We're Gather Aotearoa Limited (we, us, our), and this privacy policy applies to all users of our services. It outlines how we collect, use, handle, and disclose your personal information.
By using our services, you confirm that you understand how we collect, use, handle, and disclose your information as described in this policy.
We comply with the New Zealand Privacy Act 2020 and, in respect of personal information of individuals in Australia, the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where there is any inconsistency between this policy and a mandatory requirement of an applicable privacy law, the mandatory requirement prevails.
We do not generally collect sensitive information (within the meaning of section 6 of the Privacy Act 1988 (Cth)), and where we do, we will only collect it with your consent under APP 3.3 or as otherwise permitted by law.
When you use our ticketing platform (Gather), we may ask for personally identifiable information, such as your name, contact phone number and email (personal information). Depending on how you use Gather, the categories of personal information we may collect include:
This information helps us identify and communicate with you and operate the Gather platform. If possible, we will collect personal information from you directly.
We collect your phone number primarily for the purpose of account login, multi-factor authentication, and event-related communications. You are not required by law to provide this information, but if you do not provide it you may not be able to create an account or use certain features of Gather. We do not use phone numbers for marketing purposes without your separate consent.
We may share your personal information under specific circumstances:
We strive to be transparent about when your data is shared. Please note that we are not responsible for how third parties use your personal information.
We do not share contact phone numbers directly with anyone. However, event hosts may send text messages to attendees through the Gather app. Users may also invite others to events via SMS through the app. Users can only invite individuals who have attended an event with them previously. Users can opt out of receiving invites from specific individuals and stop receiving texts from us altogether by replying STOP to Gather text messages.
We will only disclose your information to unrelated third parties if legally authorised, or with your consent. Where required by Australian law, we will only use or disclose your personal information for a secondary purpose that is related (and, in the case of sensitive information, directly related) to the primary purpose of collection and where you would reasonably expect such use or disclosure, or as otherwise permitted under APP 6.
Hosts using Gather can create custom checkout questions for their events. The information you provide in response to those questions is collected by the host in the first instance (with Gather processing it on the host's behalf so that the host can deliver the event).
Some checkout questions may ask for sensitive information (within the meaning of section 6 of the Privacy Act 1988 (Cth)), such as health information, or for sensitive-adjacent information such as accessibility requirements, dietary requirements, emergency contact details, or age/date of birth. Where a host collects sensitive information through our platform:
We may send you direct marketing communications about Gather and events we think you may be interested in, in accordance with applicable law. For users in Australia, we comply with APP 7 and the Spam Act 2003 (Cth): all commercial electronic messages we send will identify Gather as the sender, contain a functional unsubscribe facility, and only be sent where we have your express or inferred consent.
Purely transactional, factual or service messages relating to a ticket you have purchased or an event you have registered for (such as ticket confirmations, scan codes and event reminders) are designated commercial electronic messages under Schedule 1, items 4 and 5 of the Spam Act 2003 (Cth) and are sent without an unsubscribe facility.
If we send SMS messages to users in Australia, we will comply with the Telecommunications Act 1997 (Cth) and the Telecommunications Consumer Protections Code (TCPC).
If we ever make voice marketing calls in Australia, we will comply with the Do Not Call Register Act 2006 (Cth).
You may opt out of direct marketing at any time by following the unsubscribe instructions in any message, replying STOP to a text message, or contacting us at help@gather.rsvp. We will action opt-out requests within five business days of receipt.
When you purchase tickets through Gather, your payment information is processed by Stripe, our third-party payment processor. Gather does not store your full credit card details. We may retain limited transaction data such as the last four digits of your card, transaction amounts, dates, and event details for record-keeping purposes. Stripe Inc. is headquartered in the United States and may process your payment information outside New Zealand or Australia. By using Gather to purchase tickets, you acknowledge this cross-border disclosure.
For tickets purchased through our platform:
For more information about how Stripe processes your payment data, please refer to Stripe's Privacy Policy.
When you visit Gather, we collect log data sent by your browser, including your computer’s IP address, browser type and version, the pages you visit, and other relevant statistics. We may use third-party services to understand usage patterns.
We use cookies to enhance your experience. You can choose to refuse cookies, but this may limit your ability to use certain features of our services.
When you use our platform, we collect and store electronic communications between you and Gather, as well as between you and event hosts/promoters through our platform. These may include emails, in-app messages, and transaction records.
We retain these communications in accordance with our data retention practices and the requirements of applicable law, including the New Zealand Privacy Act 2020 for users in New Zealand and the Privacy Act 1988 (Cth) and APP 11.2 for users in Australia.
We prioritize the security of your personal information and take reasonable steps (as required by APP 11.1) to protect your personal information from misuse, interference, loss, and unauthorised access, modification or disclosure, but no digital transmission or storage method is entirely secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.
If we become aware of an eligible data breach involving your personal information that is likely to result in serious harm, we will notify you and (where applicable) the Office of the Australian Information Commissioner in accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth).
We retain personal information to ensure consistent service quality. The duration of retention varies based on data type and purpose, and we adhere to legal requirements.
For ticket purchases and related communications, retention periods are specified in the Payment Information section above.
We will not retain personal information for longer than we reasonably need it for the purposes for which it was collected, or as required by law. Event attendance information may be retained for so long as we reasonably consider it necessary to facilitate future events and improve user experience, after which we will take reasonable steps to destroy or de-identify it (consistent with APP 11.2). You may request earlier deletion at any time by contacting us at help@gather.rsvp.
Gather may contain links to third-party websites or services that we don't own or control. We're not responsible for the content, privacy policies, or practices of these third-party sites or services. You acknowledge and agree that we won't be liable for any damage or loss caused by using or relying on any content, goods, or services available through these third-party sites.
In compliance with applicable laws, you have rights to access, correct, or delete your personal information. For users in Australia, these include rights under APP 12 (access) and APP 13 (correction). We will respond to access requests within a reasonable period (generally 30 days) and, where we refuse a request, we will provide written reasons (except where it would be unreasonable to do so). For inquiries or requests regarding your data, please contact us at help@gather.rsvp. We may need to verify your identity to process your request.
In respect of a request for correction or deletion, if we think the correction is reasonable and we are reasonably able to change or delete the personal information, we will make the correction or deletion. If we do not make the correction or deletion, we will take reasonable steps to note on the personal information that you requested the correction or deletion.
For users in Australia, we will not charge for making a request, or for any correction (or notification of correction) of your personal information, consistent with APP 12.7 and APP 13.4. Any charge for providing access in Australia will not be excessive and will not apply to the making of the request, consistent with APP 12.8. For users in New Zealand, we may charge our reasonable costs of providing copies of your personal information, in accordance with section 35 of the Privacy Act 2020.
If you believe we have breached this policy or your privacy rights, please contact us at help@gather.rsvp. We will acknowledge your complaint and respond within a reasonable period (generally 30 days).
If you are in Australia and you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or on 1300 363 992.
If you are in New Zealand, you may complain to the Office of the Privacy Commissioner at www.privacy.org.nz or on 0800 803 909.
Your personal information may be stored and processed in New Zealand, Australia, the United States (including through Stripe Inc., which processes payments), or in any other country where we, our affiliates, or service providers maintain facilities. For personal information disclosed to overseas recipients in respect of Australian users, we will, before disclosure, take reasonable steps to ensure that the overseas recipient does not breach the APPs (as required by APP 8.1) or rely on an exception in APP 8.2 (including where the recipient is subject to a law or binding scheme substantially similar to the APPs that the individual can access to take action, or where you consent after we expressly inform you that APP 8.1 will not apply). By using Gather, you acknowledge these cross-border disclosures.
This privacy policy is subject to change. We will notify you of any modifications through your provided contact number or via a prominent notice on our website. Continued use of the services after changes signifies your acceptance of the updated policy.
For any questions about this privacy policy, please reach out to us by email at help@gather.rsvp.