Privacy Policy

PRIVACY POLICY

This Privacy Policy discloses the privacy practices for the Katherine regional Arts (“KRA”) website located at www.katherineregionalarts.org.au (the “Web Site”), and any services offered through the Web Site or sites (including Apple’s iTunes store & Google’s YouTube) (collectively, the “Services”). The Web Site is owned and operated by Katherine Regional Arts Inc. (“Katherine Regional Arts Inc.,” “KRA”, “we,” “us,” or “our”). This Privacy Policy sets out the basis on which information which identifies you or is associated with you (“Personal Information”) is collected from you and how it will be used by us. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it.

When you submit your Personal Information on or through the Web Site, you are giving your consent to the collection, use and disclosure of your Personal Information as set forth in this Privacy Policy. We may share information among our subsidiaries or sites that we own or control, but such sharing of information is always governed under the terms of this Privacy Policy.

Personal Information

We collect information from you when you voluntarily submit information to the Web Site. The following are examples of Personal Information that we may collect from you:

Examples of information we collect may include:

first name, last name

e-mail address(es)

company name

financial information such as payment details and your transactional history with us.

We may collect Personal Information directly from you in the following circumstances:

When you fill in and submit forms on the Web Site, including forms submitted at the time of subscribing to use the Web Site or any of the Services, posting content, reporting a problem with the Web Site or requesting customer service from us.

When you contact us via online submission, telephone, electronic mail or regular mail, we may keep a record of that correspondence.

When you engage in any transactions through the Web Site or for Services and submit information for the fulfilment of anything you order or subscribe to through the Web Site or the Services.

Your Personal Information will not be distributed or shared with third parties unless it is to transact such Services as you have contracted us to do or to comply with any legal processes and/or law enforcement requests. We may also use your Personal Information for the marketing and/or promotion of our products or services. We may outsource all of these tasks to third parties. If you have received an email from us, and you wish to no longer receive emails, please click the unsubscribe link found at the bottom of the email.

Non-Personal Information
Except as disclosed above, we do not collect Personal Information about visitors to this site or our customers who use this site. We do routinely gather data on Web Site activity, such as how many people visit the site, the pages they visit, where they come from, how long they stay on the site, etc. The data is collected on an aggregate, anonymous basis, which means that no Personal Information is associated with the data. This data helps us improve site content and overall usage. The information is not shared with other organisations for their independent use.

Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioural advertising services) that you do not wish such operators to track certain of your online activities over time and/or across different websites. Our Services do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Services and after you leave our Services.

We may contract with companies or individuals to provide certain services including email and hosting services, credit card processing, data management, surveys and marketing, promotional services, etc. We refer to them as our Service Providers. We may share Personal Information with Service Providers as appropriate for them to perform their functions and in accordance with this Privacy Policy and other confidentiality measures, where appropriate.

Web logs
We maintain standard Web logs that record data about all visitors and customers who use the Web Site and we store this information for a while. These logs may contain the Internet domain from which you access the site (such as xyz.com, abc.org, etc.); the IP address which is automatically assigned to your computer when you get on the Internet (a static IP address may be identifiable as being connected to you, while a dynamic address is usually not identifiable); the type of browser and operating system you use; the date and time you visited the site; the pages you viewed on the site; the address of the web site you linked from, if any. If you sign on to this web site to use its secured features, our Web logs will also contain an individual identifier and show the services you have accessed.

All Web logs are stored securely, and may only be accessed by our staff on a need-to-know basis for a specific purpose to use web log information to help us design our site, to identify popular features, to resolve user, hardware, and software problems, and to make the Web Site more useful to visitors.

Internet Cookies
We may place Internet “cookies” on the computer hard drives of visitors to the Web Site. Information we obtain from cookies helps us to tailor our site to be more helpful and efficient for our visitors. The cookie consists of a unique identifier that does not contain information about you.

You may have software on your computer that will allow you to decline or deactivate Internet cookies, but if you do so, some features of this site may not work properly for you. For instructions on how to remove cookies from your hard drive, go to your browser’s web site for detailed instructions. In addition, further information regarding cookies may be available on other web sites or from your Internet service provider. Firefox and Google Chrome are two common browsers.

E-mails
We may use a third-party vendor to help us manage some of our e-mail communications with you. While we do supply this vendor with e-mail addresses of those we wish them to contact, your e-mail address is never used for any purpose other than to communicate with you on our behalf. When you click on a link in an email, you may temporarily be redirected through one of the vendor’s servers (although this process will be invisible to you) which will register that you’ve clicked on that link, and have visited the Web Site. We never share any information, other than your e-mail address, with our third-party e-mail vendor, which does not share these e-mail addresses with anyone else.

Even if you have given us permission to send e-mails to you, you may revoke that permission at any time by following the “unsubscribe” information at the bottom of the e-mail.

Disclosure of Personal Information:

We may disclose your personal information to any member of our group, which means our subsidiaries, agents, officers, directors and contractors of the foregoing entities. These companies will only use your personal information in the same way as we can under this Privacy Policy.

We may disclose personal information to any person performing audit, legal, operational, or other services for us. We will use information which does not identify the individual for these activities whenever feasible. Information disclosed to vendors or contractors for operational purposes may not be re-disclosed to others by such a vendor or contractor.

We may disclose your personal information to third parties:

In the event that we sell or buy or transfer any business or assets (in part or whole), in which case we may disclose your personal information to the prospective seller, buyer or recipient of such business or assets.

In order to respond to a subpoena, court order or other legal duty or obligation (including without limitations requests or demands from law enforcement and government authorities and regulators).

In order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person or to prevent financial loss to any person or entity, including Katherine Regional Arts Inc., its customers, clients, and other parties.

In order to enforce or apply our Terms and Conditions and other agreements.

Third Party Payment Processors
We use a third party payment processor to process payments made to us. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to our third party processor, Stripe, whose use of your personal information is governed by their privacy policy, which may be viewed at https://stripe.com/au/privacy.

Third Party Web Sites
We may collect data from third party web sites (“Third Party Sites”). The use of personal data of users from Third Party Sites is restricted to necessary operations of our business and is used by staff on a need-to-know basis. The use of any data derived from Third Party Sites will be utilised in accordance with Third Party Sites terms of services as outlined on such Third Party Site pages.

Opt out
If a user makes a request to receive information in an ongoing manner through this Web Site by providing their e-mail address (for example, requesting a subscription to one of our online publications), we may send you emails for the marketing and/or promotion of our products or services. If you have received an email from us, and you wish to no longer receive emails, please click the unsubscribe link found at the bottom of the email.

Site Security
Please note that data that is transported over an open network, such as the Internet or e-mail, may be accessible to anybody. We cannot guarantee the confidentiality of any communication or material transmitted via such open networks. When disclosing any Personal Information via an open network, you should remain mindful of the fact that it is potentially accessible to others, and consequently, can be collected and used by others without your consent. Your data may be lost during transmission or may be accessed by unauthorised parties. We do not accept any liability for direct or indirect losses as regards the security of your Personal Information or data during its transfer via Internet. Please use other means of communication if you think this is necessary or prudent for security reasons.

For network security purposes and to ensure that the Web Site remains available to all users, we employ commercial software programs to monitor network traffic and attempt to identify unauthorised attempts to upload or change information, or otherwise cause damage. All payment information is transmitted via Secure Socket Layer (SSL) technology, encrypted into our payment gateway, and accessible only by those authorised with special access rights to such systems who are required to keep the information confidential.

Password-protected areas of the Web Site can be accessed only with a valid user name and password. Each password owner is responsible for keeping the password confidential and safe, as we have no control or responsibility for this type of user information. If the password may have been stolen or might otherwise be misused, it is the responsibility of the password owner to notify us immediately for further action.

International Users

If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.

For this section, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Company will be the controller of your Personal Data processed in connection with the Services.

Where applicable, this section is intended to supplement, and not replace, this Privacy Policy. If there are any conflicts between this section and any other provision of this Privacy Policy, the policy or portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this section or whether any of the following applies to you, please contact us at privacy@katherineregionalarts.org.au

What Personal Data Do We Collect From You?

We collect Personal Data about you when you provide such information directly to us or when Personal Data about you is automatically collected in connection with your use of our Services.

Information we collect directly from you

We receive Personal Data directly from you when you provide us with such Personal Data, including without limitation the following:

First and last name

Email address

Company name

Credit/debit card information

Information we automatically collect when you use our Services

Some Personal Data is automatically collected when you use our Services, such as the following:

IP address

Device identifiers

Web browser information

Page view statistics

Browsing history

Usage information

Transaction information (e.g. transaction amount, date and time such transaction occurred)

Cookies and other tracking technologies (e.g. web beacons, pixel tags, SDKs, etc.)

Log data (e.g. access times, hardware and software information)

Comments

Media

How Do We Use Your Personal Data?

We process Personal Data to operate, improve, understand and personalise our Services. For example, we use Personal Data to:

Create and manage user profiles

Communicate with you about the Services

Process orders

Contact you about Service announcements, updates or offers

Provide support and assistance for the Services

Personalise website content and communications based on your preferences

Meet contract or legal obligations

Respond to user inquiries

Fulfil user requests

Comply with our legal or contractual obligations

Resolve disputes

Protect against or deter fraudulent, illegal or harmful actions

Enforce our Terms and Conditions

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.

Contractual Necessity: We process your first and last name, email address, location and credit/debit card information as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.

Legitimate Interest: We also process the Personal Data above when we believe it furthers our legitimate interests, examples of which include:

Operation and improvement of our business, products and services

Marketing of our products and services

Provision of customer support

Protection from fraud or security threats

Compliance with legal obligations

Completion of corporate transactions

Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.

Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

How and With Whom Do We Share Your Data?

We share Personal Data with vendors, third party service providers and agents who work on our behalf and provide us with services related to the purposes described in this Privacy Policy or our Terms of Service. These parties include:

Payment processors

Fraud prevention service providers

Analytics service providers

Hosting service providers

We also share Personal Data when necessary to complete a transaction initiated or authorised by you or provide you with a product or service you have requested, including to other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorised by you through the Services)

We also share Personal Data when we believe it is necessary to:

Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies

Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud

Maintain the security of our products and services

We also share information with third parties when you give us consent to do so.

Furthermore, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.

How Long Do We Retain Your Personal Data?

We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalised or aggregated form but not in a way that would identify you personally.

What Security Measures Do We Use?

We seek to protect Personal Data using appropriate technical and organisational measures based on the type of Personal Data and applicable processing activity, including by using data hosting service providers to host the information we collect.

Personal Data of Children

We do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at privacy@katherineregionalarts.org.au

What Rights Do You Have Regarding Your Personal Data?

You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email privacy@katherineregionalarts.org.au Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardises the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by accessing your account profile.

Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by accessing your account profile.

Erasure: You can request that we erase some or all of your Personal Data from our systems.

Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilise some or all of our Services.

Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.

Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.

Restriction of Processing: You can ask us to restrict further processing of your Personal Data.

Right to File Complaint: You have the right to lodge a complaint about Company’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.

Transfers of Personal Data

The Services are hosted and operated in Australia (“AU”) through Company and its service providers, and if you do not reside in AU, laws in AU may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Company in AU and will be hosted on AU servers, and you authorise Company to transfer, store and process your information to and in AU, and possibly other countries.

Disclaimer

The Web Site operates “AS-IS” and “AS-AVAILABLE,” without warranties of any other kind. We are not responsible for events beyond our direct control. This Privacy Policy is governed by the laws of Australia, excluding conflicts of law principles. Any legal actions against us must be commenced in the Northern Territory of Australia.

Changes to our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page.

We reserve the right, at our discretion, to change, modify, add or remove portions of this Privacy Policy at any time. If we change any portions of this Privacy Policy, the changes will be updated on this Privacy Policy page and users should periodically review our Privacy Policy page for any such changes. Please further note, depending on a user’s particular interaction with us, different portions of this policy may apply to users at different times.

Questions, Complaints, and Contacts

If you have any questions about this Privacy Statement, our policies and practices concerning this site, your rights under this statement, and your dealings with this web site, you can contact us by sending a message to privacy@katherineregionalarts.org.au