PRIVACY AND COOKIE STATEMENT
dated 01 – 01 – 2022
With this Privacy and cookie statement, Imagination Made Real B.V. (www.imaginationmadereal.nl) wishes to explain how it handles and uses your personal data. If you have any questions regarding this Privacy and cookie statement, please contact us at email@example.com
If you have accepted this Privacy and cookie statement on an Imagination Made Real platform, this permission also applies to any Imagination Made Real subsidiary. The websites and apps for which a cross-domain permission applies are the following entities within the IMR legal structure:
- ICONS live BV – www.icons-live.events (KVK: 84365331)
Personal data processed by one of these entities are also processed on behalf of the other entities within the IMR legal structure. The entities within the IMR legal structure may provide their services through different websites. This Privacy Statement applies to all websites within the IMR legal structure (hereinafter together also referred to as: “Website”).
In this Privacy and cookie statement, the following terms or definitions are used:
IMR: The private company with limited liability Imagination Made Real B.V., Tilanusstraat 330, 1091MZ, Amsterdam, the Netherlands, is the data controller for the Processing of your Personal Data. Processing for the benefit of IMR companies affiliated to IMR and/or IMR events also fall under IMR.
Account: your personal registration via an Opt-in on websites or apps with which you access the Service.
Advertising Network: An RTB/Programmatic Network (also called Real Time Bidding Network) offers advertisers the opportunity to purchase advertising space through an auction. To optimize advertising, advertisers and RTB networks place cookies. By means of these cookies, you are tracked and targeted to visit other sites that are connected to the same network.
Content: information (including audio-visual material such as trailers and previews) that IMR makes available as part of the Service.
Devices: the devices, such as PCs, smartphones or tablets, with which access can be obtained to the Service.
Personal data: any data whereby IMR can directly or indirectly trace or distinguish you. For example, a name, e-mail address or an IP address.
Privacy and cookie statement: this privacy and cookie statement of IMR.
Processing (Process, Processed): All use of your Personal Data such as storing, modifying, forwarding or (partially) deleting these data. For example, IMR processes Personal Data because you use IMR websites or apps.
Service: the complete package of services that IMR offers to you. For example, websites and apps, the Account, but also the events and the services provided at events. For example, the option of paying at an event for drinks using an app.
2. Which of your Personal Data are Processed by IMR?
IMR Processes the following of your Personal Data for the purposes explained later in this Privacy and cookie statement:
- First Name;
- Email address;
- Date of birth;
- Telephone number;
- Country; and
- Preferences such as artist preference, event visit, music preference, clothing preference, clothing size and possibly geo-location only after explicit permission in an Opt-in of IMR.
It is not the case that IMR always uses all of your above-mentioned data. This depends on purposes as described later in this Privacy and cookie statement. IMR has deliberately chosen not to use special Personal Data such as race, ethnic origin, political opinions, religious convictions, union membership, orientation, health or criminal data.
3. How does IMR obtain your Personal Data?
IMR has a partnership with CM.com as a service provider for the processing of your personal data. IMR obtains your data in the following ways:
Directly from you:
For example, if you sign up for a special campaign, ticket or promotion run by IMR, if you send an e-mail or otherwise contact IMR (for example with questions about the use of the Services).
As a result of using the Service:
By means of your registration, you have access to the Service. In addition, IMR can also offer the Service to persons without a registration. If you give permission for this, IMR can read and store the unique characteristics of the device that has been used in the context of the Service. Based on the IMR Account and/or the unique features of the Device which you use to access the Service, IMR can keep track of your use of the Service, including the Content that is watched, read, listened, commented, or shared using the IMR Account.
Insofar as mobile Devices are used, the location of the Device is passed on to IMR in the context of the Service. Prior to installation of such apps on a mobile device, you are explicitly requested to allow your location data to be determined and used.
From third parties:
For example, if you or another visitor of an IMR website or app uses social network functions that are integrated in the Service, IMR may receive certain information from the relevant social network, such as Meta, Twitter and Google+. IMR may also receive information from partners who are involved with the Service. For example, IMR uses services provided by other parties that help it to map and analyze the way in which the Content and websites are used. An example of this is Google Analytics.
This tool enables IMR to monitor websites (where do you click and how often). Other examples are partners who on your behalf handle payment for the Service. Examples are iDeal, PayPal or Adyen, which handle the payment transactions between you and the services/products provided by IMR.
IMR can also process visitor data at the events that it organizes, such as registering an event for commercial or security purposes (with camera). When entering an event location, the visitor is always informed of such processing, see also our visitor terms & conditions available via imaginationmadereal.nl/termsandconditions.
You can withdraw your permission for use of personal data at any time by sending a message to: firstname.lastname@example.org
4. What is the reason why IMR Processes your Personal Information?
IMR processes your Personal Data for the following purposes:
a. In order to provide the Service:
Example; data that is entered when registering for a ticket or using a service (such as name and date of birth) can be used to check whether you meet the set requirements (e.g. to monitor age). Specified contact details can be used to inform you about (changes to) the Service or planned maintenance (service e-mails).
b. In order to process payments:
Certain data that are requested when registering may be required for issuing invoices and/or processing payment for a Service.
c: In order to build a profile
IMR strives to ensure that the Service is as relevant as possible for you. To do this, IMR keeps a profile based on your use of the Service to get an idea of your most likely interests. IMR does this for example, by keeping track of what Content you request or which purchases (such as tickets, refreshments, merchandise, or travel package) you make. Another way in which IMR builds a profile is by using your location data at events (after gaining explicit permission to do so) to see which artists, music and experiences appeal to you. Based on these interests, IMR can then change the Content, including adverts, that appear on IMR touchpoints. As an example, IMR can then show recommendations for similar Content that has certain artists or events.
IMR can also use these profiles for campaigns run by online advertisers. IMR is and will remain the owner of these profiles and will never make these profiles available to third parties. IMR only shares the segments (tags) with the advertisers (e.g. ‘woman, age category 20 to 30 years), to ensure that the adverts match the interests.
d. In order to send newsletters and promotions:
IMR can also use contact information and other data that have been collected to keep you informed by phone, mail, e-mail, SMS, WhatsApp, and push messages from apps or other suitable media, about promotions or offers from ourselves (action e-mails), or to keep you informed about the Service and the Content (newsletter e-mails). You can unsubscribe from this at any time.
e. In order to improve the Service and to identify general trends:
IMR uses your usage data to analyze in a general sense how the Service is used and which trends can be observed, in order to make more informed decisions about, for example, further development of the Service and the Content offering. It is also possible to track purely technical trends for that purpose, for example which types of Devices or browsers are used to retrieve the Content.
f. In order to prevent misuse:
IMR also Processes your Personal Data and your use of the Service in order to prevent misuse of the Service and the Content, to prevent fraud (e.g. with credit card or other means of payment), and to protect the rights of others (including the right-holders to the Content).
g. In order to carry out market research:
IMR can contact you and former users and visitors of the Service that have provided their contact details for the purposes of market research. Participation in such research is always on a voluntary basis. IMR can, based on this research, send offers to you and others who participated in this research, provided that prior permission has been given for this.
h. In order to ensure compliance with laws and regulations:
Your Personal Data can be used to comply with laws and regulations that apply to IMR, to deal with disputes and to have audits carried out.
i. IMR can utilize profiling.
Which means collecting, analyzing and combining of (personal) data aiming to tag you in a specific (interest) category. (race, ethnic origin, political opinions, religious believes, trade union membership, orientation, health or criminal data) are consciously excluded within GDPR.
The importance of profiling is that we can gain insights in which content you may be interested in and which products or services (including commercial products or services) would suit you. Profiling ensures that both the content and ads are more in line with your personal interests.
Profiling can impact your privacy. For example, if false (interest) categories are linked to you based on incorrect or outdated data. If you believe that this is the case, the GDPR provides you the right to have your data modified or removed.
In this case, please contact IMR. For more information on the Right of correction, postage and removal visit www.imaginationmadereal.nl/privacy
5. Why does IMR Process your Personal Data?
The main reason why IMR Processes your Personal Data is because this is necessary to provide its Service. For example, IMR Processes your Personal Data so that it can grant you access to its websites, apps or events. It may also be the case that IMR Processes your Personal Data because it is obliged to do so because of laws and regulations. For example, the Dutch General Act on Government Tax makes it mandatory to retain payment data for 7 years for the Tax Authorities.
Another reason why IMR Processes Personal Data is because either IMR or a third party has a legitimate reason for doing this, such as a commercial interest. In that case, IMR will always make a thorough assessment as to whether this interest is greater than your privacy interest.
Finally, IMR can Process Personal Data on the basis of your permission. For example, IMR asks for your permission before placing and reading tracking cookies or before sending you (electronic) commercial messages.
6. Who does IMR share your Personal Data with?
Within the IMR legal structure:
The Personal Data that are collected are Processed by IMR also for the companies affiliated with IMR. These companies can access your Personal Data insofar as this fits within the purposes described in this Privacy and cookie statement.
With (other) suppliers of IMR:
IMR can share your Personal Data with the suppliers it works with to realize the Service (for example a mailing company, call centers, collection agency, market research agency, event partners or the party that has been commissioned by IMR for the technical realization of a website or app). Where possible, IMR places these third parties under the obligation to act in the capacity of data processor. This means that IMR determines the purpose for which and the manner in which the personal data are to be Processed and the data processor is only allowed to handle your data according to the instructions and (security) standards of IMR. These agreements determined by IMR with each data processor are set out in a so-called processor agreement. If these third parties are outside the European Economic Area (EEA), IMR has reached (additional) agreements with these parties. IMR signs a model contract with these data processors that has been approved by the European Commission (also called standard contractual clauses). Where data are transferred to the United States, IMR either agrees on the model contract or IMR allows the transfer under the EU-US Privacy Shield.
With other IMR partners:
In specific cases, in the context of the purposes described above, it is necessary to share Personal Data with third parties who use this Personal Data independently. In addition, IMR can provide Personal Data for marketing purposes to other partners selected by IMR. IMR will first request separate permission from you to do this.
With the authorities and others:
In exceptional cases, IMR may provide Personal Data to authorities or third parties, if IMR is required to do so by law or by order of the court, or if there is reasonable reason to believe that this is necessary in order to prevent damage or misuse.
You can withdraw your permission for use of your personal data at any time by sending a message to: email@example.com
Cookies are small files that can be placed on your Devices by the websites or apps of IMR. For example, you can easily be recognized during a subsequent visit without having to log in again on your IMR Account. Likewise, information relating to website use can be collected using cookies about other visitors of the IMR websites (who are not logged in with an IMR Account). There are different types of cookies. In some cases, cookies are automatically deleted when you close your browser; in other cases, these cookies are stored for longer and can be read the next time you use the Service.
Where IMR collects Personal Data using cookies, these Personal Data are Processed in accordance with the provisions set out in this Privacy and cookie statement. Before IMR places non-functional cookies, IMR will inform you about this and ask for your permission. It is only after permission has been given that these cookies are placed and read.
IMR itself places cookies in order to identify you on your next visit without the need for you to log in again with your IMR Account. IMR can also place cookies for the purpose of creating profiles. IMR can also place tracking cookies, which are used by IMR if you as a visitor navigate to third party websites where IMR can place ads via an RTB and/or Programmatic network (see: 1 – Definitions). Additionally, IMR uses third parties to analyze the use of its Content, websites, apps and the Service. These third parties also place cookies for IMR on your Devices, which are used to map your use of the Service. For example, Google Analytics.
Cookies from third parties are placed on your Devices by third parties, and only these third parties have access to those cookies and the information collected by the cookie. Third parties that have permission to place cookies via the Service are, for example, advertising networks that place the adverts on the IMR websites. Ad networks usually leave so-called “tracking cookies” on your devices. Tracking cookies enable advertisers to track your browsing habits so that they can display as many relevant ads as possible on the websites that you visit. Social networking services such as Facebook, Twitter, WhatsApp and Google+ can also place cookies via the websites of IMR. This is done via the buttons of these social networks that may appear on the websites of IMR to promote (“Like”) or share (“tweet”) Content.
Below is an overview of (technical) partners on the websites or apps of IMR:
- Meta (Facebook, Instagram, WhatsApp)
- CM.com as ticket partner
- CM.com as mail provider
- Google Analytics (analytics pixel used for research)
- Google Tag Manager (tags used for re-targeting)
- Facebook pixel (tracking pixel used for re-targeting within Facebook)
- Antagonist (Hosting & cloud infrastructure)
- Typeform (forms)
- Hide & Seek (Marketing automation)
- Cookie consent (functional for storing cookie preferences)
- Google Tag manager (analytics pixel used to improve IMR services)
- True SSL Certificates (website security)
If you would like more information about the cookies that other parties place from the websites or apps of IMR and the purposes for which and the manner in which these cookies are used, please read the privacy and cookie statements of these parties on their websites or apps.
Browser applications can be set so that new cookies are no longer received the next time you use the Service. This differs from browser to browser; we recommend that you consult the help function of the browser if necessary. This should also explain how to delete cookies that have been previously placed.
NB: A visitor to the website or a user who no longer wishes to receive cookies should change these settings in all browsers and on all devices that are used. If cookies are refused and/or removed, it is possible that your use of the Service and/or options related to the Service is rejected.
8. How long does IMR store your Personal Data?
IMR will keep your Personal Data for as long as necessary to get you the best service or in case of refund terms, warranty or recurring contact needed to keep you up to date. IMR stores your data for at least as long as you use the Service and if your account is inactive, for a period of 2 years thereafter. The reason for IMR doing this is so that you can easily return to using the Service when re-activating. If you have been inactive for a long period (longer than 2 years), IMR will delete your data.
An exception to this is if the law prescribes that IMR must retain certain data for a longer period of time. For example, the Dutch General Act on Government Tax makes it mandatory to retain payment data for 7 years for the Tax Authorities.
9. How does IMR protect your Personal Data?
IMR at all times maintains a level of security in the Processing of Personal Information that, in view of the state of the art, is sufficient to prevent the loss, alteration, disclosure of or unauthorized access to Personal Data. If IMR engages third parties, then IMR imposes the same level of security on them. IMR has a close relation to its data processors and made clear agreements in our Processor Agreements.
Questions about this security can be directed to firstname.lastname@example.org
10. What are your rights?
People whose Personal Data are Processed have certain rights under the law. You can at all times and at no cost view the Personal Data Processed by IMR and alter it if required. You may also object to receiving information or targeted offers from IMR via e-mail, telephone, post and/or SMS; you are also entitled to apply to have your data deleted in accordance with the applicable regulations. Finally, we would like to point out the right to file a complaint with the Dutch Data Protection Authority.
IMR tries to ensure that you can exercise these rights as much as possible yourself. For example, you can exercise your rights by viewing, correcting, or deleting your data in the IMR Account. You can also exercise these rights by contacting us via the e-mail address email@example.com. IMR will try to respond to your request within 4 weeks (read more via: www.imaginationmadereal.nl/privacy)
11. Persons younger than 16 years
Persons who have not yet reached the age of 16 (minors) may only register for an IMR Account with the consent of a parent or legal guardian. The parent(s) or legal representative of the minor user must read this Privacy and cookie statement in the interests of the minor user and can exercise the rights of the user in question instead of the minor user.
IMR advises parents or legal guardians to supervise the use that a minor user makes of the Service and to make such users aware of how their Personal Data can be used on the basis of this Privacy and cookie statement. IMR makes reasonable efforts, with due observance of technology, to check that only users aged 16 or older can create an IMR Account. IMR does this for example by means of a birth date check when a profile is created.
12. Changes to the Privacy and cookie statement
It may be that IMR decides in the future to (unilaterally) change this Privacy and cookie statement. IMR therefore recommends that you regularly check this Privacy and cookie statement to see if there have been any changes. If there are any major changes, IMR will inform you about this in advance by publishing the amended Privacy and cookie statement. The latest applicable version of the Privacy and cookie statement can always be consulted on the relevant IMR websites or apps.
The most recent change to this document was on 29 November 2021.
– Please check imaginationmadereal.nl/privacy for the latest version of all our statements & policies and the way how to respond on our statements and execute your personal rights.