Search
Close

INTRODUCTION

The Bomb Factory is committed to respecting your privacy. The purpose of this Privacy Policy (“Privacy Policy”) is to explain how we will use any personal data we collect about you, the rights you have in any personal data we hold about you, and to tell you about the policies and procedures that we have in place to respect your privacy and keep your personal data secure.

This Privacy Policy applies to you if you:

  • Visit The Bomb Factory facility, purchase a ticket for an event or at a venue owned, operated, promoted, or serviced by The Bomb Factory, its affiliates, subsidiaries and parent company; use or access our products, services, or technology in venues and events we own or operate; and interact with us online, use our mobile applications, visit our websites, or interact with or reference our products/services online, including via social media (e.g. when we correspond with you via social media, when we access information provided by social media platforms in relation to our pages on those platforms, or if you reference or interact with our Events and Venues (as defined below) on social media) (collectively, our “Services”).

WHO ARE WE?

The Bomb Factory and its affiliates Trees and Canton Hall are a Dallas-based company that own and operate live entertainment venues, events and properties, and teams.

 

OUR CONTACT DETAILS

If you have any comments or questions about this Privacy Policy or our data processing practices, please contact our Data Privacy Team at:

2713 Canton Street 

Deep Ellum Dallas, TX 75226, U.S.A.

info@thebombfactory.com

Additional contact information is available below.

 

THE CATEGORIES OF PERSONAL DATA WE PROCESS

The categories of personal data we collect and use include (examples may be subject to change):

  • Identity Data – Information such as your name; address; email address; telephone number; gender; date of birth, age and/or age range; account login details, including your user name and password, avatar, or other account-related information; information you provide in connection with your application to be a vendor, volunteer, employee, or otherwise join or support our team; your identity, public profile, and similar information from social networks such as Facebook (this may include your employment or education information if you include it in your public profile).
  • Event Access Data – Information such as unique IDs and similar data collected or derived from the use of tickets or RFID enabled products such as wristbands, as well as location data, entrance location, entrance time, etc. relating to the use of a wristband at Events and Venues; information about your vehicle (when you use our car parks or access certain portions of Events and Venues in a vehicle)
  • Location Data – Information about your location (for example, if you use WiFi at our Events and Venues, use GPS location in certain mobile applications, or when you provide your location in social media tags/posts we will record the dates and times of your visit and which parts of our Events and Venues you visited).
  • Online Services Data – Information about how you use our internet-connected Services, including the pages or sections you have visited on the websites or mobile applications provided by us (including pages we control on third party platforms and social media sites), the other companies in The Bomb Factory by our ticketing providers, the website or mobile application you were referred from, and when you visited or used them; information about electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication.
  • Device Data – Information about electronic devices you use to access our Services (including our Services on third party social media sites, or technologies on the Services that are controlled by third party data controllers) such as make and model, device identifier, advertising identifier, operating system, browser, MAC address or IP address.
  • Transaction Data – Information about the Services we provide to you and about transactions you make with other companies for events and services at our Events and Venues (including for example, what has been provided to you, when and where and, if applicable, how much you paid).
  • Preferences Data – Information we receive or create about you, such as your demographics, product/service preferences, market segments, etc., information derived from social media, e.g. likes and favorites, market segments, or opinions, and data or analytics provided about you or your account by social media companies; information from market research companies who provide us with additional personal data about you and your household such as income, number of children, occupation, social grade, home ownership status, the products and services you use or intend to use or purchase, and your interests.
  • Financial Data – Information such as bank account details, payment card information, and information from credit reference agencies.
  • Contact Data – Information about how we can communicate with you, such as email and physical addresses, social media handles, and information you provide to us when you contact us by email or when you communicate with us via social media.
  • Health Data – Information about your health (for example when you are buying tickets for wheelchair accessible spaces, when you request a sign language interpreter, or when we are investigating an accident which may have happened at one of our Events and Venues).
  • CCTV – Recordings and images collected from our surveillance cameras when you visit Events and Venues and areas adjacent to them.
  • User Content – Information you give us in free text fields such as comment boxes, answers you provide when you participate in sweepstakes, contests, votes and surveys, including any other personal data which you may provide through or in connection with our Services.

 

SOURCES OF PERSONAL DATA

We will receive your personal data when you provide them to us, when you purchase products and services offered via our Services, or when you otherwise use our Services.

We may also collect information about any device you have used to access our Services, the websites or mobile applications of other companies in The Bomb Factory, the websites of any ticketing service provider used to purchase a ticket to our Events and Venues, or when you use WiFi at any of our Events and Venues.

We also receive personal data about you from third parties, including ticket agents such as AXS, who transfer personal data to us when you purchase a ticket from them for our Events and Venues;

Event promoters, producers, and other partners or similar parties that provide us information in connection with products and services you purchase from them, or when you express interests (e.g. team preference or mailing list sign up) that relate to The Bomb Factory;

ad networks, behavioral advertising vendors, market research, and social media companies or similar companies who provide us with additional personal data about you and your household, demographics, preferences, etc.

Facebook and other social media companies who may transfer personal data to us when you register for one of our Services, or interact with that social media company on or in connection with our Services, Events and Venues; and

Service providers, such as companies providing WiFi service at our Events and Venues, or other third parties that provide services on our behalf.

We will combine any personal data about you that we receive from you at our venues and from third parties. Note that certain third parties may be able to identify you across sites and services using the information they process, however, any such processing not done at the direction of The Bomb Factory is outside the scope of this Privacy Policy.

 

HOW WE PROCESS YOUR PERSONAL DATA

All personal data that we obtain about you will be used in accordance with current data protection law and this Privacy Policy. We, or third party data processors acting on our behalf, will process your personal data for the following purposes, subject to your rights and choices below:

When you make a purchase or other transaction through our Service

We generally process Identity Data, Financial Data, Transaction Data and Contact Data as necessary to perform or initiate a contract with you, process your order and payment, and carry out fulfillment and delivery.

In addition, we may also process this information along with Device Data, Online Services Data, and Preferences Data that we collect and/or create as necessary in connection with certain legitimate business interests, such as:

ensuring the security of our Services and to prevent fraud; and providing you with information about our Services, to contact you about administrative matters, and to manage and respond to any queries or complaints you make or any correspondence you send us.

WHEN YOU ATTEND EVENTS OR VISIT OUT VENUES

We generally process Identity Data and Event Access data as necessary to grant you access to the Events and Venues and provide the services or products you have purchased.

In addition, we may process this data in combination with Online Services Data, Preferences Data and Location Data that we collect and/or create as necessary in connection with certain legitimate business interests, such as:

  • Verifying your identity for authentication and security purposes
  • Helping us to ensure our customers are genuine and to prevent fraud
  • Help us to return lost property to its rightful owner
  • Managing access to specific areas of our Events and Venues (for example, we will use lists of people and/or vehicles to allow us to manage access to backstage or VIP areas).

Note, in certain cases, we may collect Health Data or Biometric Data. Health Data is generally used so that we can provide certain services to you such as to provide you with tailored services (for example, a wheelchair accessible space or a sign language interpreter) or to help us investigate an incident which may have taken place at our Events and Venues. Biometric Data may be used for access control, creating aggregate data, personalization, or other commercial purposes. In each case, where consent is required by law, we will process this information only with appropriate consent.

 

CLOSED CIRCUIT TELEVISION (CCTV)

We may collect and/or create CCTV data as necessary in connection with certain legitimate business interests, such as preventing and detecting crime and to keep people who visit and work at our Events and Venues safe and secure;

  • Recording and investigating health and safety and other incidents which have happened or may have happened at our Events and Venues;
  • Counting the numbers of people who visit our Events and Venues and to analyze flows of people around the Events and Venues for safety and commercial purposes using software which analyzes CCTV camera images; and creating aggregate data.

 

ACCESSING OR USING OUR ONLINE SERVICES

We generally process Device Data as necessary to initiate or fulfill your requests for certain features or functions through our Services, such as keeping you logged in, delivering pages, etc.

In addition to Device Data, we may also process Online Services Data, Contact Data, Identity Data, and Preferences Data that we collect, create, and/or receive (including through the use of cookies and similar technologies) as necessary in connection with certain legitimate business interests, such as ensuring the security of our websites, mobile applications and other technology systems; and analyzing the use of our Services, including navigation patterns, clicks, etc. to help understand and make improvements to the Services.

 

OTHER PROCESSING SERVICES

We may process any personal data we control as necessary, for our legitimate interests in providing the Services and ensuring they operate safely, securely and in a commercially suitable way, and for the good governance of our business, such as keeping business records, and analyzing the use of our Services.

We may also process any personal data as necessary to comply with our legal obligations, such as where you exercise your rights under data protection law and make requests, or where we must comply with our legal obligations, lawful requests from government or law enforcement officials, and as may be required to meet national security or law enforcement requirements or prevent illegal activity. We may also process data to protect the vital interests of individuals, or on certain public interest grounds, each to the extent allowed under applicable law.

 

PERSONALIZATION, MARKETING AND ADVERTISING

Entertainment is personal, and we are always working to help you find the best concerts, festivals, sports, and other events for you to enjoy. In order to understand our customers’ preferences, and better recommend products and services that are personalized to our prior customers, we may link together personal data processed for the following purposes:

  • When you make a purchase or other transaction through our Service
  • When you attend our Events and Venues
  • When you access and use our online Services
  • When you enter a contest or other promotion.

We use this information for our legitimate interests in:

  • Market research and statistical analysis in connection with the improvement of our Services
  • Personalizing the Services and future offers you see
  • Creating aggregate data
  • Marketing communications

We may also process this personal data for targeted advertising. However, where consent to processing is required by law, we will link and process this information for targeted advertising only with appropriate consent.

 

AGGREGATED DATA

We will collect and aggregate on an anonymous basis information about you, your spending and use of our Services with information about other users of the Services in order to identify trends (“Aggregated Data”). We may pass Aggregated Data to the third parties referred to in the section below to give them a better understanding of our business and to bring you a better service. Aggregated Data will not contain information from which you may be personally identified.

 

MARKETING COMMUNICATIONS

Consistent with our legitimate business interests, we (or if appropriate, our third party partners) may send you marketing and promotional communications if you sign up for such communications or purchase products or services from us. Where allowed, we may also send you these communications if you register for our Services or for a promotion, or in connection with your communications with, or submission of User Content to, us. These communications may be personalized or customized based on your user profile. Similarly, we may also collect device data and contact data so that we can determine whether you have opened an email or otherwise interacted with our communications, and we may generate preferences data based on these interactions.

 

PERSONALIZATION AND PROFILING

We or other companies in The Bomb Factory will combine any personal data about you that we receive from you, from other companies in The Bomb Factory and from third-parties in order to create marketing profiles.

Marketing profiles include personal data such as information about Services you have used or purchased previously, information about when you have visited our Events and Venues in the past and which parts of the building you visited or events you attended, demographic data and data from your social media profiles.

For example, we may analyze the personal data of people who have purchased tickets for a particular future event that we promote, operate, provide services for, or that is hosted at one of our Events and Venues, and then compare them with other people in our database. If we identify people in our database who have similar personal data to the original purchasers, we may then target marketing about that event to the new people we have identified in our database, for example by sending direct marketing emails. We may conduct the profiling and send the direct marketing emails automatically.

 

TARGETED ADVERTISING

The Bomb Factory and certain third parties operating on or through our Services, may engage in targeted advertising. This form of advertising includes various parties and services providers, including third party data controllers, engaged in the processing of personal data in connection with advertising. These parties may be able to identify you across sites, devices, and over time.

The parties that control the processing of personal data for behavioral advertising purposes may create or leverage information derived from personalization and profiling. In some cases, these parties may also develop and assess aspects of a profile about you to determine whether you are a type of person a company wants to advertise to, and determine whether and how ads you see are effective. These third parties may augment your profile with demographic and other preferences data derived from these observations, and may also track whether you view, interact with, or how often you have seen an ad, or whether you complete a purchase for a good or services you were shown in an advertisement.

We generally use targeted advertising for the purpose of marketing our Services and third party goods and services, to send marketing communications, including by creating custom marketing audiences on third-party websites (such as Facebook).

 

SHARING YOUR PERSONAL DATA

In order to streamline certain business operations, improve Service personalization and behavioral marketing, develop products and services that better meet the interests and needs of our customers, and promote information we believe will be of interest to you, we will share your personal data with certain partners and affiliates.

In connection with our general business operations, product/service improvements, to enable certain features, and in connection with our other legitimate business interests, we may share your personal data with service providers who provide certain services or process data on our behalf.

In order to improve personalization, deliver more relevant advertisements, and develop better products and services, we may share certain personal data with current or future affiliated entities and trusted third parties for marketing, advertising, or other commercial purposes, and we may allow third parties (such as Facebook and social media advertisers, ad exchanges, data management platforms, or ad servers) to operate on our Services and process data for behavioral advertising.

Where allowed by law, or with your consent, we will share your personal data with other trusted third parties, for example the artists, promoters or sponsors we work with. In certain cases, these parties may use your personal data for marketing or promotional purposes by sending you information about related products or services that may be of interest to you.

If you use any social media plugin, API, or other similar feature, use an event hashtag or similar link, or otherwise interact with us or our Services via social media, we may make your post available on our Services or to the general public. We may share, rebroadcast, or redisplay personal data or other information in the post to the extent permitted by the relevant social media service.

We will also disclose your personal data to third parties in the following circumstances:

 

  • If we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets
  • If we or substantially all of our assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity
  • In order to enforce or apply our Terms of Use or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity
  • To protect the rights, property, or safety of The Bomb Factory, our customers or other persons. This may include exchanging personal data with other organizations for the purposes of fraud protection and credit risk reduction.

 

INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA

If you are located outside the US, your personal data may be transferred to and/or processed in a location outside of the European Economic Area (EEA).

In particular, your personal data may also be processed by staff operating in the United States or outside the EEA working for us, other members of The Bomb Factory or third-party data processors. Such staff may be engaged in, among other things, the provision of our Services to you, the processing of transactions and/or the provision of support services.

Some countries outside Europe do not have laws that protect your privacy rights as extensively as those in Europe. However, if we do transfer your personal data to other territories, we will put in place appropriate safeguards to ensure that your personal data are properly protected and processed only in accordance with this Privacy Policy. Those safeguards include imposing contractual obligations of adequacy or requiring the recipient to subscribe to or be certified with an ‘international framework’ of protection. You can obtain more information about the safeguards we put in place by contacting us using the information below.

 

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We retain information for so long as it, in our discretion, remains relevant to its purpose, and in any event, for so long as is required by law. We will review retention periods periodically, and may sometimes pseudonymize or anonymize data held for longer periods, if appropriate.

However, in some circumstances we will retain your personal data for a shorter period, such as CCTV footage, which will be retained as required by law. Similarly, we will retain your personal data for longer if we believe we may need them in order to respond to any claims, to protect our rights or the rights of a third party, and we will retain your personal data for longer if we are required to retain them in order to comply with applicable laws.

We will always retain your personal data in accordance with data protection law and never retain your personal data for longer than is necessary.

 

YOUR RIGHTS

To the extent applicable law grants you the right to do so, you may contact our Data Privacy Team (using the information below) at any time, to:

  • Request that we provide you with a copy of the personal data which we hold about you
  • Request that we update any of your personal data which are inaccurate or incomplete
  • Request that we delete any of your personal data which we are holding
  • Request that we restrict the way that we process your personal data
  • Request that we provide your personal data to you or a third-party provider of services in a structured, commonly-used and machine-readable format
  • Object to us processing personal data based on our legitimate interests, including profiling
  • Object to us processing your personal data for direct marketing purposes.

Your request must include your name, email address and postal address and we may request proof of your identity. Please allow at least seven working days for us to process your request.

 

YOUR CHOICES

You may control or limit location data that we collect through our Services by changing your preferences in your device’s location services preferences menu, or through your choices regarding the use of Bluetooth, WiFi, and other network interfaces you may use to interact with our Services. However, please note that use of RFID technologies may be necessary for the functioning of hardware required for certain processing of personal data.

Our Services do not respond to your browser’s do-not-track request. If you do not want information collected through the use of cookies, you can manage/deny cookies (and certain technologies) using your browser’s settings menu. You must opt out of third party services directly via the third party. For example, to opt-out of Google’s analytic and marketing services, visit Google Analytics Terms of Use, the Google Privacy Policy, or Google Analytics Opt-out. You may opt out or withdraw your consent to behavioral advertising. You must opt out of third party services directly via the third party. For example, to opt out of Google’s use of cookies, visit Google’s Ads Settings, here. To opt out from Facebook Custom Audience Pixel, visit their customer support page here. To learn more about how to opt out of Twitter’s use of audience pixels, visit the Twitter help page here. If you wish to take steps to opt-out of tracking by certain online advertisers, you can visit the Digital Advertising Alliance’s opt-out page at http://www.aboutads.info/choices or the Network Advertising Initiative at www.networkadvertising.org/optout_nonppii.asp. You can limit or opt out of our processing for behavioral advertising by contacting us using the information below

 

WITHDRAWING YOUR CONSENT

Where we are processing your personal data based on your consent, you may change your mind and withdraw your consent at any time.

You can withdraw your consent to receive marketing communications by clicking on the unsubscribe link in an email or by adjusting the push message settings for the mobile application.

You can also withdraw your consent to receive marketing communications or any other consent you have previously provided to us by contacting us using the information below.

The consequence of you withdrawing consent might be that we cannot perform certain services for you, such as location based services, the availability of personalized services or relevant advertising, or other services conditioned on your consent.

 

RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

You may also make a complaint to a supervisory authority for data protection matters. Complaints should be directed to the appropriate supervisory authority in your jurisdiction. Alternatively you may seek a remedy through local courts if you believe your rights have been breached.

 

HOW DO WE PROTECT YOUR PERSONAL DATA?

We use industry standard technical and organizational security measures to protect your personal data. We keep your personal data secure by implementing policies, procedures and access controls so that only authorized members of our staff or authorized third parties can access your personal data. We protect our information technology systems with firewalls and anti-virus and anti-malware software and other information security technology solutions. When we transfer your personal data to third parties we use encryption.

We cannot guarantee the security of your personal data when you transmit it to us. For example, if you email us your personal data, you should be aware that email is not a secure transmission method. As such, you acknowledge and accept that we cannot guarantee the security of your personal data transmitted to us and that any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorized access.

Where we have given you (or where you have chosen) a password which enables you to access one of our Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

 

LINKS TO OTHER WEBSITES AND MOBILE APPLICATIONS

We sometimes provide you with links to other websites or mobile applications, but these websites and mobile applications are not under our control. We are only responsible for the privacy practices and security of our Services. We are not responsible for the privacy policies, content or security of any linked websites or mobile applications. We recommend that you check the privacy and security policies of each and every website and mobile application that you visit.

In some instances, a third party may operate or host a contest/sweepstakes on our websites or mobile applications, and collect your personal data. In those cases, where we are not the operator or host of the contest/sweepstakes, we have no control over the personal data collected and accordingly urge you to review the third party’s privacy policy before participating.

 

COOKIES AND OTHER TRACKING TECHNOLOGIES

We use cookies and web beacons on our websites. Third parties also view, edit, or set their own cookies or place web beacons on our websites. Cookies and web beacons allow us and third parties to distinguish you from other users of our websites. Some of these technologies can be used by us and/or our third party partners to identify you across platforms, devices, sites, and services. Third parties may engage in behavioral advertising using this data.

Cookies and web beacons are used by us and third parties for the following purposes:

  • Enable certain features of our websites (for example, to allow a customer to maintain a basket when they are shopping at an online store)
  • Analyze the traffic to and on our websites (for example, we can count how many people have looked at a specific page, or see how visitors move around the website when they use it, what website the visited prior to visiting our website, and use this information to understand user behaviors and improve the design and functionality of the website)
  • For social media integration e.g. via third-party social media cookies, or when you share information using a social media sharing button or “like” button on our Services or you link your account or engage with our content on or through a social networking website such as Facebook or Twitter
  • Collect information about your preferences and demographics to help target advertisements which are more likely to be of interest to you using behavioral advertising
  • Allow us to carry out retargeting (this includes, for example, when advertisements are presented to you for products or services which you have previously looked at on a website, but have not purchased).

The use of these technologies by such third parties is subject to their own privacy policies and is not covered by this Privacy Policy, except as required by law.

 

MINORS

Our Services are neither directed at nor intended for use by children under the age of 13 in the US, or under the age of 13 to 16 in the EU, depending on the local jurisdiction. We do not knowingly collect personal data from such individuals. If we learn that we have inadvertently done so, we will promptly delete it. Do not access or use the Services if you are not of the age of majority in your jurisdiction unless you have the consent of your parent or guardian.

 

CONTACT US

Feel free to contact us with questions or concerns using the appropriate address below.

General inquiries: info@thebombfactory.com

Marketing choices: info@thebombfactory.com

Data rights requests: info@thebombfactory.com

Data Privacy Team: info@thebombfactory.com

Physical address: 2713 Canton Street Deep Ellum

 

CHANGES TO OUR PRIVACY POLICY

We reserve the right to change our Privacy Policy from time to time. Any such changes will be posted on this page so that we can keep you informed about how we process your personal data. We recommend that you consult this page frequently so that you are aware of our latest Privacy Policy and can update your preferences if necessary. Your continued use of our Services shall constitute your acceptance of any revised Privacy Policy.

 

This Privacy Policy was last updated on March 31, 2020.