South Coast Conservatory Ticketing Privacy Policy

1. Information We Collect

• Contact information. The public checkout form collects your full name and email address. When staff creates a manual invoice or complimentary invite, they may also record your name and an internal note so they know who the invite was intended for.
• Order and ticket details. After payment we store the event purchased, ticket quantities, seat selections, QR codes, and timestamps connected to your acceptance of the checkout terms. Mailing addresses are not collected in this ticketing system.
• Payment-related data. Card data is entered directly into Stripe. We receive payment intent IDs, Stripe customer IDs, card brand/last four digits, billing ZIP codes, and receipt emails so we can reconcile the payment, issue refunds, or respond to disputes. We never have the full card number.
• Technical identifiers. We set a short-lived cart cookie to keep your selections and seat holds tied to your browser, and we log limited device details (IP address and user agent) to prevent abuse. We do not use advertising pixels or third-party analytics on this site.

2. How We Use Your Information

• Fulfill purchases, reserve seats, and deliver digital tickets.
• Send manual invite links or transactional notices tied to your order.
• Maintain accurate accounting, tax, and security records, including refund or chargeback documentation.
• Verify ownership during customer support, manual transfer, or dispute requests so we know we are working with the purchaser of record.
• Enforce ticket limits, detect fraud, and stop duplicate or unauthorized redemptions.

We do not sell personal information or send marketing email campaigns from this ticketing system.

3. How We Share Information

We share data only with service providers that help us run the ticketing experience:

• Stripe for payment processing and fraud prevention.
• Email/SMS providers that deliver confirmations, manual invites, or support replies.
• Hosting and infrastructure vendors that store our databases, cart snapshots, and access logs under SCC’s control.

We may also disclose information when required by law, regulation, legal process, or to protect the rights, property, or safety of SCC, our staff, and event attendees.

4. Cookies and Similar Technologies

• cartId cookie. An HTTP-only cookie (expires within 24 hours) that keeps your cart and seat holds synced between requests.
• Stripe cookies. Stripe may set additional cookies solely to power its Payment Element and prevent fraud.
• Staff authentication cookies. Only admins and scanners receive authentication cookies for the protected dashboards. Shoppers do not receive these cookies.

Disabling cookies will prevent carts and seat reservations from working correctly.

5. Data Retention

• Order, ticket, manual invite, and payment metadata are retained as long as needed for operational, accounting, tax, or legal requirements.
• Cart snapshots exist for up to 24 hours and seat holds typically expire within minutes unless you extend them.
• Abuse-prevention fingerprints (IP plus browser details) expire shortly after the applicable rate-limit window.

When data is no longer needed we delete it or de-identify it unless a longer retention period is required by law or by our payment partners.

6. Security

We use administrative, technical, and physical safeguards appropriate for the limited personal data we collect, including TLS encryption, strict access controls, and reliance on PCI-compliant payment processors for cardholder data. No system is perfectly secure, but we strive to limit the data collected and to protect what we store.

7. Your Choices

• Email front.desk@scconservatory.com to update the email tied to your order, request a copy of your ticket record, or correct manual invite details.
• Request deletion of manual invites, notes, or other data that is no longer needed; we will comply unless we must retain the information for legal, accounting, or dispute purposes.
• Control cookies in your browser, keeping in mind that clearing them will release active carts and seat holds.

Residents of jurisdictions with additional privacy rights (for example GDPR or CCPA) may contact us to exercise those rights; we will respond to the extent required by law.

8. Children's Privacy

The ticketing site is intended for adults or guardians purchasing on behalf of students or family members. We do not knowingly collect personal information directly from children under 13. If you believe a child provided their own information, contact us and we will delete it.

9. Changes to This Policy

We may update this policy as our practices evolve or legal requirements change. When we make material updates we will revise the effective date above and provide notice on the ticketing site or through your order email if appropriate.

10. Contact

Include the email address used at checkout or your order number so we can locate your record quickly.