EntryBoss Privacy Policy (updated 3 August 2020)

About this policy

EntryBoss Pty Ltd ABN 86 607 407 812 operates an online competition management platform. We act as an agent for event organisers to simplify entry management for our users and for event organisers. Due to the nature of our business, EntryBoss collects data about users to share with event organisers for the purposes of conducting sporting and other events in a competitive and fair manner.

EntryBoss is committed to being transparent about the data we collect about our users, how it is used and with whom it is shared. This Privacy Policy applies when you use our services and should be read in conjunction with our Terms of Use.

We will update this privacy policy when our information handling practices change. Updates will be posted on our website and notified to users when they first login to our website following any update.

Collection & purpose

EntryBoss collects personal and other information to enable user participation in sporting and sports- related events.

We collect the following types of information:

Most of the personal and other information we collect comes directly from our users when they create an account with us and/or enter events via our website.

We also collect personal and other information from:

EntryBoss also collects personal and other information via cookies on our website:

Information use and disclosure

EntryBoss uses personal and other information about you in order to act as an entry and competition management agent on behalf of event organisers.

We only disclose personal information in these circumstances:

We only disclose your sensitive information for the purposes for which you gave it to us or for directly related purposes you would reasonably expect or if you consent: for example, to provide emergency contact information or medical conditions/allergies to an event organiser when you participate in an event.

EntryBoss does not use your personal information for direct marketing and has no parent or other related entity with access to our database.

EntryBoss provides services to primarily Australian event organisers and competitors. We are unlikely to disclose personal information outside of Australia.

EntryBoss acts as the agent of event organisers (in an agency/principal relationship). By entering an event you will accept the organiser's rules and regulations of participation, which may include their privacy policy or that of their governing body.

Data integrity and data rights

EntryBoss's system and databases are hosted onshore within Australia. The hosting services we use are compliant & assessed to the PROTECTED level with regard to the Australian Signals Directorate's Information Security Manual, for PCI DSS 3.2 Level 1 financial transactions, ISO 27001/27017 security management controls, and ISO 27018 personal data protection. All transmissions to and from the EntryBoss system are encrypted, and all databases are encrypted at rest in our storage subsystems. We further encrypt some database fields at the application level to preclude their misuse.

EntryBoss uses sub-processors for ancillary technical elements, including our helpdesk, payment provider, email gateway, and reliability monitoring. EntryBoss remains in control of data processed in this fashion, even if this results in offshore processing; our controls, and Australian privacy law, continue to apply. We have no offshore data recipients.

You have the following data protection rights with EntryBoss:

These rights may be limited, in which case(s) we will inform the person concerned of the applicable exceptions. EntryBoss reserves the right to decline a request if it is excessive, technically impossible or disproportionate in respect of the resources required.

We may ask you to verify your identity before we give you access to your information or amend it.

If we refuse to give you access to or amend your personal information, we must notify you in writing setting out the reasons.

If we make a correction and we have disclosed the incorrect information to others, you can ask us to tell them about the correction. We must do so unless there is a valid reason not to.

If we refuse to correct your personal information, you can ask us to associate with it (for example, attach or link) a statement that you believe the information is incorrect and why.

Privacy contact

If you wish to complain to us about how we have handled your personal information, you may complain in writing to the email address noted below.

If we receive a complaint from you, we will determine what, if any, action should be taken to resolve the complaint.

We will tell you promptly that we have received your complaint and then respond to the complaint within 30 days.

For all requests & procedural matters, complaints, or to discuss any aspect of privacy & security at EntryBoss, or really anything else at all you'd like to raise, please don't hesitate to get in touch via support@entryboss.cc.