other third parties, with respect to your personal data. It is therefore important that you review the applicable policies of the Providers and Venue Hosts, and if applicable and available, their appointed third party service providers or other business contacts, before providing personal data or other information in connection with your purchase of or registration for a particular Service.
5. Transfers of Personal Data if you are based in the UK or the EEA
6. Social Media
6.2 When you “like” or “follow” us on Facebook or other social media sites, we may collect some information from you including your name, e-mail address, and any comments or content you post relevant to us. We likewise may collect your personal data if you submit information to us through social media sites.
6.3 SISTIC’s own website may contain links to Facebook or other social media sites, such as through the Facebook “Like” button. When you interact with these links, your browser will establish a direct link with the Facebook (or other social media site’s) servers. Using the example of the Facebook ‘like’ button, Facebook will then receive information about your browser and activity, and may link it to your Facebook user account. For more information about how Facebook and other social media sites use data, please see their own policies.
6.4 SISTIC may provide you with opportunities to contract directly with third parties, and/or to integrate with third party services or applications, through our Site. In such instances, we will disclose your personal data to other entities in order to fulfill a request by you, or to provide services you have requested.
7.1 Your privacy is important to us. We put in place reasonable security arrangements (which shall at least be equivalent to industry standard practices) to protect your privacy and personal data, in such manner and to such extent as we deem reasonably appropriate to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, there is no such thing as "perfect security" and we do not guarantee in any way, and you should not expect, that your personal data or private communications will always remain private and/or safe from any abuse or misuse by third parties.
7.2 Your personal data to be used by SISTIC is stored on SISTIC's servers located in Singapore. We use such organisational, procedural and technical safeguards as we deem reasonably necessary to protect your privacy and to protect your personal data against loss, theft and unauthorised access, collection, use, disclosure, copying, modification or disposal. Such safeguards include but are not limited to the use of encryption, firewalls and Secure Socket Layer technology. We will also employ the appropriate security techniques to reasonably protect data against loss, theft, and unauthorized access, collection, use, disclosure, copying, modification or disposal by users inside and outside SISTIC.
7.3 SISTIC protects the personal data it collects in a secure database with important data being encrypted, and the database servers are hosted in a protected data centre. SISTIC employees are required, as a condition of their employment, to treat personal data held by SISTIC as confidential, and to maintain the confidentiality of that personal data.
7.4 As "perfect security" does not exist, SISTIC does not represent or warrant that there will not be, and hereby disclaims any responsibility or liability directly or indirectly arising out of or in connection with, any loss, theft, or unauthorised access, collection, use, disclosure, copying, modification, disposal or similar actions with regard to any data held or maintained by us.
7.5 You are advised to contact the relevant Provider and/or Venue Host if you wish to find out how it stores your personal data. If you wish to obtain the contact particulars of the Provider or Venue Host, you may call our hotline at +65 6348 5555.
8. Records retention
8.1 Your personal data is not kept for longer than is necessary for the purposes for which it is collected, or where permitted by applicable law, no longer necessary for legal purposes or the purposes of our normal business operations. This means that data and records (including personal data) are destroyed or erased from our systems when no longer required. The amount of time that records are kept for varies depending upon the type of personal data they contain.
9. Accessing and Updating your Data
9.1 Applicable data privacy laws give rights to individuals in respect of personal data that organisations hold about them. If you wish to access, correct, update, delete, limit or object to the processing of or otherwise change or remove any personal data that you provide for SISTIC’s use, please contact us at: our hotline +65 6348 5555 for assistance. You will also be able to change it directly after logging in under "My Account" at www.sistic.com.sg.
9.2 You may also request to receive a copy of any personal data that you have provided to SISTIC for SISTIC’s use, and to transmit such personal data to another organisation of your choosing, where such personal data is processed by SISTIC by automated means, and is based on your consent, or on a contract to which you are a party.
9.3 We will consider and respond to all requests under this Section 9 in accordance with applicable law.
11. Contact SISTIC
11.2 You may also contact the Personal Data Protection Commission of Singapore via their website at https://www.pdpc.gov.sg, or if you are in the UK or the EU, you may contact your local supervisory authority for data protection, to lodge a complaint on personal data protection concerns.