(Updated 13 September 2019)
IVCT Greece Pty Limited has been engaged by AIA to operate the Athens Spotlighted Pass.
IVCT Greece is a member of the iVenture Group of companies. iVenture Group understands that
privacy is important to you. The purpose of this Privacy Policy is to inform you as to what
information may be collected from you, how such information will be used by iVenture Group
and/or other persons or entities, with whom such information may be shared, your choices
regarding the collection, use and distribution of such information, and the security procedures
that we have implemented to protect your privacy.
Data Protection Management System
Data Controller:
iVenture Card International Pty Ltd
PO Box, 1605, Crows nest, NSW 1585, Australia
Holds all rights and obligations reserved for such capacity under the General Data Protection
Regulation (GDPR 2016/679) for processing personal data through the Website.
Data Protection Officer:
Manager, Data Protection & Compliance
iVenture Card International Pty Ltd
At the above address or:
1. What personal information do we collect?
We collect the following type of information:
- Personal information collected from customers includes name, address, contact details,
credit card details;
- Personal information collected from business contacts includes name, business position,
and business telephone and fax numbers and email addresses;
- Personal information collected from our employees and contractors includes all
information required for the employment or contractual relationship;
Generally, all personal information is collected directly from you, or with your consent, and our
policy is to collect only personal information that we need for a particular purpose. We do not
collect personal information that we do not need.
iVenture Group collects personal information in order to provide our customers with our products
or services, and in order to manage our relationship with our customers and with the people we
do business with.
In relation to our customers, iVenture Group may also request information about you in order to
help you decide which of our products or services would best suit your requirements.
We will not collect sensitive information about you (such as details of your race, political beliefs,
religion or health) without your consent.
2. How do we collect your data?
You directly provide the iVenture Group with the data we collect. We collect and process data
when you:
- Register for the Athens Spotlighted pass or place an order for any of the products listed
for purchase on the Athens Spotlighted website
- Voluntarily complete a customer survey or provide feedback via email or an enquiry form
- Use or view our website via your browser’s cookies
- Redeem your Athens Spotlighted pass offers or a booking voucher from a product
purchase, by having it scanned at a participating merchant
- Perform any of the above actions on websites under the iVenture Group or AIA
3. How is personal information used?
The personal information collected from you by iVenture Group is used:
- to provide our customers with our products or services and to notify our customers about
existing or new iVenture Group and AIA products or services or promotions from time to
time; and
- to notify our customers about existing or new products or services or promotions from
time to time offered by one of iVenture Group’s business partners.
If at any time you no longer wish to be notified about products or services or promotions offered
by iVenture Group, AIA or iVenture Group’s business partners, please let us know by
contacting
[email protected] or click
HERE.
4. Who has access to your personal information?
Aside from the uses defined in section 3. personal information collected by iVenture Group may
be disclosed to third parties to whom iVenture Group contracts out specialized functions
(including subcontracted software development services, mailing houses and printing
companies). If iVenture Group does disclose personal information to third party contractors under
outsourcing or contracting arrangements, iVenture Group takes steps to ensure that those
contractors:
- Comply with iVenture Group’s Privacy Policy when they handle your personal
information, and
- Are authorized only to use personal information in order to provide the services or to
perform the functions required by iVenture Group.
As the owner of the Athens Spotlighted brand, your personal information may also be shared
with AIA for the purposes described in section 3. iVenture Group and AIA do not sell, rent or
trade personal information to or with third parties.
5. Is personal information stored safely?
Your data is stored securely in Amazon Web Services and Google Cloud servers which hold a
high level of certification to information security standards, including ISO 27001. Details on
compliance for these standards can be found at
In addition, steps are taken by iVenture Group to ensure the security of personal information held
by it from such risks as loss or unauthorized access, destruction, use, modification or disclosure.
Our IT systems are password protected and comply with our security standards, and if personal
information is held on paper files, it is stored in locked compact uses. iVenture Group only
permits your details to be accessed by authorized personnel.
6. Online Privacy
This privacy statement outlines iVenture Group’s approach to all personal information we handle,
whether collected online or offline. However, particular issues that arise in the online environment
are noted below.
Sometimes we may generate statistics about how many people visit our site and what they look
at. This enables us to keep our site relevant and useful. Generally the information we collect and
use about website usage will not identify you, only the computer you are using. Most web
browsers are set by default to accept cookies. However, if you do not wish to receive cookies you
may set your browser to either refuse cookies or prompt you before accepting them.
Sometimes Athens Spotlighted website contains links to other websites, for your convenience
and information. When you access a website other than ours we are not responsible for the
privacy practices of that site. You may wish to review the privacy policies of each site you visit.
7. What are your data protection rights?
Our Company would like to make sure you are fully aware of all of your data protection rights.
Every user is entitled to the following:
The right to access - You have the right to request Our Company for copies of your personal
data. We may charge you a small fee for this service.
The right to rectifications - You have the right to request that Our Company correct any
information you believe is inaccurate. You also have the right to request Our Company to
complete information you believe is incomplete.
The right to erasure - You have the right to request that Our Company erase your personal
data, under certain conditions.
The right to restrict processing - You have the right to request that Our Company restrict the
processing of your personal data, under certain conditions.
The right to object to processing - You have the right to object to Our Company's processing
of your personal data, under certain conditions.
The right to data portability - You have the right to request that Our Company transfer the data
that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. See the “How to Contact Us”
section in this document for details on how to contact us to discuss the use of your personal
information.
8. How long will personal information be held?
Your personal details obtained from purchasing our products will only be kept for 18 months
unless:
- you have opted in to hear from us,
- you set up a personal profile with us or
- you extend the validity of your purchase
9a. What are cookies?
Cookies are text files placed on your computer to collect standard Internet log information and
visitor behavior information. When you visit our websites, we may collect information from you
automatically through cookies or similar technology. For further information, visit
https://www.allaboutcookies.org/.
9b. How do we use cookies?
Our Company uses cookies in a range of ways to improve your experience on our website,
including:
- Keeping you signed in
- Understanding how you use our website
9c. What types of cookies do we use?
There are a number of different types of cookies, however, our website uses:
- Functionality - Our Company uses these cookies so that we recognize you on our
website and remember your previously selected preferences. These could include
what language you prefer and location you are in. A mix of first-party and third-party
cookies are used.
- Advertising - Our Company uses these cookies to collect information about your visit
to our website, the content you viewed, the links you followed and information about
your browser, device, and your IP address. Our Company sometimes shares some
limited aspects of this data with third parties for advertising purposes. We may also
share online data collected through cookies with our advertising partners. This means
that when you visit another website, you may be shown advertising based on your
browsing patterns on our website.
9d. How to manage cookies
You can set your browser not to accept cookies, and the above website tells you how to remove
cookies from your browser. However, in a few cases, some of our website features may not
function as a result.
10. Privacy policies of other websites
The Athens Spotlighted website contains links to other websites. Our privacy policy applies only
to our website, so if you click on a link to another website, you should read their privacy policy.
11. Changes to our privacy policy
Our Company keeps its privacy policy under regular review and places any updates on this web
page. This privacy policy was last updated on 23rd August, 2019.
12.How to contact us
If you have any questions about Our Company's privacy policy, the data we hold on you, or you
would like to exercise one of your data protection rights, please contact us.
Or write to us at: PO Box, 1605, Crows nest, NSW 1585, Australia
13. How to contact the appropriate authority
Should you wish to report a complaint or if you feel that Our Company has not addressed your
concern in a satisfactory manner, you may contact the Information Commissioner's Office.