Privacy Policy
Welcome
This information has been produced to help you understand everything you need to know about the way LOKE Group collects, uses, and shares personal data, what your legal rights are and how to exercise them.
We hope you’ll take some time to read this document; we’ve tried to keep it all as simple as possible and to avoid jargon, and we’ll make our best efforts to keep you informed if there are any changes to the way we process your personal data in the future.
LOKE Group takes its responsibility for protecting your data very seriously and we do advise you to get to know our practices. If there’s anything here you don’t understand, or if you want to ask any questions, please feel free to contact us.
About this privacy policy
This privacy policy explains how we may collect, use, share, and transfer your personal data when you use the services provided on our sites and our apps or interact with us; and your data privacy rights. This includes subscriptions, vouchers and contributions.
Personal data is any information about you by which you can be identified or be identifiable. This can include information such as:
your name, date of birth, email address, postal address, phone number, mobile number, financial details, such as payment cards you use to purchase products
information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based)
information relating to how you use and interact with our sites, apps and services
When we refer to “personal data” in this policy, we are also referencing “personal information,” as it is defined under Australian law.
Sometimes our sites and apps may contain links to sites and services that are not part of the LOKE family of offerings. These sites and services have their own privacy policies. If you follow a link to these non-LOKE sites and apps, you should read the privacy policy shown on their site.
Who we are and how to contact us
We are LOKE Group Limited and our subsidiaries LOKE America Inc(USA), LOKE Mobile Limited(UK), LOKE Group Holdings Pty Ltd(APAC) and LOKE Digital Pty Ltd(AU).
Registered address: 43- 45 Newcombe House, Notting Hill Gate, London, England, W11 3LQ
Registration number: 12086338
In this document LOKE Group and its subsidiaries may be referred to as “we”, “us”, or “our”.
We are the data controller in respect of your personal data. This means that we are responsible for deciding how and why we hold and use your personal data. If you want to contact us directly, you can find our contact details in the “How to contact us” section below.
The types of personal data we collect about you
We collect your personal data when you visit our sites and apps, subscribe or purchase products or services, or when you interact with us. We will only collect your personal data in line with applicable laws. We collect your personal data in various ways:
directly from you, when you sign up for our services and when you browse our sites or use our apps
personal data we generate about you, e.g. personal data we use to authenticate you, or personal data in the form of your IP address or your preferences
personal data we collect from third parties, e.g. personal data that helps us to combat fraud or which we collect, with your permission, when you interact with your social media accounts
More detail about these three categories of personal data are provided below.
The personal data we collect when you register with LOKE
When you register for an account on a LOKE Group domain, we may collect:
your user name
your name
your email address
other details such as your billing address when you sign up for a subscription
some limited data from your social media profile (further information on this is below), if you have signed in to the product using your social media details
Personal data we generate about you
When you use our sites or apps we may also use cookies or similar technology to collect extra data, including:
your IP address - a numerical code to identify your device, together with the country, region or city where you are based
your geolocation data - your IP address can be used to find information about the latitude, longitude, altitude of your device, its direction of travel, your GPS data and data about connection with local Wi-Fi equipment
information on how you interact with our services
your browsing history of the content you have visited on our sites, including how you were referred to our sites via other websites
details of your computer, mobile, TV, tablet or other devices, for example, the unique device ID, unique vendor or advertising ID and browsers used to access our content
When you use our apps
The LOKE apps use personal data based on the content you have viewed. Information on bugs and crashes is also sent to us when you use our apps. You can choose to receive notifications on your mobile device via the app, and manage these notifications in the settings of the app.
Using your social media details to sign into your account
When you sign in to our sites or apps using your Facebook login details, you give permission to Facebook to share with us your email address and certain aspects of your Facebook profile if you have made these public on your Facebook profile. This only includes your first and last name, age range, link to your Facebook profile and profile picture. We do not have access to updates on your Facebook profile. If you use your Google login details, you give Google permission to share the personal data that you have made public in your Google profile. This only includes your first and last name, your email address and whether your email address has been validated, your age range, a link to your Google profile and, if you have one, your profile picture. If you register or sign in with your Apple ID, you give Apple permission to share your personal data with us. You can also choose to hide your email and Apple will create a random email address so your personal email can stay private. This email address will be linked to your profile and will be used to retrieve your content.
We will then use this personal data to form a profile for your account. If you remove the app from your Facebook settings, or from your Google settings, or your Apple ID, we will no longer have access to this data. However, we will still have the personal data that we received when you first set up your account using your Facebook, Google login, or Apple ID.
Personal data when you post comments about LOKE on other social media sites
If you have mentioned LOKE in posts on social media sites, then we may collect your social media handles. For example, when you mention the LOKE in a tweet, we may collect your Twitter handle.
How we collect personal data
We collect personal data when you:
register for an account on LOKE
pay for a subscription or purchase any other products/services for yourself or others
attend our events
enter our competitions and surveys
take part in our call-outs
sign up for marketing communications
use mobile devices to access our content
access and interact with any of our sites and app
through cookies and other similar technology
when you contact us via email, social media, our apps or similar technologies or when you mention us on social media
How we use your personal data
We use personal data collected through our sites and apps only when we have a valid reason and the legal grounds to do so. We determine the legal grounds based on the purposes for which we have collected your personal data.
Legal grounds for using your personal data
The legal ground may be one of the following:
Consent: Often we will use your personal data because we have asked for your consent, which you can withdraw at any time. Examples of where we ask for your consent include:
to send marketing emails to you, when we have asked your permission. You can withdraw your consent to receiving these emails at any time by clicking on the “unsubscribe” link at the bottom of the email
to place non-essential cookies, or other similar technology. We provide more details of how we use cookies in our cookie policy. You can withdraw your consent to us placing these cookies at any time through the cookie banner on the website
Performance of a contract with you (or in order to take steps prior to entering into a contract with you): We will use your personal data if we need to in order to perform a contract with you. For example, where you have purchased a product from us, we will need to use your contact details and payment data in order to process your order and deliver your product.
Compliance with law: In some cases, we may have a legal obligation to use or keep your personal data.
Our legitimate interests: We may process your personal data where it is necessary for our legitimate interests in a way that might be expected as part of running LOKE and in a way which does not materially impact your rights and freedoms. For example it is in our legitimate interests for us to understand our users, promote our services and operate our sites and apps efficiently for the facilitation of an ordering and payment system for hospitality, globally. Examples of when we rely on our legitimate interests to use your personal data include:
when we analyse what content has been viewed on our sites and apps, so that we can understand how they are used and improve our content.
to analyse our users to better understand your interests and preferences so that we can make our marketing more relevant to you. This includes when we promote our own products and services. For example, we look at what you have viewed on our sites and apps and what products and services you have bought (including what you have looked at and what products or services you have bought on our other platforms).
to show you more relevant advertising based on that analysis by creating “segments” of particular types of audiences so that we can show you advertisements that may be more relevant to you and the ‘’segments’’ you may be in.
to use those “segments” to create”custom audiences” so that we can identify our audience across third party websites. This is normally by using cookies as described in our cookie policy. For example we use these “custom audiences” to present advertising on social media platforms like Facebook. You can manage the use of cookies by clicking the Privacy settings link on our sites in the footer of every page..
to keep you informed about LOKE if you have subscribed currently or in the past, and have not opted out from receiving our communications.
for internal administrative purposes related to our services - such as our accounting and records.
to inform you of any changes to our services, such as updates to our terms and conditions.
to collect and log IP addresses to improve and manage our site and apps.
to personalise our services (for example when you sign in) by remembering your settings, and recognising you when you sign in on access LOKE in different ways, such as by our app and on our site.
enabling you to share our content with others using social media or email.
contacting you directly via social media or email if you send us emails, enter competitions or engage with LOKE on social media or contact us.
when we respond to your queries and to resolve complaints.
for security and fraud prevention, and to ensure that our sites and apps are safe and secure and used in line with our terms of use.
Where we rely on cookies to collect any personal data please see our cookie policy for more information and how to manage your cookie choices through your Privacy settings.
Access permissions when you are using a LOKE app
When you use a LOKE app, we will ask for permissions to access particular functions of your mobile device. When we ask for permissions will depend on the operating system of your mobile device, but can include:
when you decide to store content including photographs on your mobile device to read or use when offline. We will need you permission to save content to your mobile device.
asking permission to access your contact details/profile on your mobile device, so that we can add or find your account on your phone;
if you decide to submit or access content (such as scanning a QR code), we will ask permission to access your camera or photographs.
Personal data that we receive about you from other organisations
Adding to or combining the personal data you provide to us
When you sign up to our services we may add to the personal data you give us by combining it with other personal data shared with us by other trusted organisations. This includes, for example, the region that you are located in, so that we can show you the prices for subscriptions or other products in your local currency. We may also add personal data to improve the accuracy of your delivery address when we send out mail. We may also obtain your personal data from partners whose offers we include in some of our marketing communications and we use this personal data to ensure that we do not send you irrelevant marketing and to ensure the accuracy of the information we hold.
We also use personal data based on the content you have viewed on our sites and apps and your interaction with the content to add you to groups with similar interests and preferences, so that we can make our online advertising more relevant. Sometimes we use data about your interests or demographics that some of our global third parties have collected from you online to add you to these groups, such as Comscore and Nielsen. Please refer to our cookie policy for more information on how we use cookies.
Personal data shared by event partners
When you register or book a ticket for a LOKE event organised by an event partner, your registration data may be shared with us by the event partner.
Using children’s personal data
We do not aim any of our products or services directly at children under the age of 13 and we do not knowingly collect personal data about children under 13. Some of our services may have a higher age restriction and this will be shown at the point of registration.
Security of your personal data
We have implemented appropriate technical and organisational controls to protect your personal data against unauthorised processing and against accidental loss, damage or destruction. You are responsible for choosing a secure password when we ask you to set up a password to access parts of our sites or apps. You should keep this password confidential and you should choose a password that you do not use on any other site. You should not share your password with anyone else, including anyone who works for us. Unfortunately, sending any information, including personal data, via the internet is not completely secure. Although we will do our best to protect your personal data once with us, we cannot guarantee the security of any personal data sent to our site while still in transit and so you provide it at your own risk.
When we share or sell your personal data
Within the LOKE group of companies
Depending on where you live, we may share your personal data within the LOKE group of companies in the UK or Australia. We may share it in order to perform a contract with you, for administrative purposes, or when we have a legitimate interest in doing so. For example:
If you book an event held in Australia, at first we may hold your data on our systems in the UK and then we may share it with LOKE in Australia for administration purposes
If you are going to one of our events hosted by an event partner, we may share your personal data with that partner for event administration purposes
We may share your data to understand how you interact across our group products or to tailor and offer relevant advertising to you.
With external organisations
We share your personal data with other organisations that are not directly linked to us under the following circumstances:
Service providers - We may share your data with other organisations that provide services on our behalf. We may do this to perform a contract we have entered into with you, where it is in our legitimate interests or with your consent. Examples of when we may share your data with service providers include sharing with:
online payments processors who process credit and debit card transactions on our behalf
fraud management providers that help us to identify and prevent online fraud
internet and cloud hosting services providers, such as Amazon Web Services (AWS)
life-cycle engagement platforms such as Braze, to help us build and manage our campaigns
software service providers such as Pipedrive that assist us with our customer relationship management
communications services providers, such as Mailchimp
error tracking software providers to help us diagnose and fix errors and optimise the performance of our website and apps
service providers that help us carry out analytics, facilitate audience creation and segmentation and to measure our audience engagement.
service providers that help provide us with insights and analytics that help us to improve our products and services. For example, we use Google Analytics to understand how visitors engage with our sites or apps
data management companies, such as Formstack, that help us collect data via online forms and surveys
service providers that help provide online identity-as-a-service and access management services
Advertising partners - We may also share your data collected through our websites and apps with our advertising partners, as set out in our cookie policy. These partners help us deliver relevant advertising across our websites and apps. For example, we use Google Ad Manager to assist us with the delivery of relevant ads.
Agencies and authorities if required by law - We may reveal your personal data to any law enforcement agency, court, regulator, government authority, or in connection with any legal action if we are required to do so to meet a legal or regulatory obligation, where the request is proportionate, or otherwise to protect our rights or the rights of anyone else (for example, in response to valid and properly served legal process such as subpoena or warrant). If we have your contact details, we will take reasonable steps to attempt to notify you prior to disclosing your data unless (i) prohibited by applicable law from doing so, or (ii) there are clear indications of unlawful conduct in connection with your use of LOKE services.
Event sponsors and partners - we may share your personal data with sponsors of LOKE events and partners who we hold events with for marketing purposes when you have given your permission for us to do so.
Social media organisations - We may share your personal data with other organisations when our web pages use social plug-ins from these organisations (such as the “Facebook Recommend” function, Twitter’s retweet function, Google+ function). These other organisations may receive and use personal data about your visit to our sites or apps. If you browse our site or view content on our apps, personal data they collect may be connected to your account on their site. For more information on how these organisations use personal data, please read their privacy policies.
Organisation/s that buy any of the LOKE group of companies - We may share your personal data to any other organisation that buys, or to which we transfer all, or substantially all, of our assets and business. If this sale or transfer takes place, we will use reasonable efforts to try to make sure that the organisation we transfer your personal data to uses it in line with our privacy policy.
Any organisations which access your data in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your data and keep to all data privacy laws that apply. We may also independently audit these service providers to make sure that they meet our standards.
International data transfers
Data we collect may be transferred to, stored and processed in any country or territory where one or more of our LOKE group companies or service providers are based or have facilities. While other countries or territories may not have the same standards of data protection as those in your home country, we will continue to protect personal data that we transfer in line with this privacy policy.
Whenever we transfer your personal data out of the UK or the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:
We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data.
We may also use specific approved contracts that use Standard Contractual Clauses for the protection of personal data where appropriate, with our service providers that are based in countries outside the UK or the EEA, including those based in Australia. These contracts give your personal data the same protection it has in the UK or the EEA.
If you are located in the UK or the EEA, you may contact us for a copy of the safeguards which we have put in place for the transfer of your personal data outside the UK or the EEA.
How long we keep your personal data
We keep your personal data for only as long as we need to. How long we need your personal data depends on what we are using it for, as set out in this privacy policy. For example, we may need to use it to answer your queries about a product or service and as a result may keep personal data while you are still using our product or services. We may also need to keep your personal data for accounting purposes, for example, where you have bought a subscription. If we no longer need your data, we will delete it or make it anonymous by removing all details that identify you. If we have asked for your permission to process your personal data and we have no other lawful grounds to continue with that processing, and you withdraw your permission, we will delete your personal data. However, when you unsubscribe from marketing communications, we will keep your email address to ensure that we do not send you any marketing in future.
How we may contact you
Service communications
From time to time we may send you service emails, for example, telling you your subscription is coming to an end or thanking you when you contribute or place an order with us.
Marketing communications and editorial newsletters
If we have your permission or you have not opted out, we may send you materials we think may interest you, such as new LOKE offers and updates. Depending on your marketing preferences, this may be by email, phone, SMS or post.
You can decide not to receive these emails at any time and will be able to “unsubscribe” directly by clicking a link in the email.
Market research
Sometimes we may contact you for market research purposes, for example about a survey. You can opt out from being contacted in this way by contacting us.
Responding to your queries or complaints
If you have raised a query or a complaint with us, we may contact you to answer your query or to resolve your complaint.
Cookies and similar technologies
When you visit our sites or when you use our apps, we may collect personal data from you automatically using cookies or similar technologies.
This privacy policy includes our cookie policy below, where you can find more information about our use of cookies.
When you use our Website, LOKE or our service providers may obtain information using technologies such as cookies, tags, web beacons, and navigational data collection (log files, server logs, and clickstream data) to better understand your user experience. For example, LOKE or our service providers may collect information like the date, time and duration of visits and which webpages are accessed.
When you access our Website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer or mobile device. This enables us to recognise your computer or device and greet you each time you visit our Website, without bothering you with a request to register or log-in. It also helps us keep track of products or services you view, so that we can send you news about those products or services.
We also use cookies to measure traffic patterns, to determine which areas of our websites have been visited, and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online services. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.
We may also log IP addresses (the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track user movements, and gather broad demographic information.
This information is generally not linked to your identity, except where it is accessed via links in LOKE emails or apps or where you have identified yourself. We may also collect anonymous data (which is not personal information) relating to your activity on our website (including IP addresses) via cookies. We generally use this information to report statistics, analyse trends, administer our services, diagnose problems and target and improve the quality of our services. To the extent this information does not constitute personal information because it does not identify you or anyone else, the Australian Privacy Principles do not apply and we may use this information for any purpose and by any means whatsoever.
Your privacy and data protection rights with regard to the personal data that we hold about you
You have a number of rights with regard to the personal data that we hold about you and you can contact us with regard to the following rights in relation to your personal data:
You have the right to receive a copy of the personal data we hold about you
You have the right to correct the personal data we hold about you
Where applicable, you may also have a right to receive a machine-readable copy of your personal data
You also have the right to ask us to delete your personal data or restrict how it is used, consistent with the GDPR. There may be exceptions to the right to erasure for specific legal reasons which, if applicable, we will set out for you in response to your request
Where applicable, you have the right to object to processing of your personal data for certain purposes
Where you have provided us with consent to use your personal data, you can withdraw this at any time
If you would like to exercise any of your rights specified above, please email dpo@ametrosgroup.com
We may need to request specific information from you to help us confirm your identity. If your request is complicated or if you have made a large number of requests, it may take us longer. We will let you know if we need longer than one month to respond. You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
Your rights under the Australian Privacy Act
The Australian privacy Act has rules around how we handle your personal information that may be different to rules in other regions. These rules are set out in the Australian Privacy Principles in force under the Privacy Act 1988 (Cth) (the Australian Privacy Act). We are required to treat your personal information in line with those principles, including to disclose to you what personal information we collect and how we use it, to store your information securely and to support you in exercising your rights.
Personal information we collect and use
When we refer to “personal data” throughout this policy, we are also referencing “personal information,” as it is defined under Australian law, which you can read about here.
Details about the personal information that we collect, use and disclose is set out throughout this privacy policy. You can navigate these relevant sections by going to the contents section at the top of the page.
Your rights
Your rights to privacy are also protected by the Australian Privacy Act, including your:
Right of access to the personal information held about you; and
Right of correction to correct your information when it is incorrect.
These principles and rights are reflected throughout this privacy policy.
Opt out of personalised advertising
Under the Australian Privacy Act, you have the right to opt out of the use of your personal information for the purpose of direct marketing, including in relation to personalised advertising. You can opt out of personalised advertising across our website and apps at any time by going to Privacy settings at the bottom of the page. You will still see non-personalised advertising.
We and our partners use cookies and similar technologies to collect information about your use of the website to help create reports and statistics on the performance of the website. Analytics cookies such as Google Analytics collect information such as your IP address, device type and operating system, referring URLs, location and pages visited. If you don’t want Google Analytics to be used in your browser, you can install the ‘Google Analytics Opt-Out Browser Add-On’, provided by Google.
For a complete description of our use of cookies and similar technologies globally, please see our cookie policy.
If you have contacted us at dpo@ametrosgroup.com with a privacy related complaint and you are not satisfied with our handling of that complaint, you may refer that complaint to the Office of the Australian Information Commissioner:
GPO BOX 5218, Sydney NSW 2001
T 1300 363 992
https://www.oaic.gov.au
Contact us for information about how we use your personal data
If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please contact the Data Protection Officer at.
Complaints will be dealt with by the Data Protection Team.
If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.
If you have a question about anything else, please contact us.
LOKE Group Contact Details
LOKE Group Limited
LOKE, Avenue HQ, 17 Mann Island, Liverpool L3 1BP
Support@loke.com.au
Who is the LOKE Group Data Protection Officer?
Ametros Group Ltd
Lakeside Offices, Thorn Business Park
Rotherwas Industrial Estate
Hereford
Herefordshire
England
HR2 6JT
0330 223 2246
dpo@ametrosgroup.com
www.ametrosgroup.com
Who is the LOKE Group EU Representative?
Ametros Ltd
Unit 3D
North Point House
North Point Business Park
New Mallow Road
Cork
Ireland
gdpr@ametrosgroup.com
www.ametrosgroup.com
Changes to this privacy policy
If we decide to change our privacy policy we will post the changes here. If the changes are significant, we may also choose to email all our registered users with the new details. If required by law, we will get your permission or give you the opportunity to opt out of any new uses of your data.
Changes to this privacy policy to date
The most recent changes to this privacy policy were made on:
24 November 2021