Last updated: June 2021
Escape Show LLC. (the “Company” or “We” or “Our”) appreciates and respects privacy and seeks to deliver the services you are purchasing (the “Services”) with the maximum degree of privacy without impairing functionality. We have taken various steps that are in-line different privacy regimes (amongst others with the General Data Privacy Regulation (the “GDPR”)), and the concept of privacy by design is key to how we the incorporation of privacy is integral to our Services.
This policy explains what personal information is collected by us when you enter and use our Site and purchase the Services, why we collect the information we do and how we use it to support a safer internet.
In general, we collect personal information directly from you. We request only personal information about you (“Purchaser”) and about other participants in the Services (“Participants”) that is required and relevant in order for us to provide you with the Services. We use Participant personal information for the specific purpose for which you provided it to us, and process all personal information provided by you whether with regard to yourself or the Participants it in a lawful and transparent manner. We do not pass your personal information onto any third parties except as set forth herein, and we take every reasonable step to ensure that your rights are met – for more information on your rights you can go directly here. [Add link to Your Rights]
Any capitalized terms not defined herein shall be as set forth in the Terms of Use. [Add link to Terms of Use]
PLEASE READ THIS PRIVACY POLICY CAREFULLY. IF YOU DO NOT WISH FOR THE INFORMATION TO BE USED AS SET FORTH HEREIN, PLEASE DO NOT ACCESS THE SITE OR USE THE SERVICE.
What information we collect
Under the GDPR, we are classified as the Controller of the personal data you provide us with. We collect the following types of personal data from you:
When registering for an account, for identification and authentication of your account we collect the following information after which you will be a “Registered User”:
Telephone Number
PasswordYou may also provide us with personal information regarding Participants. When you provide us with such information and content that you post or otherwise make available through the Site (“User Generated Content”), the Company is the processor, and you are the controller under the GDPR.
We keep records of our processing activities, including with regard transfers of your personal data to third countries. Currently the processors we use are [Insert hosting and cloud].
In addition, we may have a Chat application, which is subject to the term and condition of the Chat provider and our terms as set forth herein.
When you use the Services, we may automatically collect and store certain information about your interaction in server logs that include personal information, which we may maintain for up to 365 days. This may include details of how you are using our Services; Internet protocol address; device event information such as crashes, system activity, hardware settings, browser type, standard HTTP request headers, including but not limited to user agent, referral URL, language preference, date and time, and cookies that may uniquely identify your browser or your Site’s account.
We and our partners use various technologies to collect and store information when you visit the Site, and this may include sending one or more cookies or randomly generated identifiers to your device. For more information on how we use cookies please see our Cookies Policy [Link to Cookies Policy when applicable].
Providing your personal data is not compulsory.
Providing Participant personal information is never compulsory. You can always decide whether or not to provide Participant personal data. However, the provision of Participant personal information and other User Generated content enhances the experience of the Services. When we ask for the input of personal information, we will indicate which data are necessary to make use of the service and therefore must be provided, and which data can be provided optionally.
What do we do with this information?
Your e-mail is used first and foremost for authentication purposes. We use your personal data in order to recognize you and create a unique identifier for you to enable you to purchase the Services and amongst others as a Registered User you may return and use our services again.
We keep your User Generated Content and other personal information (“Confidential Information”) securely on our server and use the Confidential Information solely to the extent necessary for the purposes of providing you with the Services. We restrict disclosure of the Confidential Information to those of our employees, professional advisors and internal consultants who require access to such Confidential Information and who are directly responsible for the Services; and disclose the Confidential Information only to the extent it is strictly necessary for each of such employee, professional advisor and internal consultant to provide the Services Before making any disclosure of the Confidential Information to such employee, professional advisor or internal consultant, we make sure to enter with them into a confidentiality and nondisclosure agreement, consistent with the foregoing..
We may use your personal data for demographic and other analysis, and we may correspond with you using your e-mail and occasionally send you a newsletter.
The information we collect helps in understanding and improving the Services including carrying out analytics; in protecting and securing the Site; forwarding payments for processing; complying with
applicable laws and regulations; and other business-related purposes, managing records, and conducting legal, regulatory and internal investigations.
In the event of a merger, acquisition or asset sale we may disclose your personal information to the prospective seller or buyer.
When paying, we use Stripe, Z- Credit and PayPal payment processing. Stripe, Z- Credit and PayPal has their own privacy policy which can be found here. [Link to PayPal and your credit cards provider privacy policy]
The legal basis we rely on to process personal information.
In order to comply with applicable data protection and privacy laws including but not limited to the GDPR, we are required to set out the legal basis for the processing of your personal information.
For the purposes set out above, the legal basis for processing of your personal information and User Generated Content may be (i) consent, (ii) in order to perform our contract with you as set forth our Terms of Use, and (iii) for our legitimate interests.
Consent: When for example when we ask for your permission prior to providing information to third parties, when you proactively provide us with User Generated Content. You can choose whether to provide us with User Generated Content, and the nature of such User Generated Content. You are not required to provide us with User Generated Content.
Contract: In order to provide you with the Services in accordance with our contract with you;
Based on our legitimate interests. We determined our legitimate interest by taking into account the following:
The purpose for which the personal information is processed is to provide you with the Services requested.
We use your information in order to authenticate you, maintain and improve the quality of our Service and prevent abuse of our Services. We may use your information in ad campaigns on the Internet. We may use your information for analytics.
The necessity – the aforementioned processing is necessary in order to market, sell and provide you with the Services, in accordance with our business model.
Balancing test – we believe that we are using your personal information in a responsible way and are not overriding your reasonable rights. The User Generated Content is used only in the framework of the Services.
Third Party Person Information
As detailed above, you may choose to provide us with User Generated Content, in order to enhance the Services.
YOU ARE SPECIFICALLY PROHIBITED FROM UPLOADING UNAUTHORIZED PERSONAL DATA. “UNAUTHORIZED PERSONAL DATA” MEANS ANY PERSONAL
DATA WITH REGARD TO WHICH YOU DO NOT HAVE LAWFUL RIGHTS TO PROCESS. IN GENERAL, PERSONAL DATA WITH REGARD TO THIRD PARTIES WILL BE UNAUTHORIZED PERSONAL DATA UNLESS YOU HAVE SPECIFICALLY BEEN GRANTED RIGHTS BY THE APPLICABLE THIRD PARTY OR ON HIS/HER BEHALF. PERSONAL DATA MEANS ANY INFORMATION THAT CAN BE ASSOCIATED WITH A SPECIFIC PERSON, WHETHER AN E-MAIL ADDRESS, ID NUMBER, NAME AND SO ON.
How long do we keep it – our data retention policy
We retain your User Generated Content for up to 30 days after we provide the Services in which such information was used for.
We retain your other personal information (e.g. Registered User information) for a period of 3 years following your use of the Services.
After this period, your personal data will be irreversibly destroyed. Any personal data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive this information.
Information Security
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Third Party Services
We engage third party businesses to provide services to us or to you on our behalf, such as support for the internal operations of our Services (and related services), customer support, communications, data storage and delivering communications (including calendar notifications). In providing their services, they may access, receive, maintain or otherwise use personal information on our behalf. Our service providers only use your personal information in accordance with the relevant services and are not permitted to use your personal data for their own purposes. Where this is not the case you will be notified by us.
We also use third party tools to help us manage and analyze our social media presence, and report on comments, mentions and other content that is posted about us on social media sites and other public channels and forums. These third parties’ activities, and their information collection and sharing practices, are subject to the terms of the relevant social media site, channel or forum. We will use this information in accordance with this Privacy Policy.
We use a third party services such as Google Analytics, Facebook Pixel and Hotjar to collect standard internet log information and details of visitor behavior patterns. We do this to analyze and maximize the experience our users have in each part of the Services. This information is only used by us in a way which does not identify you.
What Are Your Rights?
You have certain rights in respect of your personal information, including the right to access, correct, restrict the processing of and object to processing of your personal information. You may also have a right to portability of your information, and to have your information erased.
You may request to peruse the information collected about you through e-mail, by _________________________.
Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted using our contact us page
You may send a request to the Company to close your account at any time, by using our contact us page.
If you still feel that your personal data has not been handled appropriately according to the law, you can contact your data protection authority and file a complaint with them.
Security
Your personal data is processed on the Company’s Cloud, which is hosted by ____________.
Except for the Compnay’s employees and service providers, who are under an explicit obligation to maintain confidentiality, we may share your information with any competent law enforcement authority, if required to do by a judicial order or any other legal directive.
We may use professional security services in order to safeguard the collected information. Such services may include periodical checks and backups. Nevertheless, we are not responsible for any security faults that may be caused and are beyond our control.
We are putting in to place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed (a Data Security Breach). In addition, we limit access to your personal information to those employees, contractors and other third parties who have a business need to know. They will only use your personal information on our instructions, and they are subject to a duty of confidentiality.
You are responsible for keeping your password secure and confidential. We ask you not to share your account’s password with anyone and to notify us immediately of any unauthorized use of your account.
The Services are providing using a third party video-conferencing platform such as Zoom. We are not responsible for the privacy practices of third party video platform, but we do cancel the recording ability and all Participants enter must either provide a password or be admitted by you.
Changes
This policy has been developed with the recognition that internet technologies and privacy regulations are rapidly evolving. This policy is subject to change and any such changes will be posted on this page. We want you to be aware that we are not responsible for the content or the privacy policies of websites that facilitate the providing of the Services, such as video-conferencing applications and/or payment processors.
Contact Us
If you have any questions, or need further information about our privacy practices, please get in touch using our contact us page. Using this page allows us to respond to your query as quickly and efficiently as possible.