Privacy Policy
We are staunchly committed to protecting and meticulously safeguarding all personal data provided by our website visitors and service users, implementing robust and comprehensive security measures throughout our services and operations.
This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for maintaining comprehensive oversight of how your personal information is collected, used, and protected throughout our systems.
We may process usage data (“usage data”), which comprehensively includes browser type and version, operating system details, page view timestamps, referral sources, length of site visits, and interaction patterns. This information is collected through automated logging systems, cookies, and analytics tools and may include performance metrics, feature utilization statistics, and user navigation patterns. The source of this data is our analytics software and server logs. We process this information for several important purposes, including improving website performance, enhancing user experience, analyzing trends, and optimizing content delivery, which enables us to provide better services, personalize user experiences, and maintain system security. The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.
We may process account data (“account data”), which comprehensively includes your name, email address, telephone number, billing address, and account settings preferences. This information is collected through registration forms, account creation processes, and direct user input and may include subscription preferences, communication preferences, and account security settings. The source of this data is your direct input during account creation and management. We process this information for account administration, service provision, communication purposes, and billing management, which enables us to maintain your account, process transactions, and provide customer support. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may process profile data (“profile data”), which comprehensively includes your username, profile picture, biographical information, preferences, and activity history. This information is collected through profile creation forms, user preferences settings, and activity tracking and may include interests, favorites, and interaction history. The source of this data is your direct input and automated activity tracking. We process this information for personalization, community features, content recommendations, and service optimization, which enables us to provide personalized experiences, facilitate user interactions, and improve our services. The legal basis for this processing is our legitimate interests in operating and improving our platform services.
Your Rights
Right to Access: You have the right to request copies of your personal data that we hold. This includes the right to know what information we have collected and how it has been used. You can request detailed information about specific data categories, processing purposes, and third-party disclosures. To exercise this right, you can submit a formal request through our designated data request form or contact our privacy team directly. We will respond within 30 days and may require government-issued identification, proof of address, and account verification to confirm your identity.
Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. This ensures the accuracy and completeness of your personal information in our systems. You can submit corrections for basic profile information, update account details, or request modifications to any stored data. To exercise this right, you can use our account settings panel or submit a formal correction request. We will process your request within 15 days and may require account verification, supporting documentation, and specific details about the information to be corrected.
Right to Erasure: You have the right to request the deletion of your personal data under certain circumstances. This right, also known as the ‘right to be forgotten,’ allows you to have your data removed from our systems when there is no compelling reason for continued processing. You can request deletion of specific data categories, complete account removal, or withdrawal of specific consents. To exercise this right, you must submit a formal deletion request and verify your identity. We will respond within 30 days and may require password confirmation, government ID, and written confirmation of the deletion request.
Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances. This includes the ability to temporarily pause data processing, limit processing to specific purposes, or challenge the accuracy of data being processed. You can specify processing limitations, contest data accuracy, or temporarily suspend certain data uses. To exercise this right, you can submit a processing restriction request through our privacy portal. We will respond within 15 days and may require account verification, specific processing details, and written confirmation of restrictions.
Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format. This ensures you can easily move, copy, or transfer your data between different services. You can request exports of specific data categories, transfer data directly to another provider, or receive a complete copy of your data. To exercise this right, you can initiate a data transfer request through our dedicated portal. We will respond within 30 days and may require identity verification, destination service details, and format preferences.Data Processing and Security Measures
We process Service Data which includes account details, profile information, and service preferences. This processing involves automated collection and analysis, enabling us to provide personalized theater experiences and event bookings. For example, in the context of theater operations, this includes seat preferences, show history, and special accommodations. The legal basis for this processing is legitimate business interests and contract fulfillment, specifically to deliver the theatrical services you’ve requested.
We process Technical Data which includes device information, IP addresses, and browsing patterns. This processing involves automated logging and analysis, enabling us to optimize website performance and security. For example, this includes tracking page load times and identifying potential technical issues. The legal basis for this processing is legitimate interests, specifically to maintain and improve our digital services.
We process Communication Data which includes email correspondence, chat logs, and customer service interactions. This processing involves storage and analysis of communications, enabling us to provide effective customer support and maintain service quality. This includes managing ticket inquiries and handling special requests. The legal basis for this processing is legitimate interests and contract fulfillment.
We process Transaction Data which includes payment information, purchase history, and billing details. This processing involves secure payment processing and record-keeping, enabling us to complete transactions and maintain financial records. This includes ticket purchases and merchandise sales. The legal basis for this processing is contract fulfillment and legal obligations.
We process Preference Data which includes marketing preferences, notification settings, and customization choices. This processing involves preference management and personalization, enabling us to deliver tailored experiences and relevant communications. This includes show recommendations and special offer notifications. The legal basis for this processing is consent and legitimate interests.
Security Measures
Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.
We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.
Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.
Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.
We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.
All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.
International Data Transfers
We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Privacy Shield certification, and Binding Corporate Rules. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies
International transfers are protected by GDPR standards, ISO 27001, and NIST frameworks, ensuring compliance with international data protection regulations. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures
Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees
Data Retention
We maintain specific retention periods for different data categories:
Account Information: 7 years after account closure to comply with legal requirements and handle potential disputes
Usage Data: 2 years to analyze long-term usage patterns and improve services
Transaction Records: 7 years to comply with tax and financial regulations
Communication History: 3 years to maintain service continuity and handle ongoing customer relations
Technical Logs: 1 year for security monitoring and system optimization
These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences
Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookie Policy for poststreettheatre-sf.com
Essential cookies serve fundamental functions for our theatre website operations. These cookies process authentication data, session information, and security tokens to maintain site functionality and user safety. In our theatre context, these cookies manage ticket purchase sessions, seat selection processes, and secure payment interactions.
Functional cookies enhance your theatre experience by remembering your performance preferences and viewing history. They process user-selected settings to enable personalized show recommendations, preferred seating sections, and venue-specific customizations.
Analytics cookies help us understand how visitors interact with our theatre website. They collect information about popular show times, booking patterns, and audience preferences. For example, they track which performances attract the most interest and how users navigate through our event calendar.
Performance cookies assess and improve our website operation by monitoring page load times during peak booking periods, identifying technical issues during ticket purchases, and optimizing content delivery for show announcements and promotions.
Cookie Management
You can control your cookie preferences through your browser settings, our website’s cookie consent banner, and your account preferences. We respect your right to modify these settings at any time.
GDPR Compliance
For our EU visitors, we maintain strict data protection standards including explicit consent mechanisms before cookie placement, minimal data collection, and transparent processing practices. We limit data storage to essential periods and provide clear information about how we use your information.
CCPA Compliance
California residents enjoy specific rights regarding their personal information. You may request details about collected data, ask for data deletion, opt-out of information sales, and exercise these rights without discrimination. We ensure equal service quality regardless of privacy choices.
COPPA Compliance
We take special precautions regarding young theatre-goers under 13. This includes age verification for online ticket purchases, parental consent requirements for data collection, and restricted information gathering from young users. Parents maintain access rights to their children’s data.
Updates and Changes
We regularly review and update our cookie practices to maintain compliance and enhance user privacy. You’ll receive notifications about significant changes, and we’ll request renewed consent when necessary. All updates are documented and monitored for ongoing compliance.
Contact Information
For privacy-related inquiries, please reach out through our dedicated privacy support channel. We respond to all privacy concerns, data requests, and rights exercises within 48 hours. Identity verification is required for data-related requests to ensure information security.
This policy was created specifically for poststreettheatre-sf.com and covers all associated services within the theatre industry.