beIN Asia Limited (HK) (“we” or “us”) is a provider of subscription sports programs and related content (including via apps). In order for us to effectively provide our services to customers, we collect certain personal information. We recognise that your privacy is very important to you and we are committed to protecting your personal information.
This policy applies to personal information we handle about our customers, including subscribers to our pay TV and online sports channels, visitors to our website, users of other services we may from time to time provide, and members of the public. It provides information about the personal information we collect and the ways in which we use that personal information.
THE KINDS OF INFORMATION WE COLLECT
The kinds of personal information we collect may include
• Your name, date of birth, address, telephone number, e-mail address, bank details and credit card details.
• Public information and posts consisting of comments or content that you post using our services and the information about you that accompanies those posts or content, which may include a name, user name, comments, likes, tweets, status, profile information and picture(s). Such public information and posts are always public, which means they are available to everyone and may be displayed in search results on external search engines.
• Activity Information – cookies and other technologies. When you access and interact with our services, we may collect certain information about those visits. For example, in order to permit your connection to our services, our servers receive and record information about your computer, device, and browser, including potentially your IP address, browser type, and other software or hardware information. If you access our services from a mobile or other device, we may collect a unique device identifier assigned to that device, geolocation data, or other transactional information from that device.
• Cookies and other tracking technologies (such as browser cookies and local storage, pixel beacons, and Adobe Flash technology including cookies) are comprised of small bits of data or code that often include a de-identified or anonymous unique identifier. Websites, apps and other services send this data to your browser when you first request a web page and then store the data on your computer so that such websites, apps and other services can access information when you make subsequent requests for pages from that service. These technologies may also be used to collect and store information such as pages you have visited, content you have viewed, search queries you have run and advertisements you have viewed in relation to your usage of our services and other websites you have visited.
• Third parties that support our services by serving advertisements or providing services, such as allowing you to share content or tracking aggregate data relating to our services such as usage statistics, may also use these technologies to collect similar information. We do not control these third-party technologies and their use is governed by the privacy policies of those third parties using such technologies. Most browsers are initially set to accept cookies, but you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information. Users can manage the use of Flash technologies, with the Flash management tools available at Adobe’s website. Please note that by blocking any or all cookies you may not have access to certain features, content or personalization available through our services.
• Information from Other Sources. We may supplement the information we collect with information from other sources, such as commercially available sources and data providers, as well as information from our business partners or related and affiliated companies in Australia or internationally.
• We may also collect personal information about individuals who are, or are employed by, our suppliers (including service and content providers), contractors, dealers, related companies, agents and corporate customers. Generally, if appropriate, we will state why we are collecting personal information when we collect it and how we plan to use it, or these things will be obvious when we collect the information.
HOW WE COLLECT INFORMATION
Personal information may be collected from you in a number of ways, for example:
• when you contact us or subscribe to our services by telephone;
• when you contact us or subscribe to our services by email or via our website;
• when you update an on-line profile that includes personal information such as your name and contact details; and
• when we request certain information from subscribers for a specific purpose.
Our website may use “cookies” (these are files that are implanted in your hard drive by some websites to store information about your web use patterns) to enhance or personalise our website services. These cookies may also be used to collect and store information about your usage of our website. We may in any case collect anonymous information that allows us to review information about the date, time and duration of visits to our website without identifying you. This information is generally automatically provided to us by your web browser.
We also have access to information that is collected by or made available on third party online media platforms, including online social media platforms. If you operate an online media account, we may collect your user name associated with that account, and any other information or content you have made public in connection with that online media service or otherwise permit the online media service to share with us. Such information or content may include personal information.
If you provide personal information to us about someone else, such as an employee, you must ensure that you have their consent to disclose their information to us. You should also ensure that you take reasonable steps such that the individual concerned is aware of the various matters dealt with in this policy. You consent to work-related personal information of your employees being used and disclosed as set out in this policy.
USE OF INFORMATION
The primary purpose of the collection of personal information is to maintain our database of customers, viewers of our channels and customers of our services so that we may effectively communicate with you (including by way of push notifications), provide our services to you and, if relevant, facilitate receipt of payments from you.
We may also use your personal information to send you communications and contact you (including by way of push notifications) about our services, programs, events, campaigns, functions or news updates that may be relevant or of interest to you. From time to time we may also send you communications and information about third party products and offers. We will generally give you the option to opt-out of receiving promotional and marketing communications and/or push notifications at the time you subscribe to our products and/or services. If you do not wish to be contacted for these purposes you can let us know at any time by contacting us at the details below. Every commercial electronic communication sent by us will contain a functional unsubscribe facility or otherwise allow you to easily opt out of such communications.
We will use your personal information as set out above when we are providing services to you directly or when you are viewing our channels on a platform delivered by a third party.
We may aggregate personal information of our customers for reporting and statistical purposes. This allows us to better inform ourselves of our customers’ preferences and requirements, and to enable us to monitor the effectiveness of and constantly improve our website and our services. If we disclose aggregated information to third parties it will not contain any personally identifiable information.
DISCLOSURE OF INFORMATION
So that we may use your information for the purposes identified above, we may disclose it to external providers of services, for example, providers of security, marketing and technology services. We may also outsource certain functions of our business, including customer relationship management and management of our database.
We may disclose personal information to third party companies and partners with whom we have a relationship including third party platform operators who make our channels available to their subscribers. We may do this for instance to investigate or promote new products, services or offers which we think may be of interest or benefit to you.
Information that we collect, particularly information collected from third party online media platforms, may be disclosed to advertising and media agencies which undertake customer profiling and matching on our behalf to enable us to identify potential customers for marketing purposes.
We may disclose your personal information to the extent that we are required to do so by law, including in connection with any legal proceedings or anticipated legal proceedings, or in order to comply with any legal obligation, or to establish, exercise or defend our legal rights.
You may withdraw your consent to use your personal information at any time. To withdraw this consent please contact us at the details below. Please note that withdrawing your consent may mean that we are unable to provide you with certain services.
We may sell, transfer, or otherwise disclose our database of personal information to an actual or potential successor entity, purchaser, or investor in connection with a corporate merger, consolidation, sale of our assets or substantially all our assets, share sale, investment transaction or other corporate rearrangement.
DATA AND SDKS
If you use one of our apps and/or access one of our websites, the following provisions relating to our use and collection of data and software development kit or tools (“SDKs”) will be relevant to you.
We may work with partners who use mobile SDK to passively collect information (“SDK Information”), which generally helps us deliver personalized notifications. This data may also be used to identify you in a unique manner across other devices or browsers for the purposes of customizing ads or content. Depending on the permissions you grant to the applicable app, this information may include personal information including your e-mail address. This information may also include precise location (i.e. GPS-level data) or WiFi information, apps you have installed and enabled, and your mobile identifier (e.g., Android Advertising ID).
Who collects and operates SDK Information and where exactly will it be hosted?
SDK Information is collected by our partners and may be hosted securely outside of Australia.
How is SDK Information used?.
We share the SDK Information with service providers, contractors and other companies to fulfil your orders, operate our business, communicate with you and make available our services (including our website and our apps). For instance, we may share certain of the information we collect or receive with companies that help us with billing and payment, marketing, advertising and email marketing, data enhancement (e.g., to provide more relevant offers), website hosting, technology and customer support, web and marketing analytics, anti-fraud or security operations, and other operational, marketing or business support.
We likewise may share the SDK Information or data segments we create with website operators and app developers (for instance, related to push notifications they send) for their advertising, analytics, or other purposes.
We also share SDK Information to provide or help us to provide advertising and marketing services as we have described, including as follows:
• Sharing SDK Information with advertisers and their marketing providers, so they may provide targeted content and advertising to you on websites and mobile applications;
• Sharing SDK Information with other third parties that target advertising. For those familiar with the online ad ecosystem, these may include demand-side and supply-side advertising platforms, data management platforms, advertising agency trading desks, proximity solution providers, and other advertising technology providers, so they may provide targeted content and advertising to end users and others on third-party websites, mobile applications, and other advertising mediums (email, direct mail, display media), and so that they may measure the effectiveness of this marketing.
• We may work with service providers who, to enhance consumer privacy, use a non-human readable “hashed” version of Information such as an email address when sending advertising offers by email or display advertising (which may be linked to a cookie as described above).
• We may provide information (such as IP address, but excluding precise lat/long coordinates) to third party platforms to help advertisers identify common users across different devices or browsers – for instance, to identify a common set of users on both mobile devices and tablets, as well as the web.
What is the purpose of this collection and processing?
We use the SDK Information to:
• offer and support app and website features provided through the SDKs, including those related to push notifications. This includes, for instance, providing customer, technical and operational support for these features, detecting and protecting against errors, fraud, or other criminal activity, resolving disputes and enforcing our terms and conditions of use and other rights we may have. It also includes analysing, customizing, and improving the features we offer our subscribers;
• provide information and analytics to our subscribers about the use of our apps and websites features provided through the SDKs, or to help app developers and website operators create or enhance user profiles;
• create inferences about our subscribers categorized into “Data Segments” or to help our partners do so. For instance, if SDK Information indicates that a particular device is frequently seen at restaurants, we might categorize a user for targeting of local restaurant offers. Or, if a user is frequently seen at sports stadiums, we might categorize the user as a “Sports Fan;
• develop and use “predictive models” – data models that try to predict subscriber’s potential future behaviour and interests on a per-device basis or across devices.
How long will the collected data be stored?
We do not have any specific policies in place for limiting the duration that data is stored by us or our partners.
What are the measures in place to insure security and confidentiality of application user’s information?
We have and our partners have administrative, technical, and physical safeguards in place in our physical facilities and in our computer systems, databases, and communications networks that are designed to protect information contained within our systems from loss, misuse, or alteration. No method of electronic transmission or storage is 100% secure. Therefore, we cannot guarantee absolute security of your personal information and non-personal information.
Opting Out of Push Notifications
• You may in most cases opt out of receiving push notifications by going to your device “Settings” and clicking on “Notifications,” and then changing those settings for some or all of the apps on your device. (Different device configurations, or updates to devices, may affect or change how these settings work.)
• Your choice to opt out of “Notifications” from our mobile SDK partner will not affect ads placed by any other organization.
Opting Out of Online Interest-Based Advertising
You can opt out of many of the platforms and service providers that facilitate online interest-based advertising by visiting http://www.youronlinechoices.com.au/opt-out. This type of opt out is cookie-based, which means that if you replace or upgrade your browser, or delete your cookies, you will need to opt out again. Opting out in this way will not prevent you from receiving ads – it will just make the ads you see less customized to you.
Opting Out of “Cross-App” Advertising on Mobile Devices
You can opt out of having your mobile advertising identifiers used for certain types of interest-based (also called “cross-app”) mobile behavioural advertising, by accessing the “settings” on your Apple or Android mobile device, as follows:
• Apple Devices: If you have an Apple device, you can opt out of most app-based tracking for interest-based advertising by updating to iOS 6.0 or higher and setting Limit Ad Tracking to ‘ON.’ You can do this by clicking on Settings -> General -> About -> Advertising and toggling Limit Ad Tracking to ‘ON.’
• Android Devices: If you have an Android device, you can opt out of most app-based tracking for interest-based advertising by opening the Google Settings app on your device, selecting Ads, and then selecting the option to opt-out of interest-based ads.
Please note that these platforms control how these settings work, so the above may change. Likewise, if your device uses other platforms not described above, you should check the settings for those devices.
PERSONAL INFORMATION AND OUR FRAUD PROTECTION PROCESSES
We use a fraud protection service called “Fraud Expert” in relation to our payment processes. This service is provided by a third party payment service provider (“Payment Service Provider”).
We hereby inform you, in connection with subscriptions to our services, of the use of the “Fraud Expert” solution in addition to the processing of card not present payments. Your personal data is processed by Payment Service Provider being the controller, for the purpose of preventing and combating fraud (determining risk levels associated with transactions, detecting and managing any resulting alerts, informing merchants to allow them to take decisions, “human” reviews of transactions with a specified level of risk, modelling of the score).
The collection of certain of your personal data is a mandatory requirement for this purpose. Without this data, your transaction could be delayed or rendered impossible and your order cancelled.
This data is intended for the authorised departments of the Payment Service Provider entities involved in such processing, and for us, as well as for any third party whose involvement is required to ensure the smooth operation of the payment process and the functioning of the services offered.
Any fraud may result in the recording of your personal data in a file managed by Payment Service Provider in order to retain a trace of frauds, in particular to provide information for criteria used to evaluate risks and the score templates used. This recording of your data may also give rise to you being assigned a higher risk in the event of any subsequent order placed with a merchant that is active in the same type of industry/sector and that is using the Fraud Expert solution, and could potentially lead to the rejection of this order by the merchant.
With regard to the Fraud Expert solution, you have the right to query, access and correct your data, as well as the right to object, for a legitimate reason, to the processing of your data by the Fraud Expert solution. To exercise this right, you can send a letter to: Ingenico e-Commerce Solutions SPRL – Legal department “data protection” – Boulevard de la Woluwe 102 – B-1200 Brussels (Belgium), or send an email to: firstname.lastname@example.org, accompanied by a signed copy of proof of identity.
For purposes of consultation by us located in Australia, i.e. in a country that is not a member of the European Union/European Economic Area certain personal data may also be subject to cross-border data transfers. These cross border data transfers are supervised by a data transfer agreement in compliance with the standard contractual clauses issued by the European Commission (Decision 2004/915/EC of 27-12-2004) and have been granted authorisation from the competent data protection authorities in cases where such authorisation is required.
We hereby inform you that the personal data that is collected during the processing (identification data and coordinates, data concerning your personal and professional life, economical and financial data, connectivity data and data related to eventual fraud) may for reasons of human review of transactions and in order to define, review and update the score models, be subject to cross border data transfers to a provider of services that is a member of the Payment Service Provider group and that is located in India, a country that is not a member of the European Union/European Economic Area and that does not necessarily provide protection of personal data in accordance with European Union/European Economic Area standards. These cross border data transfers are supervised by a data transfer agreement in compliance with the standard contractual clauses issued by the European Commission (Decision 2010/87/EC of 5-2-2010) and have been granted authorisation from the competent data protection authorities in cases where such authorisation is required.
CROSS-BORDER TRANSFERS OF INFORMATION
Personal information that we collect may be transferred and stored outside of Australia between any of the countries in which our service providers operate. Your personal information may also be transferred to a parent entity or related entity located overseas.
Your personal information may be transferred overseas if we sell, transfer or disclose our database of personal information to an actual or potential successor entity, purchaser or investor who is located or has offices overseas. Accordingly, it is not practicable to specify all likely countries in which recipients of information may be located.
Once in our possession, we take all reasonable precautions to protect the personal information we hold about you from misuse, interference and loss and unauthorised access, modification or disclosure. We use a number of technological mechanisms to provide a secure environment. For example, we require our third party payment processers to have measures in place (including encryption technology) to protect the security of credit card details. However, no data transmission over the Internet can be guaranteed to be completely secure. We therefore cannot warrant the security of any information you provide to us over the Internet and you do so at your own risk.
ACCESS TO AND CORRECTION OF PERSONAL INFORMATION
We aim to ensure that your personal information is accurate, complete and up to date. To assist us, please contact us via the details below if any of your details provided have changed or if you believe that the information we hold is inaccurate. You may request us to provide you with access to the personal information we hold about you at any time. We will respond to your access request as soon as possible, however, prior to disclosing any such information it will be necessary for you to satisfactorily verify your identity. There are exceptional circumstances where access to or correction of your personal information may be refused by us such as where access would be unlawful. We will advise you of such circumstances if they arise.
By email: email@example.com
We will endeavour to:
•provide an initial response to your query or complaint within 48 hours; and;
•resolve your query or complaint within 10 business days.
If you are still not satisfied, you can contact the Australian Privacy Commissioner (see http://www.oaic.gov.au/about-us/contact-us-page or call 1300 363 992).
This policy may be updated from time to time and we recommend that you review it regularly for changes.