Managed by ASM Global
Thank you for using the website of Coca-Cola Arena at www.coca-cola-arena.com (which encompasses the mobile app of the same name) (all, the “Website”), and is operated by ASM Global (“ASM”, “us”, “we”).
If you choose to limit the way in which you want us to collect, use or disclose any information, then you acknowledge that some aspects of the Website and/or our services may not be available to you.
This Policy, as well as your access to the Website, is subject to and governed by the laws of the United Arab Emirates as applied in the Emirate of Dubai. Any dispute regarding this Policy or the handling of your personal data will be subject to the exclusive jurisdiction of the Courts in Dubai.
This Policy is effective from 1 March 2019.
What personal data do we collect?
We collect and process personal data about you when you interact with us and our Website, including but not limited to when you purchase goods and services from us, when you visit our venues, when we carry out market research, when you subscribe to a newsletter, when you contact customer services and when you enter our competitions. This will typically be provided directly by you and may include information you provide on registration or in the process of a purchase, such as your name, date of birth, gender, address, telephone number, email address, and marketing preferences. The details being provided by you will be made clear in forms you complete or will be provided directly by you in surveys, in purchasing tickets, in entering competitions or in volunteering information in communications or content you provide to us.
When you visit our Website, we may also collect, process and use information about you and your use of our Website, including your login information, time zone setting, browser plug-in types, operating system, any forums you visit, a log of the visited pages and how you arrived at our Website. Such information may be collected through “traffic data” and may entail use of “cookies” or other tracking technologies, IP addresses or other numeric codes used to identify your computer. For more information on cookies please see the section below titled Cookies and other tracking technologies.
Apple iOS and Android Devices
By accessing our mobile application from these devices you consent to cookies being stored to your device (and other tracking technologies being used to read data from your device) for the following purposes: keeping you logged in, ensuring that an appropriate version of content is presented, analytics and advertising. Many of these cookies and technologies are essential to the operation of the application. It is not currently possible to opt out or remove these cookies (or prevent use of these technologies) from the device without deleting the application.
What personal data do we generate or receive from third parties?
We may generate or collect information about you ourselves. In an online context, much of this is set out in the section below titled Cookies and other tracking technologies. In an offline context, we may collect information about you through our CCTV cameras, ticket purchases, entering into third party competitions, in completing health and safety records or by keeping access records of our venues.
We also receive information about you from third parties. For example, if you login to a site or app using Facebook Connect you will be asked if you wish to share information from your Facebook account with us. Similarly, if you use a “like” or a “share” button for a feature on our Website, then the third party will share information with us. We sometimes will receive relevant information from third party ticketing sites or ticketing agencies, to manage your purchases. We also receive information about individuals that the police or other sport stakeholders recommend or require us to ban from our venue. We may also obtain information about you from third party demographics providers, which we may use to better understand our users and send them appropriate offers and information.
If we provide online services to a person under the age of 21 where parental consent is required, we may ask for a parent’s email address, in order to ask for consent.
How do we use your personal data, and what is the legal basis for this use?
We process your personal data for the following purposes:
- To fulfil a contract, or take steps linked to a contract: this is relevant where you make a purchase from us or enter a competition we run. This includes:
- verifying your identity;
- taking payments;
- communicating with you;
- administering the competition (where relevant); and
- providing customer services and arranging the delivery or other provision of products, prizes or services.
- As required by us to conduct our business and pursue our legitimate interests, in particular:
- we will use your information to provide products and services you have requested and to respond to any comments or complaints you may send us;
- we monitor use of our venue, Website and online services, and use your information to help us monitor, improve and protect our venue, products, content, services and Website, both online and offline;
- we use information you provide to personalise our Website, products or services for you;
- if you provide a credit or debit card as payment, we also use third parties to check the validity of the payment details you submit in order to prevent fraud;
- we use information you provide as well as information which we have collected about you to investigate any complaints received from you or from others, about our Website and venues or our products or services;
- we will use data in connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation); and
- we use data of some individuals to invite them to take part in market research.
- For purposes which are required by law:
- where you exercise your rights under any data protection law and make associated requests;
- where we are required to hold or collect personal data to meet legal requirements on us, such as keeping health and safety records, details of purchases or ensuring banned spectators are not given access to our venues;
- where we need parental consent to provide online services to children; and
- where in response to requests by government or law enforcement authorities conducting an investigation.
- Where you give us consent by utilizing our services, venue, Website, products and/or services:
- we will send you direct marketing in relation to our relevant products and services, or other products and services provided by us and carefully selected partners and sponsors;
- we place cookies and use similar technologies in accordance with our Cookies Policy (see the section below titled Cookies and other tracking technologies) and the information provided to you when those technologies are used; and
- on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.
- Where you give us your explicit consent, when you provide us with personal data about your health, for the following purposes:
- To provide you with tailored services (for example, a wheelchair accessible space)
- To help us investigate an incident which may have taken place at our venues.
Withdrawing consent or otherwise objecting to direct marketing
Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us on email@example.com.
Who will we share this data with, where and when?
We will share your personal data with other companies in our corporate group.
We will share your personal data with the data processors that help us to provide our services. Any data processors with whom we share your personal data are limited (by law and by contract) in their ability to use your personal data for any purpose other than to provide services for us. We will always ensure that any data processors with whom we share your personal data are subject to privacy and security obligations consistent with this Policy and applicable laws.
If you have consented, we will share your personal data with other trusted third parties, for example our commercial partners and the sponsors we work with, so that they can use your personal data for marketing or promotional purposes by sending you information about related products or services that may be of interest to you.
We will also disclose your personal data to third parties in the following circumstances:
- if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if we or substantially all of our assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets;
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity;
- With third parties to provide you a service you requested through a partnership or promotional offering made by a third party or us;
- With third parties with whom you choose to let us share your personal data, for example other apps or websites that integrate with our API or Website, or those with an API or Service with which we integrate;
- With vendors, consultants, marketing and advertising partners, and other service providers who need access to such Personal Data to carry out work on our behalf or to perform a contract we enter into with them; or
- to protect the rights, property, or safety of us, our customers or other persons. This may include exchanging personal data with other organisations for the purposes of fraud protection and credit risk reduction.
Save as expressly detailed above in this section, we will never share, sell or rent any of your personal data to any third party without notifying you and/or obtaining your consent.
International transfers of your personal data
Your personal data may be transferred to, and processed in, a location outside of the United Arab Emirates, such as the European Economic Area (EEA) or Australia.
In particular, your personal data may also be processed by third-party data processors assisting with the provisions of our services to you.
Some countries outside the United Arab Emirates do not have laws that protect your privacy rights as extensively as those within the United Arab Emirates. However, if we do transfer your personal data to other territories, we will put in place reasonable appropriate safeguards to endeavour to ensure that your personal data are properly protected and processed only in accordance with this Policy. However, we cannot guarantee the You can obtain more information about the safeguards we put in place by contacting us on firstname.lastname@example.org.
Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure, nationally or internationally. As a result, ASM Global cannot guarantee the security of any personal data you transmit to us, and you do so at your own risk. ASM Global has established policies and procedures for securely managing information and protecting personal data against unauthorized access and we continually assess our data privacy, information management and data security practices to provide the best possible service.
What rights do I have?
You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format. Depending on the circumstances, you have the right to receive and have transmitted to other data controllers any personal information we hold in a commonly used and machine-readable format, where technically feasible.
You have the right to correct data inaccuracies. When you contact us about a potential personal data error, we will endeavor to confirm or verify the information in question, then correct verified inaccuracies and respond to the original inquiry.
In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where it would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make. To exercise any of these rights, you can get in touch with us using the contact details set out below.
You also have a right to lodge a complaint to the applicable supervisory/governmental authority or to seek a remedy through the courts.
Data that is mandatory is indicated on relevant forms that you complete. Where provision of data is mandatory, if relevant data are not provided, then we will not be able to fulfil your requests to register, make a purchase or otherwise engage with us. All other provision of your information is optional.
You may, at any time, exercise any of the above rights by contacting us on email@example.com.
How long will you retain my data?
Where we process data in connection with your registration to use our Website, we do this for as long as you are an active user of our Website and for two years after this.
Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request in future.
Where we process personal data in connection with performing a contract or for a competition, we keep the data for 7 years from your last interaction with us or from when the contract ends.
Where we process CCTV footage, we hold this for at least one month, unless we have been asked to extract footage, in which case this is held for 10 years from the date it is extracted.
Where we process personal data to meet legal requirements, we hold this for as long as the law requires.
We hold information relating to visitors to our venues for a minimum of one (1) month.
Where your data are held on our systems, then at the end of the retention periods set out above, we will not irrevocably delete your information for another 3 months – your data will be held in an inactive form for this time to ensure that any consequential links across our systems remain intact in the event that your data are removed in a particular location.
How do we protect your personal data?
Keeping your personal data secure and preventing unauthorized access to that personal data is of utmost priority to ASM Global. ASM Global will take all steps reasonably necessary to protect your personal data against any unauthorised access, use, alteration, disclosure or destruction. Whilst ASM Global has put in place physical, electronic and managerial procedures to secure and safeguard your personal data, ASM Global cannot be held responsible for any unauthorised access by third parties and ASM Global cannot guarantee that the personal data provided by you or that is transmitted via this Website or by e-mail or otherwise online is totally secure and safe.
Cookies and other tracking technologies
Cookies and web beacons are used by us and third parties for the following purposes:
- to enable certain features of our Website (for example, to allow a customer to maintain a basket when they are shopping at an online store);
- to analyse the traffic to our Website (for example, we can count how many people have looked at a specific page, or see how visitors move around the Website when they use it, and use this information to improve the Website);
- to help target advertisements which are more likely to be of interest to you;
- to allow us to carry out retargeting (this is when advertisements are presented to you for products or services which you have previously looked at on a Website, but have not purchased);
- to allow you to interact with our Website on social media platforms. The use of these technologies by such third parties is subject to their own privacy policies and is not covered by this Policy, except as required by law.
Links to third party websites
Changes to this Policy
We may amend this Policy at any time without notice, and such amendments become effective from the date upon which they are made available on the Website. We recommend that you consult this page frequently so that you are aware of our latest Policy and can update your preferences if necessary. Your continued use of the Website and/or our services shall constitute your acceptance of any revised Policy.
How do I get in touch with you?
If you have any queries, complaints or recommendations about this Policy, or if you believe that any personal data that ASM Global may hold about you is incorrect or incomplete, please contact ASM Global at the following address and ASM Global will endeavour to respond to you promptly. firstname.lastname@example.org.