General overview of the processing of personal data
A. Who we are:
We are Rodeo World Ltd. (“Rodeo”), a business registered in England and Wales. We operate the Website www.rodeoworld.es and all of the webpages, subdomains, country level domain variants and subparts of those Websites (collectively, our “Websites”) as well as our free applications (the “Apps”). Rodeo is a marketing services platform that drives users to consume offline entertainment by providing curated events based on its proprietary analytics of consumer data. Rodeo is able to drive traffic and provide an avenue for spontaneous discovery for event organizers (the “Services”).
Our Services are available for users located in the United States of America, European Union, as well as other geographical areas.
We value your privacy and want to be accountable and fair to you as well as transparent with you in the way that we collect and use your personal information. Our overall aim is to ensure that our collection and use of personal information is appropriate to the provision of the Services to you, and is in accordance with applicable data protection laws. We also want you to know your rights in relation to your information which you can find here, in section 11 .
Who we are
The personal information we collect about you
How we store and use your personal information
How we share your personal information and who we share it with
Personal data from third data subjects
Third party sites
Complaints, questions and suggestions
E. Your rights to object:
You have various rights in respect of our use of your personal information as set out in section 11 . Two of the fundamental rights to be aware of are that you may: ask us to stop using your personal information for direct marketing purposes. If you exercise this right, we will stop using your personal information for this purpose; and ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our legitimate interest. You can find out more information in section 11 .
F. What you need to do and your confirmation to us:
DETAIL ABOUT THE PROCESSING OF PERSONAL DATA
We are Rodeo World Ltd. (“Rodeo”), a business registered in England and Wales. We operate the Website www.rodeoworld.es and all of the webpages, subdomains, country level domain variants and subparts of those Websites (collectively, our “Websites”) as well as our free applications (the “Apps”). Rodeo is a marketing services platform that drives users to consume offline entertainment by providing curated events based on its proprietary analytics of consumer data.
We do not and will not knowingly collect information from any unsupervised child under the age of 13. If you are under the age of 13, you may not use the Services unless your parent/s or guardian has provided us with their consent for your use of the Services.
For all users we collect personal data when you voluntarily provide such information to the Services, including but not limited to, when you register for access to the Services, purchase a ticket without registering through our Websites and/or Apps, contact us with inquiries, respond to one of our surveys or browse or use certain parts of the Services. The personal data we may collect includes without limitation your name, address, email address and other information that enables users to be personally identified. Rodeo may also ask, for those cases where a user decides to create its own event, information regarding business name, VAT number, or business address, among others, that may also constitute personal data.
Rodeo also automatically collects certain technical data that is sent to us from the computer, mobile device and/or browser through which you access the Services. Such data, includes without limitation, a unique identifier associated with your access device and/or browser (including, for example, your Internet Protocol (IP) address) characteristics about your access device and/or browser, statistics on your activities on the Services, information about how you came to the Services and data collected through Cookies, Pixel Tags, Local Shared Objects, Web Storage and other similar technologies.
3.1 Information that you share with us
When you make an account and log in to access and browse the Services, we collect the following information from you:
your e-mail address;
if provided by you, your location;
if provided by you, your date of birth;
if provided by you, your gender;
any e-mail communications, including attachments, which you send to us;
where you are purchasing tickets, your payment information including billing address; bank account and payment card details and information about the transactions such as the tickets purchased;
profile data including your username and password for registering an account, your profile avatar, purchases or orders made by you, you interests and preferences;
your preferences in receiving marketing from us and our third parties and your communication preferences;
your social media information when you are logging in with your credentials of your social media such as Facebook or Google (please read carefully the privacy policies of those social media, in order to have a better understanding of the personal data they are providing to Rodeo and in the section called “Third parties or publicly available sources”) ; and
mobile SDKs to passively collect information (collectively, “SDK Information”), which generally helps us deliver personalized notifications. This data may also be used to identify you in a unique manner across other devices or browsers for the purposes of customizing ads or content. Depending on the permissions granted, this information may include personal data, including your e-mail address. This information may also include precise location (i.e. GPS-level data) or WiFi information, apps you have installed and enabled, and your mobile identifier (e.g., Android Advertising ID, IMEI).
In particular, as an event organizer we will collect additional personal data from you: we may collect personal data (e.g. your credit card number and expiration date, billing address, principals/beneficial owners of the entity you represent (if any), Tax Identification Numbers, date of birth, passport or driver’s license number, copies of government identification documents and other personal information etc.), to secure certain payments and to verify the existence of the organizer. In addition, if you use our payment processing services, we will collect financial information from you (e.g. your bank account information or an address to send checks) as necessary to facilitate payments and information required for tax purposes (e.g. your taxpayer identification number).
3.2 Information from your online interactions
We collect the following information from your interaction with the Services:
how you access our Services and the devices that you use to access our Services. This includes collecting unique online identifiers such as IP address and your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Services;
information about how you use the Services, including but not limited to your sign-in and sign-out and browsing information;
any e-mail communications, including attachments, which you send to us.
3.3 Third parties or publicly available sources
We may receive personal information about you from various third parties as set out below:
if you log into the Services through a third-party account such as Facebook or Google, we will collect certain information relating to your account with those third parties (including your name, profile image, age group, gender and other information available on your public profile), your date of birth and your e-mail address. You can manage the information data which is shared by such third parties with us by amending your preferences through using the privacy settings which these third parties provide on their platforms;
technical data from the following parties:
analytics providers based inside and outside the EU, such as Adobe Analytics and Google Analytics;
advertising networks based inside and outside the EU, such as Facebook Audience Network and FreeWheel; and
search information providers, based in the EU, such as Adobe Audience Manager.
For further information about how each of these parties collect and use your data, please see the ‘Third-Party advertising companies section below;
contact, financial and transaction data from providers of technical, payment and delivery services (e.g. your bank, our payment processing partners and credit reporting agencies);
identity and contact data from data brokers, aggregators and publicly availably sources; and
third parties that provide certain services to us within the Services, for example, facilitating and administering user feedback forms, newsletter subscriptions and competitions
We store and use your personal information for the following reasons:
it is necessary in order for us to fulfil a contract that we have with you;
it is required in our legitimate interests;
it is required in order for us to comply with our legal obligations; or
it is permitted because you have provided your consent to us.
Where we need to collect personal information by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (in this case, to provide you with the Services). In this case, we may have to cancel the Services but we will notify you if this is the case at the time.
4.1 Necessary for us to fulfil our contract with you
making the Services available to you;
providing any Services that you request;
administering the Services;
where you are purchasing tickets in the Websites or the Apps, process your payment (including but not limited to using third party service providers to process such payment);
provide personalised recommendations and content within the Services by collecting data about you in order to build a profile of your preferences based on your activity when you use the Services. The Services cannot be provided to you without this profiling. If you wish to object to this profiling, we will not be able to provide the Services to you and you should not use or access the Services; and
If you have entered into a competition on the Services, then, pursuant to the competition terms and conditions provided to you at the time of entry, we will use your contact details (such as e-mail address or postal address) to administer your entry and inform you if you have won a prize.
4.2 Our legitimate interests
Sometimes, our use of your personal information is for purposes which are ancillary to the provision of the Services. In those circumstances, we believe we have a legitimate interest in handling your personal information, and believe that the benefits of this storage and use of your personal information will outweigh any potential impact on you and not unduly prejudice your rights or freedoms. The relevant circumstances are:
detecting and preventing fraud;
keeping our Services and IT systems secure;
ensuring that our own processes, procedures and systems are as efficient as possible;
analysing and enhancing the information that we collect;
analysing your use of the Services to improve them, including but not limited to our content, features, scheduling and technology and events;
determining the effectiveness of our promotional campaigns and advertising;
to use IP addresses and device identifiers to identify the location of users and block any unauthorised users;
deal with your enquiries and requests (for example if you were to call user assistance phone number to ask for help and assistance then we would need to process your contact details);
[if you have paid for tickets, for marketing purposes, we may contact you by email with events and Services which we think may interest you (for more information, please see the ‘Marketing’ section below);]
suggest similar events to you that you may be interested in and to understand which events appeal to our users; and
where you have opted out of our marketing or objected to receiving e-mails from us, then we need to keep records of your preferences to ensure that we do not contact you if you have asked us not to.
If we rely on our (or another person’s) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person’s) legitimate interests are not outweighed by your interests or fundamental rights and freedoms which require protection of the personal information. You can ask us for information on this balancing test by using the contact details at section 14.
4.3 When you have provided consent to us
Where you have given us your consent, we will contact you by e-mail and/or text message with events and Services which we think may interest you. For more information, please see the ‘Marketing’ section below.
If we rely on your consent for us to use your personal information in a particular way, but you later change your mind, you may withdraw your consent by contacting our Data Protection Officer.
4.4 For legal reasons
We will use your personal information in order to comply with our legal obligations. These obligations include:
us complying with our legal obligations; and
if we are asked by regulatory bodies or law enforcement agencies to share your personal information with them.
4.5 Anonymous data
We collect anonymised details about visitors to our website for the purposes of aggregate statistics or reporting purposes. However, no single individual will be identifiable from the anonymised details we collect for these purposes.
Marketing from us
We may use your name, contact details, and the data on the Services used by you to decide which events, services and offers may be relevant for you.
You will receive marketing communications from us if you have requested information from us or purchased a ticket in our Websites or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out from receiving that marketing.
Rodeo will also send mobile integrated push notifications, in accordance with your marketing preferences, for advertising and marketing the Services, themselves or events on the Services. Such push notifications may also include information on upcoming events that the user may have signed up to, advising of the upcoming start time, venue, or any changes that may concern such event. These notifications can be turned off through the mobile device notification settings or by using the means set out in the section Opting Out.
If you connect your Facebook account or sign up for other social media integrations whose product features include social notifications (i.e., updates on what your friends are doing on the Services), you will receive these social notifications. You can manage these social notifications by toggling your social settings to private or disconnecting such integration.
We will get your express opt-in consent before we share your personal information with any company outside our group of companies for marketing purposes. Please note that we will only share your personal data (limited to name, surname and e-mail address) in those events that are organized by Rodeo with a main sponsor. Such sponsor would be perfectly identified in the event you will decide to join and/or to participate. Please note that the sponsor may gather your consent afterwards for any processing of personal data, in addition to the sending of marketing communications by electronic means around its products and/or services. Please read carefully any clause and/or privacy notices provided by the sponsor before granting additional personal data and/or your consent.
We want to provide you with choices regarding certain personal information uses, particularly around marketing and advertising (including the sending of marketing messages). You can change your choices at any time by logging into the Websites or the Apps and checking or unchecking relevant boxes to adjust your marketing preferences. For such purpose, we have established a preferences centre where you can view and make certain decisions about your personal information use and where personal information control mechanisms are available by following the opt-out links on any marketing message sent to you or by contacting us at any time or by emailing our Data Protection Officer at email@example.com.
Where you opt out of receiving these marketing messages, this will not apply to personal information provided to us as a result of the Services. Therefore, you will continue to receive essential messages about the functionality and/or administration of our Services (for example, as mentioned above, where we need to send you a password reminder, to notify you about Services updates or amendments to legal terms).
4.7 Third-party advertising companies
We want to make sure that our advertising and marketing is relevant and interesting to you and our other users. To achieve this, we use third-party advertising and technology companies to serve ads and/or provide aggregated data to assist in serving ads when you visit or use our Services. This includes third party technology companies which collect data about you in order to build a profile of your preferences based on your activities when you visit or use our Services. We also use these companies to automatically collect data from you when you use our Services in order to help us identify the ads that are served to you and what you do after seeing those ads. In addition, we also share data with providers of web analytics tools, such as Google Analytics, to which we use to analyse your use of the Services.
In some cases these third parties will also use the data that they collect for their own purposes, for example they may: aggregate your data with other data they hold and use this to inform advertising related services provided to other clients; and work with other advertising companies and share your personal information with such companies as part of the process.
We might also share your data with social media or other similar platforms, so that you and other people can see relevant content on that platform. For example, we may use the Facebook Custom Audiences service and share your email address in a protected format with Facebook so that we can: include you in a custom audience that we will serve relevant advertising content to on Facebook; or create an audience of other Facebook users based on the information in your Facebook profile. You can opt-out from by emailing our contact email or Preferences & Legal section in your account.
We disclose information under the following circumstances:
Third-party service providers: When we share information with third-party service companies to facilitate or to provide certain services on our behalf. This will include:
IT infrastructure companies that facilitate our provision of the Services to you;
IT support service providers; and
other third-party service providers, for the purpose of providing or tracking our users’ use of the Services (including but not limited to payment processors).
These companies are authorised to use your personal information only as necessary to provide these Services to us.
Merger or acquisition: When we need to transfer information about you if we are acquired by or merged with another company. If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified afterwards via e-mail and/or a prominent notice on our Services of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Event organizers: when you purchase tickets to, register for or donate to an event through the event page, or through a related fundraising page on the Services, we provide the personal data entered on the applicable event or related fundraising page to the organizers of such event or related fundraising page. In some instances, an organizer may appoint a third party, which may or may not be affiliated with the organizer, to create an event or fundraising page on its behalf (we call these third parties “Third Party Organizers”). For example, and without limitation, a concert venue (the organizer, in this case) may allow third party promoters or production companies (the Third Party Organizers) to create events that will be hosted at the organizer’s venue using its Rodeo account. In that case, we may provide your personal data associated with the event to both to the organizer, and its appointed Third Party Organizer that created the event. You agree that we are not responsible for the actions of these organizers, or their Third Party Organizers, with respect to your personal data. It is important that you review the applicable policies of the organizers, and if applicable and available, their appointed Third Party Organizers, of an event (and the related fundraising page, if applicable) before providing personal data or other information in connection with that event or related fundraising page. Rodeo will not share with an organizer any payment data. For the purposes of this section, payment data means any full credit card number or other full payment account number and the related expiration date and security code entered by a user of the Services in order to purchase a ticket or registration, make a donation or purchase merchandise related to events, so long as such information is entered in the fields on the order payment page or on the payment methods tab in the Apps settings. Note that if you enter such information in other areas of the Services or otherwise provide it to another user, it may not be encrypted and may be automatically shared with the applicable organizer, so you should enter such information only in the order payment page or on the payment methods tab in the Apps settings
Other Rodeo users: from the very nature of Rodeo, personal data of users would be available to other users participating, for example, in an event.
As a general rule, if you are a user resident in the EU, please note that Rodeo will store your personal data in the EU.
When transferring personal information outside the EEA, we will:
include the standard contractual data protection clauses approved by the European Commission for transferring personal information outside the EEA into our contracts with those third parties (these are the clauses approved under Article 46.2 of the General Data Protection Regulation (“GDPR”); or
ensure that the country in which your personal information will be handled has been deemed “adequate” by the European Commission under Article 45 of the GDPR; or
(where appropriate when we are transferring your personal information to a recipient in the US) ensure that the recipient is part of the Privacy Shield which requires them to provide similar protection to any personal information shared between Europe and the US.
You can find out further information about the rules on data transfers outside the EEA, including the mechanisms that we rely upon, on the European Commission website here
Please also note that when you are purchasing tickets or enrolling into an event, such event may be organized by another user or entity located outside the EEA. By enrolling you in such event or purchasing the relevant tickets you expressly consent to the transfer of your personal data to the organizer for the purpose of managing your participation in the relevant event.
Please also note that you are entitled to request a copy of the standard contractual clauses to Rodeo, by contacting the DPO at firstname.lastname@example.org.
Technologies such as cookies, beacons, tags and scripts are used by us and our partners, affiliates, or analytics or service providers. These technologies are used in analysing trends, administering the Services, tracking users’ movements around the Services and to gather demographic information about our user base as a whole. We receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
Whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, no transmission over the Internet can ever be guaranteed secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer over the Internet to us.
We are committed to protecting your personal information using appropriate technical and operational measures such as access controls that restrict and manage the ways in which your personal information is stored and handled.
We may delete your personal information (including any account that you set up to use on the Services) if you do not use the Services in two years.
In some circumstances, we may anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
You have certain rights in relation to your personal information. If you would like further information in relation to these or would like to exercise any of them, please contact our Data Protection Officer at email@example.com at any time. You have the right to request that we:
provide access to any personal information we hold about you;
update any of your personal information which is out of date or incorrect;
delete any personal information which we are holding about you;
restrict the way that we process your personal information;
prevent the processing of your personal information for direct-marketing purposes;
provide your personal information to a third party provider of services;
provide you with a copy of any personal information which we hold about you; or
consider any valid objections which you have to our use of your personal information.
We will consider all such requests and provide our response within a reasonable period (and in any event within any time period required by applicable law). Please note, however, that certain personal information may be exempt from such requests in certain circumstances.
If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.
If we delete any personal information which we are holding about you, this deletion may only relate to the Services and not any other service provided by us in other jurisdictions. You should make requests for each account that you may have set up to access the Services or any other service provided by us.
We have a Data Protection Officer that can assist with all queries regarding our processing of personal information.
If you have any complaints about our Services, please contact us at:
In the EEA, you may also make a complaint to our supervisory body for data protection matters or seek a remedy through local courts if you believe your rights have been breached.
You have the right to lodge a complaint with local data protection authorities in the EEA if you believe we have not complied with applicable data protection laws. The local authority differs depending on the country. Please see the Annex for your local data protection authority.
We are not in the business of selling your personal data. We consider this information to be a vital part of our relationship with you. Therefore, we will not sell your personal data to third parties, including third party advertisers. There are, however, certain circumstances in which we may disclose, transfer or share your personal data with certain third parties without further notice to you, as set forth above.
List of data protection authorities (EEA countries)
You have the right to lodge a complaint with local data protection authorities in the EEA if you believe we have not complied with applicable data protection laws.
The local authority differs depending on the country. Please see below for details of the local data protection authorities in the EEA countries in which we operate.
Data protection authority
Commission Nationale de l’Informatique et des Libertés – CNIL 3 Place de Fontenoy – TSA 80715 75334 PARIS CEDEX 07 Tel. +33 1 53 73 22 22 Fax +33 1 53 73 22 00 Website: http://www.cnil.fr/
Agencia de Protección de Datos C/Jorge Juan, 6 28001 Madrid Tel. +34 91 266 35 17 Contact by e-mail: firstname.lastname@example.org Also: https://sedeagpd.gob.es/sede-electronica-web/
The Information Commissioner’s Office Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF Tel. +44 1625 545 745 e-mail: email@example.com Website: https://ico.org.uk
Comissão Nacional de Protecção de Dados
Rua de São Bento n.º 148-3º 1200-821 Lisboa
Tel +351 213928400