Privacy Policy

Book Event ("we," "us," "our," or "Company"), a product of Innfive Pty Ltd, is committed to protecting your privacy and ensuring you have a positive experience on our website and mobile application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information in accordance with the Protection of Personal Information Act, 2013 (POPI Act) and other applicable South African laws.

1. Information We Collect

We collect information in the following ways:

2. How We Use Your Information

We process your personal information for the following lawful purposes:

• Booking Processing: To process your ticket bookings, send confirmations, and manage your reservations
• Payment Processing: To process payments and prevent fraudulent transactions
• Customer Service: To respond to inquiries, provide support, and resolve issues
• Event Updates: To send you information about your bookings, event details, and important notifications
• Marketing Communications: To send promotional offers and event recommendations (only with your consent)
• Service Improvement: To analyze usage patterns, improve our Service, and develop new features
• Legal Compliance: To comply with legal obligations and enforce our Terms and Conditions
• Fraud Prevention: To detect and prevent fraudulent activities and unauthorized access

3. Legal Basis for Processing

Under the POPI Act, we process your personal information based on the following lawful grounds:

• Contractual Necessity: Processing required to fulfill your booking and provide our Service
• Legitimate Interests: Processing necessary for our business operations, fraud prevention, and service improvement
• Legal Obligation: Processing required by South African law, including tax and financial regulations
• Consent: Where you have explicitly consented to marketing communications or optional data processing

4. Information Sharing and Disclosure

We may share your personal information with:

• Event Organizers: We share your booking details with event organizers to facilitate event management and attendance
• Payment Processors: Payment information is shared with our secure payment gateway partners to process transactions
• Service Providers: We may share information with third-party service providers who assist with email delivery, analytics, and customer support
• Legal Requirements: We may disclose information when required by law, court order, or government request
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction

We do not sell your personal information to third parties for marketing purposes.

5. Data Security

We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction:

• Encryption: All sensitive data, including payment information, is encrypted using SSL/TLS technology
• Secure Servers: Our servers are protected with firewalls and intrusion detection systems
• Access Controls: Only authorized personnel have access to personal information, and access is restricted on a need-to-know basis
• Regular Audits: We conduct regular security audits and vulnerability assessments
• Data Minimization: We collect and retain only the personal information necessary for our stated purposes

While we implement robust security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your information.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected:

• Booking Information: Retained for the duration of your booking and for 7 years for tax and legal compliance purposes
• Account Information: Retained while your account is active and for 2 years after account closure
• Marketing Data: Retained until you unsubscribe from communications
• Transaction Records: Retained for 7 years in accordance with South African financial regulations

After the retention period, we securely delete or anonymize your personal information.

7. Your Rights as a Data Subject

Under the POPI Act, you have the following rights:

• Right of Access: You have the right to request access to your personal information held by us
• Right to Correction: You can request that we correct inaccurate or incomplete personal information
• Right to Deletion: You may request deletion of your personal information, subject to legal retention requirements
• Right to Object: You can object to processing of your personal information for direct marketing purposes
• Right to Restrict Processing: You may request that we limit how we process your personal information
• Right to Data Portability: You can request your personal information in a structured, commonly used format
• Right to Lodge a Complaint: You have the right to lodge a complaint with the Information Regulator if you believe your rights have been violated

To exercise any of these rights, please contact us at bookevent@innfive.com. We will respond to your request within 30 days.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Service:

• Essential Cookies: Required for the Service to function (e.g., session management, security)
• Performance Cookies: Help us understand how you use our Service and improve functionality
• Analytics Cookies: Allow us to analyze usage patterns and optimize the user experience
• Marketing Cookies: Used to deliver personalized content and advertisements (only with consent)

You can control cookie preferences through your browser settings. However, disabling essential cookies may affect the functionality of our Service.

9. Third-Party Links

Our Service may contain links to third-party websites and applications. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information. Your use of third-party sites is governed by their terms and privacy policies, not ours.

10. Children's Privacy

Book Event is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

For users between 13 and 18 years old, we provide additional privacy protections in accordance with the POPI Act's requirements for processing children's personal information.

11. International Data Transfers

Your personal information is primarily stored and processed in South Africa. However, if we transfer your information to countries outside South Africa, we ensure that appropriate safeguards are in place to protect your data, including contractual obligations and compliance with applicable data protection laws.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our Service after such modifications constitutes your acceptance of the updated Privacy Policy.

13. Information Regulator Contact

If you have concerns about how we handle your personal information or believe we have violated your rights under the POPI Act, you may lodge a complaint with the Information Regulator:

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at: bookevent@innfive.com

We are committed to working with you to resolve any privacy concerns. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Regulator.