Terms & Conditions

DANCE ISLAND LTD

MASTER PRIVACY POLICY

This Privacy Policy (hereafter referred to as “This Policy”) outlines the manner in which Dance Island handles the information and personal data which You have provided to The Company and which enables Us to be able to effectively manage the relationship which You have with Dance Island. 

This Policy applies to Our Mobile Application, Website, products and/or services that link to this policy or do not have a separate privacy policy (hereinafter referred to as Our services). This Policy is intended to give You a better understanding of the data We collect, the reason why We collect such data, the manner in which We process this data, the entities with whom We share the said personal data, Your rights in relation to the collection, processing and sharing of such data and any other pertinent matter relating to privacy and security.  

Any personal data You will provide or which We already hold will be processed in line with and in the manner set out in this Privacy Policy. Any and all information will be provided through the Dance Island websites (namely https://thedanceisland.com/ or https://tditicketing.com/ hereafter collectively referred to as “The Website”), the designated telephone numbers or any other means which The Company may make available from time to time. 

By reading This Policy You understand and acknowledge that Your personal data may be processed in the manner set out in this policy. If You do not agree with the terms of this Privacy Policy please do not use the Website or otherwise provide Us with Your Personal Data. 

Any references in this Policy to “Dance Island”, “Us”, “We”, “Our” or “The Company” relate to Dance Island Ltd., a company incorporated under the Laws of Malta bearing company registration number C100102, and having its registered address at Odin, Triq Misrah il-Barrieri, Msida, Malta. All processing of Personal Data performed by the Company as envisaged in this Privacy Policy shall be carried out in line with: 

• The Maltese Data Protection Act (hereafter referred to as the “DPA” – Chapter 586 of the Laws of Malta) as well as any other subsidiary legislation issued under the DPA as may be amended from time to time; and 

• Regulation (EU) 2016/679 of The European  Parliament And of The Council of 27 April 2016  On The Protection of Natural Persons With Regard to The Processing of Personal Data And On The Free Movement of Such Data, And Repealing Directive 95/46/EC (General  Data Protection  Regulation)” (hereafter referred to as “the Regulation” or “GDPR”). 

 The DPA and the GDPR shall hereafter be collectively referred to as the “Data Protection Laws”. 

The Company determines the means and purposes of the processing of Personal Data and therefore acts as the “Data Controller” in terms of the applicable Data Protection Laws.   

DEFINITIONS 

Data Controller 

“Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law; 

Data Processor 

“Data Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller; 

Mobile Application

“Mobile Application” means the mobile and handheld device software application named “TDI Ticketing” which is a ticketing service platform which allows authorised users to sell tickets on behalf of Dance Island, to Dance Island customers for various kinds of events and similarly sell certain other products or services.

Personal Data 

“Personal Data” means any information that identifies You individually or relates to an identified or identifiable natural person. 

SECURITY 

We understand the importance of data security measures and techniques and strive to ensure that Your data is safe with Us. We have put in place several measures to protect Your data from unauthorised access to and alteration as well disclosure and destruction of information. 

Dance Island uses 256-bit SSL (Secure Socket Layer) Digital Encryption to protect Your personal data. It’s one of the most sophisticated security systems that exist today for the Internet. This is the same unbreakable technology used by all major banks and financial institutions, so Your security and privacy are assured. To ensure that the protection We offer is completely up-to-date, We revise and update these systems on a regular basis.  

PERSONAL DATA PROTECTION 

Personal Data held by Us is protected using the highest industry standard security processes and systems. Our commitment to protect personal data is not merely through quality and high standards but also through the best and most efficient application of the law. We are bound to only process personal data if such processing is based on a genuine and legitimate reason to do so on the basis of one of the legal grounds established in the GDPR.

PROCESSING ON THE BASIS OF OUR LEGITIMATE INTERESTS 

A legitimate interest exists when We have a business or commercial reason upon which personal data will be processed. In such a case We undertake to protect any and all of Your personal data and the manner in which such data is processed and to ensure that such processing would not be unfair to You or to Your interest.  

If and when We decide to process Your personal data on the basis of legitimate interest, We will inform You of such, what said legitimate interest is and provide a process whereby You will be able to raise any questions and/or objections which You way have in relation to such processing. It is important to note that The Company is not obliged to stop processing if the grounds for processing override Your right to object. 

PROCESSING ON THE BASIS OF YOUR CONSENT 

Consent is not the only ground we may be permitted or obliged to rely on to process Your personal data. We will only process personal data on the basis of Your consent where we cannot or otherwise choose not to rely on any ulterior legal ground (such as compliance with a legal obligation or legitimate interest). Where we process Your personal data on the basis of Your consent, you shall have the right to withdraw your consent at any time and in the same manner as it had been previously provided by Yourself. In the case that You exercise Your right to withdraw consent, we would then determine whether we are able (or obliged) to process Your personal data on the basis of any other legal ground other than consent. If this is the case We will notify You accordingly. Any such withdrawal of Your consent will not invalidate any processing operations carried out prior to You having withdrawn Your consent. 

DATA RETENTION POLICY 

Any and all personal data The Company will keep will be protected in the best way possible and will only be used for purposes which are compatible with the applicable Data Protection Laws as well as any other applicable laws. The Company will retain Your Personal Data only for as long as is necessary (taking into consideration the purpose for which it was originally obtained). The criteria We use to determine what is ‘necessary’ depends on the particular Personal Data in question and the specific relationship We have with You (including its duration).  

Generally, Our normal practice is to determine whether there is/are any specific EU and/or Maltese law(s) (for example tax or corporate laws) permitting or even obliging Us to keep certain Personal Data for a certain period of time (in which case We will keep the Personal Data for the maximum period indicated by any such law). For example, any data that can be deemed to be ‘accounting records’ must be kept for ten (10) years. 

We would also have to determine whether there are any laws and/or contractual provisions that may be invoked against Us by You and/or third parties and if so, what the prescriptive periods for such actions are (this is usually five (5) years). In the latter case, We will keep any relevant Personal Data that We may need to defend Ourselves against any claim(s), challenge(s) or other such action(s) by You and/or third parties for such time as is necessary. 

Where Your Personal Data is no longer required by Us, We will either securely delete or anonymise the Personal Data in question. 

Failure to provide Your Personal Data may prevent The Company from meeting its legal and regulatory obligations, fulfilling its contractual obligations and rendering and/or performing the necessary services needed to satisfactorily manage and maintain Your account. Therefore, failure to provide the necessary personal data may lead to The Company being unable to provide its products and/or services.  

PERSONAL DATA WHICH WE COLLECT, PURPOSE OF THE PROCESSING & LEGAL BASIS OF THE PROCESSING 

The following table outlines the categories of personal data which We process, the purpose for which We process such data as well as the corresponding legal basis used for such processing. It is pertinent to know that the same categories of personal data may be processed for different purposes and therefore on the basis of a various legal grounds simultaneously depending on the purpose of processing. 

The Company may also collect personal data from publicly available sources such as web searches, company registers and broadcast media provided it is reasonable to do so and such conduct is not detrimental to Your rights and freedoms. 

MARKETING AND EVENTS  

Subject to any preferences You may have chosen (where applicable), personal information will be used to deliver marketing and event communications to You across various platforms.  We will do this during the period of Your relationship with Us and, unless specifically instructed otherwise by you, for a reasonable period of time after the relationship has ended in order to inform You about products, services, promotions and special offers which We think may be of interest to you.

 
Whenever an email or SMS in relation to marketing is sent, it will include instructions on how to opt out of receiving these marketing communications in the future. You can also manage Your information and update Your marketing preferences through the “My Account” tab when You login to Your account. Please allow up to 48 hours for any changes You make to Your marketing preferences to be fully processed. Please remember that even if You opt out of receiving marketing emails, We may still send You important Service information related to Your accounts and relationship with Us. We will, from time to time, send You marketing material which may be of particular interest to You based upon Your interests. These marketing messages will provide You with information about the products, services, active promotions or offers available to You by any company within the Group and information about products and services provided by Our selected partners and third parties.  

Except where We use Your personal data for marketing purposes on the basis of Your prior written consent and subject to any opt out preferences You notify to Us in respect of electronic direct marketing communications, We process personal data for marketing purposes as necessary for the purpose of Our legitimate interests in promoting Our products and services.  

PROFILING 

We do not carry out any profiling or other automated decision-making while processing Your Personal Data.

COOKIES 

We do not use cookies on our website https://tditicketing.com/ or on our Mobile Application.

When You visit https://thedanceisland.com/, We may collect certain categories of Personal Data automatically through the use of cookies and similar technologies that may be used by third party code or libraries.  [FF2] You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of this Service.

What are Cookies?

A cookie is a small text file (typically numbers and letters) that is downloaded onto ‘terminal equipment’ (e.g. your computer or smartphone) when you (or someone else) access a website using that device. Cookies are then sent back to originating website on each subsequent visit – and they are useful because they allow a website to recognize a user’s device and store some information about your preferences or past actions.

Some cookies are needed for the sole purpose of carrying out the transmission of a communication over an electronic communications network – others may be necessary for the provision of a service over the internet, in which case they have to be used. Other cookies may be desirable to improve your experience, in which case we will ask you for your consent to use them.

How do you change your cookie settings?

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

OTHER PURPOSES 

We may be required to use and retain personal information for; loss prevention; and to protect Our rights, privacy, safety, or property, or those of other persons in accordance with Our legitimate interests. 

AUTHORISED DISCLOSURES OF PERSONAL DATA TO THIRD PARTIES  

Without prejudice to anything else contained in this Privacy Policy, personal data relating to You may be shared with authorised third parties located in or outside of the EU/EEA where such disclosures are permitted or required pursuant to Data Protection Laws and/or any other applicable legislation. These authorised third parties may include but are not limited to entities within the Dance Island Group, payment service providers, other third parties and organisations such as law enforcement agencies, collaborating accounting firms, digital marketing providers, regulators, relevant authorities, credit reference agencies, fraud prevention and AML agencies, identity verification agencies and sports governing bodies. We may also share such personal data with organisations who have introduced You to Us, third parties which You have asked Us or permitted Us to share Your data with or any other third party which We must necessarily share Your personal data with so as to be able to provide the products and/or services which You have requested. The personal data shared will depend on the product/s and or service/s You choose to use. We may also share Your personal data within the Dance Island Group for the purposes of developing and improving Our products/services and for developing additional services which will serve You and improve Your customer experience. 

When any personal data has to be transferred outside of the EEA – European Economic Area, We ensure that all the necessary and appropriate safeguards are in place. We may also disclose personal information to other companies within associated or subsidiary companies and to business partners, or successors in title to Our business. The manner in which data transfer outside the EEA is handled is detailed below. Your Personal Data will never be shared with third parties for their marketing purposes (unless You give Your consent thereto). 

We use a select number of trusted external service providers for certain technical support, software support services, software development services, Mobile Application backend management, server hosting, processing and/or storage offerings (e.g., IT and related services). These service providers are carefully selected and meet high data protection and security standards. We only share information with them that is required for the services offered and we contractually bind them to keep any information we share with them as confidential and to process Personal Data only according to our instructions. In addition to services providers, other categories of third parties may include:

– Vendors/public institutions. To the extent that this is necessary in order to make use of certain services requiring special expertise (such as legal, accounting or auditing services) we may share your personal data with vendors of such services or public institutions that offer them (e.g. courts). The legal basis of this data processing is Art. 6(1)(f) GDPR.

– Disclosures to Protect Us or Others.  We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; to protect your, our or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or to assist with an investigation or prosecution of suspected or actual illegal activity; depending on the concrete issue, the legal basis for such processing may be Art. 6(1)(b), (c) or (f) GDPR.

– Disclosure in the Event of Merger, Sale, or Other Asset Transfers.  If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract. The legal basis for such processing would be Art. 6(1)(f) GDPR as such processes are in the legitimate interest of Dance Island.

LINKS TO THIRD PARTY SITES 

Links that We provide to third-party websites are clearly marked and We are not in any way whatsoever responsible for (nor can We be deemed to endorse in any way) the content of such websites (including any applicable privacy policies or data processing operations of any kind). We suggest that You should read the privacy policies of any such third-party websites. 

TRANSFER OF DATA OUTSIDE OF THE EEA 

Your personal data will only be transferred outside of the EEA or any other non-EEA country which has been deemed by the European Commission to offer an adequate level of protection (also referred to as “white-listed countries” – listed here https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en#:~:text=The%20European%20Commission%20has%20so,commercial%20organisations%20participating%20in%20the ) in the following circumstances: When You have expressly consented Us to do so; when it is necessary to constitute or execute a contract entered between You and the Company; or to be compliant and in line with any and all legal obligations or duties.  

DATA SUBJECT RIGHTS  

The Company undertakes to assist You in the best way possible should You choose to exercise any of Your rights with respect to Your personal data. In certain cases We might need to verify Your identity prior to acceding to Your request to exercise any relevant right. 

Right of Access 

You have a right to ask Us whether We are processing any personal data which concerns You and if this is the case, You shall have the right to access that personal data as well as the following information: 

– What Personal Data We have

– Why We process them

– Who We disclose them to

– How long We intend on keeping them for (where possible)

– Whether We transfer them abroad and the safeguards We take to protect them

– What Your rights are

– How You can make a complaint

– Where We got Your Personal Data from and whether We have carried out any automated decision-making (including profiling) as well as related information

Right to Rectification 

You have a right to ask us to have any inaccurate or incomplete Personal Data relating to You rectified and/or completed. 

Right of Erasure (the “right to be forgotten”) 

You have the right to ask Us to delete Your Personal Data and We shall comply without undue delay but only where: 

– The Personal Data are no longer necessary for the purposes for which they were collected; or 

– You have withdrawn Your consent (in those instances where We process on the basis of Your consent) and We have no other legal ground to process Your Personal Data; or 

– You shall have successfully exercised Your right to object (as explained below); or 

– Your Personal Data shall have been processed unlawfully; or 

– There exists a legal obligation to which We are subject; or 

– Special circumstances exist in connection with certain children’s rights. 

In any case, We shall not be legally bound to comply with Your erasure request if the processing of Your Personal Data is necessary to comply with a legal obligation imposed on Us. 

Right to Restriction of Processing 

You have the right to ask Us to restrict the processing of Your personal data. However, You are only able to exercise this right where: 

• The accuracy of Your Personal Data is contested (see the right to data rectification above), for a period enabling Us to verify the accuracy of the Personal Data; or 

• The processing is unlawful and You oppose the erasure of Your Personal Data; or 

• We no longer need the Personal Data for the purposes for which they were collected but You need the Personal Data for the establishment, exercise or defence of legal claims; or 

• You exercised Your right to object and verification of Our legitimate grounds to override Your objection is pending. 

Should You successfully exercise this right, We would only be in a position to process Your personal data: 

• Where We have Your consent; or 

• For the establishment, exercise or defence of legal claims; or 

• For the protection of the rights of another natural or legal person; or 

• For reasons of important public interest. 

Right to Data Portability 

You have the right to ask Us to provide You with Your personal data which You would have previously provided to Us. We will provide You such data in a structured, commonly used, machine readable format, or (where technically feasible) We may have the data sent directly to another Data Controller, provided this does not adversely affect the rights and freedoms of others. You may only exercise this right where:  

• The processing is based on Your consent or on the performance of a contract with You; and 

• The processing is carried out by automated means. 

Right to Withdraw Consent 

For detailed information on this right, refer to “PROCESSING ON THE BASIS OF CONSENT” section, above. 

Right to Object to Processing 

In certain instances, You have the right to object to the processing of Your personal data. Where we are only processing Your personal data on the basis of one of the following purposes: 

• The processing is necessary for the performance of a task carried out in the public interest; or 

• When processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party, 

the processing shall only cease where the Data Controller has not provided compelling and legitimate grounds which outweigh the objections raised by You in such a request and which require the processing to continue. 

Where Your data is being processed for direct marketing purposes, You have the right to object to the processing of Your personal data at any time. 

In all other instances apart from those listed above, this general right to object shall not subsist. 

Right to Lodge a Complaint 

As a Data subject You may at any time lodge a complaint with any relevant Data Protection Supervisory Authority should You feel that any of Your rights have been impinged by the Company. The Competent Supervisory Authority in Malta is the Office of the Information and Data Protection Commissioner (‘IDPC’).  

Notwithstanding this right, We kindly ask You to please attempt to resolve any issues You may have with Us prior lodging a complaint with the IDPC. 

It is important to note that notwithstanding such rights, The Company may still refuse such request if it can reasonably justify such decision. Such refusal does not prohibit You from lodging a complaint with the relevant data protection authority. 

CONTACT INFORMATION 

If You have any questions or comments about privacy or should You wish to exercise any of Your individual rights, please contact Us at: hello@danceisland.com[FF3] .