Wicked Nightlife Privacy Policy

Privacy Policy

Privacy Policy Wicked Group

Last Updated: March 2026

Introduction

This Privacy Policy explains how we collect, use, disclose, and otherwise handle personal information when you purchase tickets for our self-guided nightclub tours. We are committed to protecting your privacy in compliance with the Australian Privacy Act 1988 (Cth) (Privacy Act) and the Privacy and Other Legislation Amendment Act 2024 (Cth).

The expression ‘personal information’ is information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

This policy is important and affects your legal rights and obligations. Please read it carefully. If you have questions, contact us at the email address provided in the “Contact Us” section below.

1 Who We Are and Data Controller Information

We are the data controller responsible for your personal information collected through our ticketing application. We collect, use, and disclose your personal data in accordance with the Australian Privacy Principles (APPs) outlined in the Privacy Act.

Our Contact Details:

• Wicked Activities
• PO Box 1068

Surfers Paradise Q 4217

• 1300 830 002
• [email protected]
• www.wickedactivities.com.au

2 What Personal Information We Collect

2.1 Information You Provide Directly

When you purchase tickets to, and use the application for our self-guided nightclub tours, we collect the following personal information:

• Identity Information: Full name, date of birth, gender, contact details (email address, phone number, residential address)
• Payment Information: Credit card or debit card details, billing address, payment transaction history
• Booking Information: Ticket purchase date, number of tickets, tour date selected, event preferences
• Communications: Any messages, feedback, or support requests you submit through our website or application
• Complaints: if you make a complaint to us, we will collect information related to that complaint

2.2 Information Automatically Collected

We automatically collect information about your device and activities when you use our website or application:

• Device Information: Device type, operating system, unique device identifier (UDID), mobile device ID
• Technical Information: IP address, browser type, browser version, pages visited, time and date stamps of your activities
• Usage Data: Your interaction patterns with the application, features used, tour selections, search queries, clicks, and scrolling behavior
• Location Data: Approximate location (if you grant permission), geographic data associated with your tour selections
• Cookies and Similar Technologies: Session identifiers, tracking tokens, preferences, and authentication data
• Analytics Data: App crash reports, performance metrics, user journey mapping

2.3 Information About Third Parties

If you purchase tickets on behalf of other people (group bookings), you confirm that:

• You have notified those individuals that their personal information will be collected
• You have obtained their consent to provide their details to us
• You have informed them about this Privacy Policy
• Those individuals understand how we will use their information

You agree to be responsible for ensuring any third-party personal information you provide is accurate and that appropriate notifications and consents have been obtained.

2.4 Information From Third Parties

In circumstances where a product or service is to be provided to you as arranged by a third party, that third party may have provided us with your information.

If we collect personal information about you from someone else, we will, whenever reasonably possible, make you aware that we have done this, and the circumstances of that collection.

We will collect information from external service providers to whom we have contracted out for specific purposes.

We will also collect personal information from third parties who offer products and services to our members or registrants.

If you obtain services from third parties in conjunction with booking tickets through us, the third parties may provide personal information, as far as it is permitted by law.

3. Why We Collect This Information

3.1 Legal Purposes

We collect and use your personal information for the following purposes:

• Contract Fulfillment: Processing your ticket purchase, confirming your booking, sending you tickets and access codes
• Service Delivery: Providing you with access to the self-guided tour, updating you on any changes or cancellations, managing your account
• Customer Support: Responding to inquiries, resolving complaints, providing technical assistance
• Payment Processing: Processing payments, detecting and preventing fraud, complying with financial regulations
• Communication: Sending you order confirmations, booking updates, customer service messages, and receipt information
• Compliance and Legal Obligations: Meeting Australian Consumer Law requirements, anti-money laundering regulations, tax obligations, and regulatory reporting
• Safety and Security: Preventing fraud, unauthorized access, and other illegal activities; protecting the integrity of our platform

3.2 Legitimate Business Interests

Subject to your rights and reasonable expectations, we use your information for:

• Service Improvement: Analyzing how you use our application to enhance user experience, fix bugs, optimize features
• Marketing and Promotions: Sending you information about new tours, special offers, promotions (only with your consent or where you have not opted out)
• Data collection and Analytics: Identifying usage patterns, tour preferences, peak booking times, demographic trends to:
  • Personalize your experience and tour recommendations
  • Improve our marketing effectiveness
  • Understand market demand and develop new tour offerings
  • Optimize pricing strategies
  • Conduct behavioral analysis to predict user preferences – This includes analysis of tour preferences, booking patterns, demographic information, usage behavior, and similar data from other users to generate personalized recommendations and insights. You can request information about these analytics activities at any time.
• Business Operations: Audit purposes, fraud prevention, records management, system maintenance
• Research and Development: Understanding user behavior patterns to improve our services and develop new features

3.3 Automated Decision-Making

Our application uses automated decision-making systems to:

• Recommend tours based on your browsing history and booking patterns
• Detect potentially fraudulent transactions
• Personalize the application interface and content
• Determine eligibility for promotional offers

You have the right to request information about these automated decisions and to request human review of significant decisions affecting you.

4. How We Use Data collection

Our application includes data collection capabilities that analyze your personal information to:

4.1 Data collection Activities

• Behavioral Profiling: Tracking your interactions, tour selections, browsing patterns, and purchase history to build a profile of your preferences
• Predictive Analytics: Using historical data to predict which tours you are likely to book, when you are likely to purchase, and your spending patterns
• Segmentation: Categorizing users into groups based on demographics, location, booking behavior, and tour preferences
• Recommendation Algorithms: Generating personalized tour suggestions based on similar users’ preferences and your own history
• Sentiment Analysis: Analyzing feedback, reviews, and support messages to understand user satisfaction
• Trend Analysis: Identifying popular tours, peak booking periods, and emerging user preferences across all users

4.2 Transparency and Your Rights

You have the right to:

• Understand that data collection is taking place
• Know what personal information is being analyzed
• Request details about the purposes and outcomes of data collection activities
• Access the profiles and insights generated about you
• Opt out of certain data collection activities (though this may limit personalization features)
• Request that we cease data collection activities in relation to your information

To exercise these rights, contact us using the details in Section 12.

5. How We Share Your Information

5.1 Service Providers and Contractors

We disclose your personal information to trusted service providers who perform functions on our behalf under contractual confidentiality obligations:

• Payment Processors: Third-party payment platforms to process transactions securely
• IT Service Providers: Cloud hosting providers, software maintenance providers, cybersecurity providers
• Communication Providers: Email service providers, SMS messaging services, notification platforms
• Analytics Providers: Data analytics platforms to analyze usage patterns and improve services
• Ticketing and Event Providers: Venue operators, tour guides, and event management platforms
• Professional Advisors: Accountants, auditors, lawyers, and compliance consultants
• Data collection Vendors: Third-party analytics and data collection companies (provided they comply with privacy obligations)
• Related Parties: we operate a number of event companies and may share your information with other companies and business operating within our group

5.2 Legal Obligations and Safety

We may disclose your information without your consent where:

• Required by law, court order, or regulatory authority
• Necessary to protect our legal rights, prevent fraud, or ensure security
• Required to investigate, prevent, or take action regarding illegal activities or misconduct
• Required to comply with anti-money laundering and counter-terrorism financing laws
• Necessary to protect the safety or security of our users or the public

5.3 Where We Do NOT Share Your Information

We will not:

• Sell your personal information to third parties for marketing purposes
• Share your information with marketers or advertisers without explicit consent
• Disclose your information to unrelated businesses unless legally required
• Share data collection profiles or behavioral insights with unrelated parties

5.4 Overseas Disclosure

Some of our service providers may be located overseas. Where we disclose your information to overseas recipients, we take reasonable steps to ensure they comply with Australian Privacy Principles or equivalent privacy protections. You can contact us to find out which countries your information may be disclosed to.

6. Data Security

6.1 Security Measures

We take reasonable technical and organizational steps to protect your personal information from misuse, loss, unauthorized access, modification, and disclosure, including:

• Encryption: End-to-end encryption for payment data and sensitive personal information both in transit and at rest
• Access Controls: Restricting access to personal information to authorized personnel only
• Authentication: Multi-factor authentication options for account security
• Firewalls and Monitoring: Network security measures and continuous monitoring for unauthorized access
• Staff Training: Regular privacy and security training for all employees
• Regular Audits: Periodic security assessments and vulnerability testing
• Incident Response: Documented procedures for responding to data breaches

6.2 Your Responsibility

You are responsible for:

• Maintaining the confidentiality of your account credentials and passwords
• Not sharing your login information with others
• Notifying us immediately of any unauthorized access to your account

6.3 Limitations

While we implement strong security measures, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, though we continuously work to maintain and improve our security practices.

7. How Long We Keep Your Information

We retain your personal information for different periods depending on the purpose:

7.1 Retention Periods

• Booking and Transaction Information: Retained for 7 years to comply with tax and financial record-keeping obligations
• Payment Information: Retained for the duration of your account plus 7 years for audit purposes
• Account Information: Retained while your account is active; you may request deletion after account closure, subject to legal obligations
• Marketing Communications: Retained until you opt out of marketing
• Support and Complaint Records: Retained for 3 years after your last contact
• Analytics and Aggregated Data: Retained as needed for business analytics, typically until superseded by more recent data
• Legal and Compliance Records: Retained as long as required by law or regulation

7.2 Secure Deletion

When we delete your information, we use secure erasure methods to prevent unauthorized recovery. Aggregated or anonymized data that cannot identify you may be retained indefinitely.

7.3 Right to Deletion

Subject to legal obligations, you can request deletion of your personal information. We will comply unless we are required to retain the information by law or for legitimate business purposes.

8. Your Privacy Rights

Under the Australian Privacy Act, you have the following rights:

8.1 Right of Access

You have the right to access the personal information we hold about you. 

To request access:

• Contact us using the details in Section 12
• Provide sufficient information to identify your records
• We will respond within 30 days (or as otherwise required by law)

8.2 Right of Correction

You have the right to request correction of inaccurate, incomplete, or outdated personal information. We will update your information promptly and notify relevant service providers of corrections.

8.3 Right to Lodge a Complaint

You have the right to lodge a complaint with us regarding our privacy practices. Following resolution of your complaint, if you remain unsatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

8.4 Right to Opt Out

You have the right to:

• Opt out of marketing communications by clicking the unsubscribe link in emails or contacting us
• Disable cookies in your browser settings (though some features may not function properly)
• Disable location tracking in your device settings
• Withdraw consent to data collection at any time (though this may affect personalization features)

8.5 Right to Data Portability

You have the right to request your personal information in a structured, commonly-used format to facilitate transfer to another service provider.

8.6 Right Against Automated Decision-Making

You have the right to:

• Request that certain significant decisions not be made solely through automated decision-making
• Request human review of automated decisions affecting you significantly
• Request information about the logic, significance, and consequences of automated decision-making

9. Children’s Privacy

Our service is not intended for use by children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will:

• Delete such information promptly
• Notify the child’s parent or guardian
• Cease any marketing or data collection activities involving that child

Parents or guardians who believe we have collected information about a child should contact us immediately.

10. Direct Marketing

10.1 Marketing Communications

We may send you marketing communications (emails, SMS, push notifications) about our tours, special offers, and promotions if you:

• Provided your contact details when purchasing tickets
• Explicitly consented to receive marketing communications
• Have not opted out of marketing

10.2 Opting Out

You can opt out of marketing communications at any time by:

• Clicking the unsubscribe link in marketing emails
• Replying “STOP” to SMS messages
• Adjusting notification settings in your account
• Contacting us directly with your request

We will process your opt-out request within 5 business days.

10.3 Transactional Messages

Transactional messages (booking confirmations, receipts, account notifications) are not marketing communications and will continue even if you opt out of marketing.

11. Privacy Impact Assessment and Compliance

11.1 Privacy by Design

We implement privacy by design principles, building privacy protections into our data collection and processing systems from the outset. This includes:

• Data minimization (collecting only necessary information)
• Purpose limitation (using data only for stated purposes)
• Storage limitation (retaining data only as long as necessary)
• Integrity and confidentiality protections

11.2 Privacy Impact Assessment

We conduct Privacy Impact Assessments to identify and mitigate privacy risks associated with our data collection activities and application features.

11.3 Compliance

This Privacy Policy complies with:

• • Privacy Act 1988 (Cth)
  • Privacy and Other Legislation Amendment Act 2024 (Cth)
  • Australian Privacy Principles (APPs)
  • Australian Consumer Law

• Anti-Money Laundering and Counter-Terrorism Financing Act 2006

• Spam Act 2003

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending you a notification email
• Requiring you to accept the updated policy before continuing to use the service

Your continued use of our application after changes become effective constitutes your acceptance of the updated policy.

The date of the most recent update appears at the top of this policy.

13. Contact Us

13.1 Privacy Inquiries

If you have questions about this Privacy Policy, wish to exercise any of your privacy rights, or have a privacy concern, please contact us:

Email: [email protected]

Postal Address:
Privacy Officer

PO Box 1068

Surfers Paradise Q 4217

 

Phone: 1300 830 002

Response Time: We aim to respond to all privacy inquiries within 30 days.

13.2 Complaints to the OAIC

If you are not satisfied with our response to your privacy complaint, you can lodge a complaint with the Office of the Australian Information Commissioner:

Office of the Australian Information Commissioner (OAIC)

• Website: https://www.oaic.gov.au
• Phone: 1300 363 992
• Email: [email protected]
• Postal Address:
  GPO Box 5218
  Sydney NSW 2001

13.3 DEFINITIONS

“We”, “Us”, “Our” mean collectively and individually, Wicked Bucks Pty Ltd, Wicked Stag Pty Ltd, Wicked Hens Pty Ltd, Team Trips Pty Ltd and Wicked Event Management Pty Ltd and their related entities.