Privacy Policy
Last updated: June 20, 2026
This Privacy Policy applies to all personal information collected by Ticketted Pty Ltd (we, us or our) via the Ticketted website (Website).
1. What information we collect
The kind of Personal Information that we collect from you will depend on how you use the Website. The Personal Information which we collect and hold about you may include:
We collect the following personal information from ticket buyers and event organisers:
- Full name and contact details (email address, phone number)
- Payment information (credit/debit card details processed securely through Stripe)
- Event attendance history and ticket purchase records
- Account login credentials (email + single sign on credentials)
- IP address, browser type, and device information
- Communication preferences and marketing consent
- For event organisers: ABN/ACN, phone numbers, event management data
- Any other information voluntarily provided through the platform, customer support enquiries or feedback forms
2. Types of information
The Privacy Act 1988 (Cth) (Privacy Act) defines types of information, including Personal Information and Sensitive Information.
Personal Information means information or an opinion about an identified individual or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as "Personal Information" and will not be subject to this privacy policy.
Sensitive Information is defined in the Privacy Act as including information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive Information will be used by us only:
- for the primary purpose for which it was obtained;
- for a secondary purpose that is directly related to the primary purpose; and
- with your consent or where required or authorised by law.
3. How we collect your Personal Information
- We may collect Personal Information from you whenever you input such information into the Website, related app or provide it to us in any other way.
- We may also collect cookies from your computer which enable us to tell when you use the Website and also to help customise your Website experience. As a general rule, however, it is not possible to identify you personally from our use of cookies. See our Cookies Policy for details of the cookies we set and how to control them.
- We generally don't collect Sensitive Information, but when we do, we will comply with the preceding paragraph.
- Where reasonable and practicable we collect your Personal Information from you only. However, sometimes we may be given information from a third party, in cases like this we will take steps to make you aware of the information that was provided by a third party.
4. Purpose of collection
-
We collect Personal Information to provide you with the best service experience possible on the Website and keep in touch with you about developments in our business.
-
We customarily only disclose Personal Information to our service providers who assist us in operating the Website. Your Personal Information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties.
-
We send direct marketing material (such as newsletters, product updates and promotional offers) only to recipients who have explicitly opted in through their account settings or a marketing-specific opt-in form. You can change your marketing preferences in your account settings at any time, and every marketing email includes a simple unsubscribe link. We do not use Sensitive Information in direct marketing activity.
-
The service providers that assist us in operating the Website include:
- Clerk — authentication and account management
- Convex — application database and real-time data sync
- Stripe — payment processing and seller payouts
- Resend — transactional and marketing email delivery
- Amplitude — product analytics
- Sentry — error monitoring and diagnostics
- Cloudflare — bot mitigation and security
- Vercel — application hosting and content delivery
- OpenAI — AI-assisted content tools (such as event description and marketing copy generation)
- RunwayML — video generation tools
- Google Maps — venue lookup and mapping
- Inngest — background job processing
Each of these service providers has its own privacy policy governing how it handles your data.
5. Security, Access and correction
- We store your Personal Information in a way that reasonably protects it from unauthorised access, misuse, modification or disclosure. When we no longer require your Personal Information for the purpose for which we obtained it, we will take reasonable steps to destroy and anonymise or de-identify it. Most of the Personal Information that is stored in our client files and records will be kept for a maximum of 7 years to fulfil our record keeping obligations.
- The Australian Privacy Principles:
- permit you to obtain access to the Personal Information we hold about you in certain circumstances (Australian Privacy Principle 12); and
- allow you to correct inaccurate Personal Information subject to certain exceptions (Australian Privacy Principle 13).
- Where you would like to obtain such access, please contact us in writing on the contact details set out at the bottom of this privacy policy.
6. Complaint procedure
If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us on the contact details set out at the bottom of this policy. All complaints will be considered by the Privacy Officer and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.
7. Overseas transfer
Your Personal Information may be transferred to recipients located in the United States. In particular, our application database is hosted by Convex Inc., which stores account, event and ticketing data in US data centres. Other service providers identified in section 4 are also based in the United States. We take reasonable steps to ensure these overseas recipients handle Personal Information consistent with the Australian Privacy Principles, including through the contractual arrangements we have in place with them. By using our Services, you acknowledge that the laws of the United States may not provide the same level of protection as the Australian Privacy Principles, and that we may not be accountable under Australian law for any subsequent acts or practices of our overseas recipients.
8. Children's privacy
Our Website and Services are not directed at children under 16, and we do not knowingly collect Personal Information from children under 16. If you are a parent or guardian and believe that a child has provided us with Personal Information, please contact the Privacy Officer using the details below and we will take reasonable steps to delete that information.
9. How to contact us about privacy
If you have any queries, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, you can contact us through: privacy@ticketted.com.au.