Privacy Policy
At Oyster Fest SF (“we,” “our,” or “us”), accessible via oysterfestsf.com, we are firmly committed to protecting the privacy and personal data of our users. We recognize the importance of securing your personal information and are fully dedicated to maintaining your trust. This Privacy Policy explains how we collect, use, disclose, and protect your personal data in accordance with applicable privacy regulations, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Commitment to Privacy and Data Protection
We value your privacy and are committed to handling your personal information responsibly, lawfully, and transparently. This includes implementing appropriate data protection safeguards, maintaining user confidentiality, and ensuring compliance with relevant legal obligations. Our objective is to provide a secure digital experience at oysterfestsf.com while respecting your rights and choices.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of oysterfestsf.com and any personal data collected through our website, communications, ticketing services, event promotions, and related services. For the purposes of the GDPR and similar regulations, Oyster Fest SF is the data controller of your personal data.
If you have questions or concerns, please contact us at [email protected].
3. Categories of Personal Data Processed
We may collect and process the following categories of personal data, depending on how you interact with oysterfestsf.com:
– Usage Data: Includes information such as your IP address, browser type and version, pages visited, time and date of visit, referring URL, time spent on pages, session identifiers, and other diagnostic data.
– Account Data: Information provided when signing up for newsletters, event updates, or accounts, including your name, email address, phone number, and mailing address.
– Profile Data: Information tied to your user preferences, past event attendance, ticket purchases, and behavioral data related to your interactions with our website or services.
– Communication Data: Includes records of support inquiries, form submissions, email correspondences, or other interactions initiated by you, such as customer feedback.
– Technical Data: Device and platform details such as operating system, device identifiers, screen size, network data, and hardware settings.
– Transaction Data: Information about ticket purchases, event registrations, billing addresses, payment card data (processed securely by third-party providers), and delivery information as relevant.
– Preference Data: Marketing preferences, product and event interest areas, response to surveys, event attendance history, and opt-in or opt-out consents for promotional communications.
4. Legal Bases for Processing Personal Data
We process your personal information only where there is a valid legal basis under GDPR and similar regulations. These include:
– Consent: When you voluntarily provide personal data or opt-in to marketing.
– Contractual Necessity: For processing orders, ticket sales, or customer service when necessary to fulfill a contract with you.
– Legal Obligations: For compliance with laws, regulatory requests, or court orders.
– Legitimate Interests: For service improvement, analytics, fraud prevention, and marketing, provided these do not override your individual rights and freedoms.
5. Your Rights Under Applicable Privacy Laws
Subject to applicable data protection legislation, you are entitled to:
– Right of Access: Obtain confirmation of processing and access to your personal data.
– Right of Rectification: Request correction of inaccurate or incomplete data.
– Right of Erasure (“Right to Be Forgotten”): Request deletion of personal data in certain situations.
– Right to Restrict Processing: Limit processing of your data where you contest its accuracy, lawfulness, or when we no longer need the data.
– Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format and request its transmission to another controller.
– Right to Object: Object to the processing of your data where we rely on legitimate interests or direct marketing.
We will promptly respond to your request and process it in accordance with applicable law. To exercise any of your rights, send an inquiry to [email protected].
6. Data Security Measures
We implement a range of physical, administrative, and technical safeguards to protect personal data, including:
– End-to-end encryption of data where appropriate
– Role-based access and authentication controls
– Regular internal security audits and system vulnerability assessments
– Data backups with secure offsite and cloud-based storage
– Staff training on cybersecurity and data protection obligations
While no system is completely immune, we continuously monitor and improve our safeguards to prevent unauthorized disclosure, alteration, or loss of data.
7. International Data Transfers
Your data may be transferred to—and stored or processed in—countries outside your jurisdiction, including countries that may not provide the same level of data protection. In such cases, we ensure safeguards such as the use of Standard Contractual Clauses approved by the European Commission, recognized adequacy standards, or other appropriate legal mechanisms.
8. Data Retention Schedule
We retain your personal data for only as long as necessary for the purposes for which it was collected:
– Account and Profile Data: As long as your account is active or as required to fulfill event-related obligations
– Transaction Data: Typically retained up to 7 years for legal and financial recordkeeping
– Communication and Support Data: Retained for 3 years after last communication
– Marketing and Preference Data: Retained until you withdraw consent or request deletion
– Usage and Technical Data: Anonymized and retained for analytics for up to 2 years
When data is no longer needed, it is securely deleted or anonymized.
9. Cookie Policy
Oysterfestsf.com uses cookies and related technologies to enhance your browsing experience. We use:
– Essential Cookies: Enable core site functionality such as security, authentication, and ticketing.
– Functional Cookies: Remember your preferences and settings to improve usability.
– Analytical Cookies: Help us understand how visitors interact with the site using tools like Google Analytics.
– Performance Cookies: Optimize site performance and load speed.
Cookies do not store sensitive personal data but may link to anonymized IDs for analytics.
10. Cookie Management and Compliance
You can control the use of cookies through your browser settings or tools provided on our website. Where required by the GDPR and CCPA, users are given the opportunity to opt-in to non-essential cookies. Cookie consent banners allow you to adjust preferences at any time. We honor Do Not Track (DNT) signals and respect user opt-out choices.
11. Children’s Privacy
Oysterfestsf.com is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children without parental consent. If we become aware of any such data being collected inadvertently, we will take reasonable steps to delete it. If you believe we may have collected personal information on a child, please notify us at [email protected].
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy to reflect legal, operational, or administrative changes. Where changes affect your rights or the manner in which we process your data, we will provide clear notice via the website or by contacting you directly through available communication means. Continued use of the site signifies agreement with the revised policy.
13. Contacting Us
For any inquiries, concerns, or requests regarding your personal data or this Privacy Policy, please contact us:
Email: [email protected]
Website: oysterfestsf.com
We are committed to upholding the principles of transparency and accountability, and will take all reasonable steps to resolve your inquiries in accordance with applicable privacy laws.
Oyster Fest SF strives to ensure full compliance with GDPR, CCPA, and other relevant data protection laws. If you have questions about how your personal data is handled, please contact us anytime at [email protected].