Billboard Live Taipei logo
user anonymous avataruser anonymous avatar로그인/회원가입

(This English version is a reference translation. In case of any discrepancies, the Chinese version shall prevail.)

Version: v2.0
Effective Date: 2025-09-25

Credo Entertainment Taiwan Co., Ltd., the operator of Billboard Live TAIPEI (hereinafter, the “Company”), values the protection of your personal data. To help you understand how we collect, use, retain, and protect your data, we have established this Privacy Policy (the “Policy”) in accordance with the Personal Data Protection Act of the Republic of China (Taiwan) and applicable regulations. When you register as a member of the Billboard Live TAIPEI website (URL: https://www.billboardlivetaipei.tw/) or make purchases/receive services at Billboard Live TAIPEI (Address: 7F, ATT 4 FUN, No. 12, Songshou Rd., Xinyi Dist., Taipei City), you agree to this Policy and to be bound and protected by it.

1. Scope of Application

This Policy applies to the Company’s official website and mobile interfaces, online ticketing and membership services, admission/exit and on-site services, dining and checkout, and notifications and marketing communications.

2. Categories of Data Collected and Processed (General Disclosure)

(1) “Personal data” under this Policy refers to the following types of information:

1.Identification and Contact: Name, date of birth, gender, National ID number (Taiwan), passport number, and contact details (phone/email/postal address), etc.

2.Member Attributes and Preferences: Place of residence, language, music preferences and favorite artists (multiple selections), following/subscription settings, etc.

3.Transactions and Ticketing: Order and payment-related information (only necessary fragments retained; full card numbers are not stored), purchase and seat/seat-area details, change and refund records, etc.

4.Admission and On-Site Operations: Admission/exit time and verification results, late-seating guidance records, and identity (real-name) or age spot-check results deemed necessary by the Company (pass/fail flag), etc.

8.5.Dining and Checkout: Order and payment history, adjustment/refund/complimentary handling records, etc.

6.Systems and Audit: Service usage and security logs, necessary operation trails, and reconciliation records, etc.

7.Consents and Preferences: Versions of privacy/marketing consents, timestamps of obtaining, unsubscribe (e.g., newsletter opt-out), and withdrawal records, etc.

8.Service Preferences and Records: Information you voluntarily provide during use or recorded by the Company in service interactions—e.g., preferences for air-conditioning temperature, seating or lighting, special dining requests, or other records necessary to maintain service quality (such as prior communications or assistance provided).

9.Third-Party Login and Account Linking: If you choose to log in with third-party accounts such as Google, LINE, Facebook, or Apple ID, we will, based on your authorization, obtain necessary identifiers (e.g., name, email address, public avatar) solely for login and account-linking purposes.

10.Account and Verification: Account credentials and verification-related information (e.g., password digests processed with irreversible hashing and salting, validity records of password reset tokens, two-factor/one-time code settings and verification logs, login/logout timestamps, device and session identifiers, etc.). The Company does not store plaintext passwords; passwords are stored by the third-party identity provider Clerk using industry-standard security mechanisms. The Company can only perform verification and cannot restore password contents.

11.Other data that can identify a natural person directly or indirectly.

(2) Sources of personal data include information you provide directly, data generated during your use of the services, lawfully obtained public information (e.g., databases made public by law, public third-party social media), or data collected from you by third parties listed in Section 7 (including entrusted processors and partners) as necessary to complete transactions/provide services and lawfully provided to the Company.

3. Purposes of Use (Data Minimization)

  • Member identification, account management, and data consolidation (i.e., deduplication).
  • Ticketing and seat operations (handling and changes, admission verification, late-seating guidance, ticket issuance and reissuance).
  • Dining and checkout (ordering, split billing, reconciliation, exception handling).
  • Service quality and user-experience optimization (wayfinding, reminders/notifications, troubleshooting).
  • Lawful marketing and notifications:
    • Audience segmentation and personalized content (marketing personalization/profiling) based on your order history and music preferences/favorite artists.
    • You may unsubscribe from or refuse direct marketing at any time and may withdraw consent to the above personalization; see Section 8.
  • Internal control, audit, information security monitoring, and legal obligations (account reconciliation, tax/business document retention, incident investigation, system recovery).
  • Other purposes related to the above.
  • Notice of Necessity: If you refuse to provide necessary information or withdraw necessary consent, this may affect completion of transactions, admission, or the provision of services.

4. Cookies and Tracking Technologies

We use cookies and third-party analytics (e.g., Google Analytics) and advertising technologies to record logins, store preferences, measure effectiveness, and provide personalized content.
You may adjust your browser settings or manage/withdraw consent for non-essential cookies/tracking via the Service’s “Cookie Settings” page; processing prior to withdrawal is unaffected.
Disabling or restricting cookies may impact certain features.

5. Retention Periods (Based on Legal and Operational Needs)

Personal data retention is as follows:

  • Member basic data: For the duration of membership and for 10 years from the most recent interaction.
  • Transaction and accounting vouchers: 7 years from the date of transaction (or longer if required by law/regulatory guidance).
  • Operational and security logs: In principle, 1 year.

Upon expiry of the period or fulfillment of the purpose, your personal data will be deleted or processing will cease. However, for internal operational statistics, service improvement, information-security monitoring, or compliance needs, the Company may retain, analyze, or otherwise process your personal data after de-identification (i.e., such that a third party cannot reasonably link the data to your identity directly or indirectly). If you do not agree, please notify the Company using the contact details set out in Section 16 of this Policy.

6. Data Protection

We implement measures including encryption in transit/at rest, least-privilege access, access logging, audits and periodic reviews, and backup and recovery drills. In the event of an information security or personal-data incident, notifications will be made in accordance with the PDPA and competent authority guidance.

7. Provision to Third Parties and Cross-Border Transfers

Within the scope necessary to complete transactions or provide services, the Company may entrust or provide data to the following categories of processors/partners: logistics and ticket delivery, membership management and messaging, content and website hosting, cloud computing and data processing, analytics and ad delivery, and customer support.

The following principal service providers are explicitly identified:

  • Account verification and password storage: Handled by the third-party provider Clerk using industry-standard security mechanisms. The Company does not store plaintext passwords and performs only hash verification via Clerk.
  • Ticketing and payment processing: Handled by Shopline and its payment service Shopline Payment. The Company does not store full credit card information.

Such services may be processed and stored outside Taiwan. The Company will ensure an adequate level of protection through contractual and security requirements.

As a rule, processing is on an entrusted (processor) basis; where joint use is involved, it will be limited to achieving the service purpose and only as permitted by law or with your consent.

8. Your Rights and How to Exercise Them (Including the Right to Object to Marketing/Personalization)

Under the PDPA, you may request: access or review, copies, supplementation or correction, cessation of collection/processing/use, and deletion of your personal data.

How to apply: Please email info@billboardlivetaipei.tw from the email address you used to register with the Company, or submit via the request form provided through the Services, to facilitate identity verification and case tracking.

Identity verification: To protect your rights, you may be asked to provide sufficient identifying information (e.g., name + phone/email).

Processing time: We will respond in principle within 5 business days; extensions may be made as permitted by law and you will be informed.

Fees: Reasonable costs (e.g., copying or system retrieval fees) may be charged as permitted by law and will be disclosed in advance.

Unsubscribing from marketing / refusing profiling (personalization): You may unsubscribe from direct marketing at any time and object to or withdraw consent to the use of your personal data for marketing or personalization analysis. After processing, the Company will no longer collect, process, or use your personal data for such purposes; this will only affect marketing communications or personalized recommendations, and will not affect other services such as ticket purchases, admission, and on-site services.

Notice of Necessity: If you refuse to provide information necessary to complete a transaction or membership registration (e.g., name, contact details, payment information), you will be unable to complete registration or purchase tickets online; however, you may still purchase tickets on site subject to availability.

9. Minors

Users who are minors (under 18 years of age, or under the legal age of consent in your country for consenting to this Policy on your own) must obtain the consent of a legal representative before using the Company’s services. If a minor uses the Company’s services, it is presumed that such consent has been obtained.

10. Automated Decisions and Objections

The Company does not make decisions that produce legal or similarly significant effects on you solely by automated means. For determinations made for risk control or anti-fraud purposes, you may request an explanation and apply for human review or raise an objection. To request an explanation, apply for human review, or submit an objection, please email info@billboardlivetaipei.tw from the email address you used to register with the Company. (If an online request form is provided in the future, the method will be announced separately.)

11. Event Footage and CCTV

The Company may install surveillance cameras and record event footage at the Billboard Live TAIPEI venue for safety and event-record purposes; retention is limited to periods reasonably necessary for operations and legal compliance. If footage is used publicly or for other purposes, this will be handled according to on-site notices or applicable lawful consent mechanisms.

Spot checks on site (e.g., checking name or last digits of contact number) are for immediate verification only; unless required by law or necessary for audit, detailed comparison data will not be retained (only a pass/fail flag and timestamp).

12. Marketing Communications and Necessary Notices

You may unsubscribe from marketing communications at any time.

Notices necessary for transactions or security (e.g., tickets, admission/exit, material changes, emergency announcements) are not marketing communications and are not subject to unsubscribe.

13. Language

This Policy is currently provided in Chinese only; if reference translations in other languages are provided in the future, the Chinese version shall prevail.

14. Updates to This Policy

If you do not agree with the updated Policy, please notify info@billboardlivetaipei.tw by email after the announcement or notice. The Company will cease providing membership services per your request and handle your account and personal data in accordance with Section 8.

15. Contact Information

Personal Data Protection Contact (DPO/Privacy): info@billboardlivetaipei.tw

Appendix: Summary of Required Notices (per the PDPA)

  • Purpose of Collection: Membership/ticketing/admission and exit/dining checkout/marketing and customer service/internal control and audit/legal obligations.
  • Categories of Data: Identification/contact, preferences and favorite artists, transactions and seats, admission and checkout records, systems and audit, consents and preferences.
  • Period/Region/Recipients/Method: Period as above; regions include domestic and overseas; recipients are the Company and entrusted/necessary partners; processing by automated and manual means.
  • Rights and How to Exercise: See Section 8; failure to provide necessary data may affect completion of transactions or services.

작성자

Billboard Live TAIPEI avatar

Billboard Live TAIPEI