top of page

Privacy Policy

Privacy Policy for pop up's collective

 

Effective Date: July 22, 2025

This Privacy Policy describes how [pop-up's-collective] ("we," "us," or "our") collects, uses, and discloses your personal information when you visit, use, or make a purchase from [Your Website URL] (the "Site").

 

1. Information We Collect

 

We collect various types of information from and about users of our Site, including:

a. Information You Provide to Us Directly:

  • Account Information: When you create an account, we collect your name, email address, password, and any other information you provide (e.g., profile picture, preferences).

  • Ticket Purchase Information: When you purchase tickets, we collect your name, email address, billing address, shipping address (if applicable), phone number, and payment information (e.g., credit card details). Please note that payment processing is typically handled by a third-party payment processor, and we do not directly store your full payment card details.

  • Event Participation Information: If you interact with event features, we may collect information related to your participation, such as RSVPs, dietary restrictions (if applicable and provided by you), or accessibility needs.

  • Communications: When you communicate with us via email, contact forms, or customer support, we collect the content of your communications and our responses.

  • User-Generated Content: If you post comments, reviews, or other content on our Site, we collect that information.

b. Information We Collect Automatically:

  • Log Data: When you access and use the Site, our servers automatically record information, including your IP address, browser type, operating system, referring URLs, pages viewed, and the dates and times of your visits.

  • Device Information: We may collect information about the device you use to access our Site, including hardware model, operating system and version, unique device identifiers, and mobile network information.

  • Usage Information: We collect information about your activity on the Site, such as the pages you visit, the events you view, the tickets you purchase, and your interactions with our features.

  • Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your Browse behavior, remember your preferences, and provide a personalized experience. You can manage your cookie preferences through your browser settings.

c. Information We Collect from Third Parties:

  • Payment Processors: When you make a purchase, our third-party payment processors may provide us with limited transaction details (e.g., confirmation of payment) but not your full payment card information.

  • Social Media: If you choose to connect with us through social media platforms, we may collect information from your social media profile in accordance with your privacy settings on that platform.

 

2. How We Use Your Information

 

We use the information we collect for various purposes, including:

  • To Provide and Maintain the Site: To operate, maintain, and improve our website, services, and features.

  • To Process Transactions: To process your ticket purchases, send you confirmations, and manage your orders.

  • To Manage Your Account: To create and manage your user account, verify your identity, and provide you with access to account-specific features.

  • To Promote and Inform About Events: To display event information, send you updates about events you've shown interest in, and inform you about upcoming pop-up events.

  • To Communicate with You: To respond to your inquiries, provide customer support, send you service-related announcements, and inform you about changes to our terms or policies.

  • For Marketing and Promotional Purposes: To send you marketing communications about our events, products, and services that may be of interest to you, in accordance with your communication preferences.

  • To Personalize Your Experience: To tailor content, event recommendations, and offers based on your interests and past interactions.

  • For Analytics and Research: To understand how users interact with our Site, analyze trends, and perform research to improve our services.

  • To Ensure Security and Prevent Fraud: To detect, prevent, and investigate fraudulent or illegal activities and to protect the security and integrity of our Site and our users.

  • To Comply with Legal Obligations: To comply with applicable laws, regulations, and legal processes.

 

3. How We Share Your Information

 

We may share your personal information with the following categories of third parties:

  • Service Providers: We engage third-party service providers to perform functions on our behalf, such as payment processing, website hosting, data analysis, email delivery, marketing services, and customer support. These service providers have access to personal information only as needed to perform their functions and are contractually obligated to maintain the confidentiality and security of the information.

  • Event Organizers/Promoters: When you purchase tickets for an event, we may share your information (such as your name and email address) with the respective event organizer/promoter for the purpose of event management, communication, and entry.

  • Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

  • Legal Requirements and Law Enforcement: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend our rights or property, (iii) prevent or investigate possible wrongdoing in connection with the Site, or (iv) protect the personal safety of users of the Site or the public.

  • With Your Consent: We may share your information with your explicit consent or at your direction.

  • Aggregated or Anonymized Data: We may share aggregated or anonymized data that does not directly identify you with third parties for various purposes, including analytics, research, and marketing.

 

4. Data Retention

 

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

5. Your Choices and Rights

 

Depending on your location and applicable law, you may have certain rights regarding your personal information, including:

  • Access: You may have the right to request access to the personal information we hold about you.

  • Rectification: You may have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

  • Erasure (Right to Be Forgotten): You may have the right to request the deletion of your personal information under certain circumstances.

  • Restriction of Processing: You may have the right to request that we restrict the processing of your personal information under certain circumstances.

  • Data Portability: You may have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

  • Object to Processing: You may have the right to object to the processing of your personal information for certain purposes, such as direct marketing.

  • Withdraw Consent: If we are relying on your consent to process your personal information, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the contact information provided below. We may require you to verify your identity before responding to your request.

 

6. Security of Your Information

 

We implement reasonable technical and organizational measures designed to protect your personal information from unauthorized access, use, alteration, and disclosure. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee the absolute security of your information.

 

7. Third-Party Links

 

Our Site may contain links to third-party websites or services that are not owned or controlled by us. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party websites you visit.

 

8. Children's Privacy

 

Our Site is not intended for children under the age of [13 or 16, depending on applicable law, e.g., GDPR is 16, COPPA is 13]. We do not knowingly collect personal information from children without parental consent. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information.

 

9. International Data Transfers (If Applicable)

 

If your website operates internationally or transfers data across borders, you will need a section explaining this. For example:

  • For EU/UK Users: "If you are located in the European Economic Area (EEA) or the United Kingdom, please note that your personal information may be transferred to, stored, and processed in countries outside of the EEA or UK, including the United States, where our servers are located. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws, including by implementing appropriate safeguards such as Standard Contractual Clauses."

 

10. Changes to This Privacy Policy

 

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. We encourage you to review this Privacy Policy periodically.

 

11. Contact Us

 

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

  • By Email: [Your Support Email Address]

  • By Mail: [Your Company Name] [Your Company Address] [Your City, Postcode] [Your Country]

make this privacy policy comply with scottish law,s

You're in Glasgow, Scotland, so your privacy policy needs to comply with UK data protection law. This means adhering to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018). Additionally, for electronic communications and cookies, the Privacy and Electronic Communications Regulations 2003 (PECR) are crucial.

The good news is that the UK GDPR is largely identical to the EU GDPR, with some minor modifications for the UK context. The DPA 2018 supplements the UK GDPR, covering areas like law enforcement and national security, and provides a framework for how the UK GDPR applies. PECR deals specifically with direct marketing via electronic means and the use of cookies.

Here's an updated privacy policy, incorporating key considerations for Scottish (and wider UK) law. I've highlighted the additions and key points.

 

Privacy Policy for [Your Website Name]

 

Effective Date: July 22, 2025

This Privacy Policy describes how [Your Website Name] ("we," "us," or "our") collects, uses, and discloses your personal information when you visit, use, or make a purchase from [Your Website URL] (the "Site").

We are committed to protecting your privacy and handling your personal information in a transparent and secure manner, in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and the Privacy and Electronic Communications Regulations 2003 (PECR).

 

1. Information We Collect

 

We collect various types of information from and about users of our Site, including:

a. Information You Provide to Us Directly:

  • Account Information: When you create an account, we collect your name, email address, password, and any other information you provide (e.g., profile picture, preferences).

  • Ticket Purchase Information: When you purchase tickets, we collect your name, email address, billing address, shipping address (if applicable), phone number, and payment information (e.g., credit card details). Please note that payment processing is typically handled by a third-party payment processor, and we do not directly store your full payment card details.

  • Event Participation Information: If you interact with event features, we may collect information related to your participation, such as RSVPs, dietary restrictions (if applicable and provided by you), or accessibility needs. This may include special category data (e.g., health information for dietary needs) which requires an additional legal basis for processing, which we would obtain through your explicit consent where necessary.

  • Communications: When you communicate with us via email, contact forms, or customer support, we collect the content of your communications and our responses.

  • User-Generated Content: If you post comments, reviews, or other content on our Site, we collect that information.

b. Information We Collect Automatically:

  • Log Data: When you access and use the Site, our servers automatically record information, including your IP address, browser type, operating system, referring URLs, pages viewed, and the dates and times of your visits.

  • Device Information: We may collect information about the device you use to access our Site, including hardware model, operating system and version, unique device identifiers, and mobile network information.

  • Usage Information: We collect information about your activity on the Site, such as the pages you visit, the events you view, the tickets you purchase, and your interactions with our features.

  • Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your Browse behavior, remember your preferences, and provide a personalized experience. We will obtain your explicit consent for non-essential cookies via a clear cookie banner or pop-up. You can manage your cookie preferences through your browser settings. For more information, please see our [Link to Cookie Policy].

c. Information We Collect from Third Parties:

  • Payment Processors: When you make a purchase, our third-party payment processors may provide us with limited transaction details (e.g., confirmation of payment) but not your full payment card information.

  • Social Media: If you choose to connect with us through social media platforms, we may collect information from your social media profile in accordance with your privacy settings on that platform.

 

2. How We Use Your Information and Our Lawful Bases for Processing

 

We use the information we collect for various purposes and rely on specific lawful bases under the UK GDPR for doing so:

  • To Provide and Maintain the Site: To operate, maintain, and improve our website, services, and features.

    • Lawful Basis: Performance of a contract (with you) or legitimate interests (to ensure our website functions correctly).

  • To Process Transactions: To process your ticket purchases, send you confirmations, and manage your orders.

    • Lawful Basis: Performance of a contract (with you to provide the tickets).

  • To Manage Your Account: To create and manage your user account, verify your identity, and provide you with access to account-specific features.

    • Lawful Basis: Performance of a contract (with you for account services).

  • To Promote and Inform About Events: To display event information, send you updates about events you've shown interest in, and inform you about upcoming pop-up events.

    • Lawful Basis: Legitimate interests (to market our services to existing customers or those who have shown interest), or your consent for direct marketing where required by PECR (e.g., email marketing to new subscribers).

  • To Communicate with You: To respond to your inquiries, provide customer support, send you service-related announcements, and inform you about changes to our terms or policies.

    • Lawful Basis: Performance of a contract, legal obligation, or legitimate interests (to provide customer service).

  • For Marketing and Promotional Purposes: To send you marketing communications about our events, products, and services that may be of interest to you.

    • Lawful Basis: Your explicit consent (especially for new subscribers for email/SMS marketing, as required by PECR), or legitimate interests (for existing customers under the "soft opt-in" rule for similar products/services).

  • To Personalize Your Experience: To tailor content, event recommendations, and offers based on your interests and past interactions.

    • Lawful Basis: Legitimate interests (to improve user experience), or your consent for certain types of profiling or personalized advertising.

  • For Analytics and Research: To understand how users interact with our Site, analyze trends, and perform research to improve our services.

    • Lawful Basis: Legitimate interests (to improve our services and understand our audience). Where anonymized or aggregated data is used, GDPR may not apply.

  • To Ensure Security and Prevent Fraud: To detect, prevent, and investigate fraudulent or illegal activities and to protect the security and integrity of our Site and our users.

    • Lawful Basis: Legitimate interests (to protect our business and users), or legal obligation.

  • To Comply with Legal Obligations: To comply with applicable laws, regulations, and legal processes (e.g., responding to a court order).

    • Lawful Basis: Legal obligation.

 

3. How We Share Your Information

 

We may share your personal information with the following categories of third parties:

  • Service Providers: We engage third-party service providers to perform functions on our behalf, such as payment processing, website hosting, data analysis, email delivery, marketing services, and customer support. These service providers act as processors on our behalf and are contractually obligated to maintain the confidentiality and security of the information and to process it only according to our instructions.

  • Event Organizers/Promoters: When you purchase tickets for an event, we may share your information (such as your name and email address) with the respective event organizer/promoter for the purpose of event management, communication, and entry. We will ensure that this sharing is necessary for the performance of the contract (to provide you with access to the event) or, if it goes beyond this, we will obtain your explicit consent.

  • Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

  • Legal Requirements and Law Enforcement: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend our rights or property, (iii) prevent or investigate possible wrongdoing in connection with the Site, or (iv) protect the personal safety of users of the Site or the public.

  • With Your Consent: We may share your information with your explicit consent or at your direction.

  • Aggregated or Anonymized Data: We may share aggregated or anonymized data that does not directly identify you with third parties for various purposes, including analytics, research, and marketing. This type of data is not considered personal data under the UK GDPR.

 

4. International Data Transfers

 

As we operate from Scotland, your personal information will primarily be processed within the United Kingdom. However, some of our service providers may be located outside the UK.

If we transfer your personal information outside the UK to a country that has not been deemed to provide an adequate level of data protection by the UK government, we will ensure appropriate safeguards are in place to protect your data, such as:

  • Using Standard Contractual Clauses (SCCs) adopted or approved by the UK Information Commissioner's Office (ICO).

  • Binding Corporate Rules (BCRs).

  • Other legally approved mechanisms.

 

5. Data Retention

 

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

6. Your Rights Under UK GDPR

 

Under the UK GDPR, you have the following rights regarding your personal information:

  • The right to be informed: About how your data is being used (which is what this Privacy Policy aims to do).

  • The right of access: To request a copy of the personal information we hold about you.

  • The right to rectification: To request that we correct any inaccurate or incomplete personal information we hold about you.

  • The right to erasure ('right to be forgotten'): To request the deletion of your personal information under certain circumstances.

  • The right to restrict processing: To request that we restrict the processing of your personal information under certain circumstances.

  • The right to data portability: To receive your personal information in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

  • The right to object: To object to the processing of your personal information for certain purposes, such as direct marketing.

  • Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless certain exceptions apply.

To exercise any of these rights, please contact us using the contact information provided below. We may require you to verify your identity before responding to your request.

 

7. Complaints

 

If you have concerns about our data processing practices, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK's independent authority for upholding information rights.

  • ICO Website: https://ico.org.uk/

  • ICO Contact Details (Scotland): Information Commissioner’s Office 4th Floor 14 Melville Street Edinburgh EH3 7NS Telephone: 0303 123 1115 (national rate) Email: Scotland@ico.org.uk

 

8. Security of Your Information

 

We implement reasonable technical and organizational measures designed to protect your personal information from unauthorized access, use, alteration, and disclosure. These measures include [mention examples like: encryption of data in transit, access controls, regular security assessments, staff training]. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

 

9. Third-Party Links

 

Our Site may contain links to third-party websites or services that are not owned or controlled by us. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party websites you visit.

 

10. Children's Privacy

 

Our Site is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If we become aware that we have collected personal information from a child under 13 without appropriate consent, we will take steps to delete that information.

 

11. Changes to This Privacy Policy

 

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. We encourage you to review this Privacy Policy periodically.

 

12. Contact Us

 

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

  • By Email: popupscollective@gmail.com

  • By Mail:                                      pop-up's-collective

  •                                                      4/2

  •                                                      19 golspie street 

  •                                                      Glasgow

  •                                                      United Kingdom

  •                                                      G51 3 EX

bottom of page