Mirage Festival

隱私權保護政策

Mirage Festival（以下簡稱「本音樂季」）由萊斯布萊特有限公司（統一編號：60454971，以下簡稱「主辦單位」）主辦。我們重視您的個人資料保護，並依據《個人資料保護法》及相關法規制定本隱私權保護政策（以下簡稱「本政策」）。請您詳細閱讀下列內容，以便瞭解我們如何蒐集、處理及利用您的個人資料。

一、適用範圍

本政策適用於您透過以下管道與主辦單位互動時所提供或被蒐集的個人資料：

• Mirage Festival 官方網站

• 官方社群媒體帳號（Instagram、Facebook、LINE 等）

• 線上購票及商城平台

• 活動現場之各項服務

本政策不適用於本網站以外的第三方連結網站，亦不適用於非主辦單位委託或參與管理之人員。

二、蒐集目的

主辦單位依據《個人資料保護法》第 19 條，基於以下特定目的蒐集您的個人資料：

• 契約履行：處理票券訂單、商品購買、退換貨事宜

• 客戶服務：回應您的詢問、投訴與意見反饋

• 活動營運：入場驗證、場內動線管理、緊急聯絡、安全維護

• 行銷推廣：經您同意後，向您發送活動資訊、優惠通知及電子報

• 法令遵循：依法配合主管機關要求或司法程序

• 統計分析：內部服務改善與參與者體驗優化（去識別化處理）

重要說明：契約履行所必要之資料蒐集，與行銷推廣用途之同意係分別取得。您可以同意購票但拒絕行銷通訊，不影響您享有的服務。

三、蒐集之個人資料類別

依蒐集情境不同，可能包含以下類別：

基本識別資料

• 姓名、電子郵件、聯絡電話、通訊地址

• 生日、性別（僅在必要時蒐集，如年齡限制驗證）

交易資料

• 購票紀錄、訂單編號、付款方式（主辦單位不儲存完整信用卡號碼）

• 商品配送地址、物流資訊

網站使用資料

• IP 位址、瀏覽器類型、使用時間、瀏覽及點選紀錄

• 裝置資訊、作業系統、導引來源

活動現場資料

• 入場驗證紀錄（票券條碼 / QR Code 掃描）

• 現場活動參與紀錄

• 緊急聯絡人資訊（僅在您自願提供時）
  

四、個人資料之蒐集方式

我們透過以下方式蒐集您的個人資料：

1. 您直接提供：購票、註冊會員、填寫表單、聯繫客服、參加問卷調查或抽獎活動

2. 自動蒐集：您瀏覽本網站時，伺服器自動記錄您的 IP 位址、瀏覽器資訊、使用時間及瀏覽紀錄

3. 第三方來源：透過合作售票平台取得購票者資料，或透過社群媒體平台提供之公開資訊

五、個人資料之處理及利用

您的個人資料將在前述蒐集目的範圍內處理及利用。利用之期間、地區、對象及方式如下：

• 期間：自蒐集之日起，至特定目的消失後依法保存之必要期間（詳見第六條）

• 地區：中華民國境內為主，必要時可能傳輸至合作服務提供商所在地區（詳見第十四條）

• 對象：主辦單位、合作售票平台、金流服務商、物流配送商、合作品牌及依法有權要求之機關

• 方式：電子資料傳輸、紙本處理、電話聯繫

統計分析所得之數據或報告均經去識別化處理，不涉及特定個人之資料。

六、資料保留期間

我們將依以下原則保留您的個人資料：

• 交易紀錄：依稅法及商業會計法規定保存 5 年，或依其他法令規定保存之期間

• 會員帳號：至您主動請求刪除或最後一次登入後 3 年

• 行銷通訊同意紀錄：至您撤回同意後合理期間內刪除

• 網站瀏覽紀錄：最長保存 2 年

目的消失後，我們將在合理期間內刪除或去識別化您的個人資料。

七、與第三方共享個人資料

主辦單位絕不會提供、交換、出租或出售您的個人資料給其他個人、團體、私人企業或公務機關，但有以下情形之一者不在此限：

1.經您書面或電子方式同意

2.法律明文規定

3.為免除您生命、身體、自由或財產上之危險

4.與公務機關或學術研究機構合作，基於公共利益為統計或學術研究而有必要，且資料經提供者處理後無從識別特定當事人

5..您在網站的行為違反服務條款或可能損害他人權益，經研析揭露您的個人資料為辨識、聯絡或採取法律行動所必要

6.有利於您的權益

委託處理：主辦單位委託廠商協助蒐集、處理或利用您的個人資料時，將對委外廠商善盡監督管理之責，並要求簽署保密合約。

八、Cookie 與追蹤技術

為提供更好的服務體驗，本網站使用 Cookie 及類似追蹤技術。各類 Cookie 及其用途如下：

必要性 Cookie

確保網站基本功能運作（如購物車、登入狀態），無法關閉。

分析性 Cookie

協助我們瞭解網站使用狀況（如 Google Analytics 等分析工具），以改善服務品質。

行銷性 Cookie

用於向您提供相關廣告及衡量廣告效果（如 Meta Pixel、LINE Tag 等第三方追蹤工具）。

您可透過瀏覽器設定拒絕或管理 Cookie。關閉 Cookie 可能導致網站部分功能無法正常運作。

九、活動現場特別條款

攝影與錄影

活動現場將有官方攝影師及錄影團隊進行拍攝。您進入活動場地即表示瞭解並同意：

• 您的影像可能被拍攝並用於 Mirage Festival 官方行銷、社群媒體、官網及合作媒體報導

• 現場設有監視攝影系統（CCTV），係為維護場地安全之必要措施

如您不希望影像被用於行銷用途，請於活動前或活動中聯繫現場服務台提出申請。

入場驗證與識別技術

本音樂季可能採用電子票券、QR Code 或手環等技術進行入場驗證。此類技術僅用於：

• 確認您的入場資格

• 維護活動安全及人流管理

入場驗證資料將於活動結束後 30 日內刪除。

十、資料安全保護措施

主辦單位依據《個人資料保護法》第 27 條採取安全維護措施，包括但不限於：

• 伺服器設有防火牆、入侵偵測及防毒系統

• 傳輸過程採用 SSL/TLS 加密技術

• 只有經過授權的人員才能接觸您的個人資料

• 相關處理人員均簽署保密合約，如有違反將受法律處分

• 定期執行資料安全稽核

十一、當事人權利

依據《個人資料保護法》第 3 條，您就您的個人資料享有以下權利：

1.查詢或請求閱覽您的個人資料

2.請求製給複製本（得酌收成本費用收成本費用）

3.請求補充或更正您的個人資料

4.請求停止蒐集、處理或利用您的個人資料

5.請求刪除您的個人資料

您可透過本政策末尾所列之聯絡方式行使上述權利。我們將於收到請求後 30 日內 回覆您。

十二、未成年人保護

本音樂季可能有年齡限制。未滿 18 歲之未成年人應在父母或監護人同意下使用本網站服務及提供個人資料。主辦單位不會在明知的情況下蒐集未滿 14 歲兒童的個人資料。

十三、行銷通訊與退出機制

經您同意後，我們可能透過電子郵件、簡訊、LINE 或其他管道向您發送 Mirage Festival 相關資訊。

您可以隨時退出：

• 點擊電子郵件中的「取消訂閱」連結

• 回覆 LINE 訊息「取消訂閱」

• 透過 LINE 官方帳號（@mirage.tw）或電子郵件通知我們

您表示拒絕後，我們將立即停止行銷利用。但與您訂單或服務直接相關的交易通知（如出貨通知、票券確認）不在此限。

十四、跨境資料傳輸

您的個人資料原則上儲存於中華民國境內。如因使用雲端服務、第三方工具（如 Google Analytics、金流服務）或國際合作而有必要傳輸至境外時，我們將確保接收方具備適當的個人資料保護水準，並依《個人資料保護法》第 21 條辦理。

十五、不提供個人資料之影響

您得自由選擇是否提供個人資料。但若您拒絕提供契約履行所必要之資料，可能導致：

• 無法完成購票或商品訂購

• 無法使用部分網站功能（如會員專區）

• 無法參加特定活動或優惠

十六、隱私權保護政策之修正

本政策將因應法令變更、業務需要或最佳實務而適時修正。修正後的條款將於本網站公告，重大變更時我們將以顯著方式通知您。您繼續使用本網站即表示同意修正後的政策。

十七、聯絡我們

如您對本政策有任何疑問，或希望行使您的個人資料權利，請透過以下方式聯繫我們：

主辦單位：萊斯布萊特有限公司（統一編號：60454971）

電子郵件：mirage.festival.tw@gmail.com

LINE 官方帳號：@mirage.tw

LINE 加入連結：https://line.me/R/ti/p/@653tlpnt

Mirage Festival
Privacy Policy

Mirage Festival (hereinafter “the Festival”) is organized by Lesbright Co., Ltd. (Tax ID: 60454971, hereinafter “the Organizer”). We value your personal data protection and have established this Privacy Policy (hereinafter “this Policy”) in accordance with Taiwan’s Personal Data Protection Act (PDPA) and applicable regulations. Please read the following carefully to understand how we collect, process, and use your personal data.

1. Scope of Application

This Policy applies to personal data you provide or that is collected when you interact with the Organizer through the following channels:

• Mirage Festival official website

• Official social media accounts (Instagram, Facebook, LINE, etc.)

• Online ticketing and merchandise platforms

• On-site services at the Festival

This Policy does not apply to third-party websites linked from our website, nor to individuals not authorized or managed by the Organizer.

2. Purposes of Collection

The Organizer collects your personal data pursuant to Article 19 of the PDPA for the following specific purposes:

• Contract Performance: Processing ticket orders, merchandise purchases, and returns/exchanges

• Customer Service: Responding to your inquiries, complaints, and feedback

• Event Operations: Entry verification, crowd management, emergency contact, and security

• Marketing: With your consent, sending event information, promotions, and newsletters

• Legal Compliance: Cooperating with regulatory authorities or judicial proceedings as required by law

• Statistical Analysis: Internal service improvement and experience optimization (de-identified)

Important: Consent for marketing communications is obtained separately from data collection necessary for contract performance. You may purchase tickets without subscribing to marketing communications.

3. Categories of Personal Data Collected

Depending on the context, we may collect the following categories:

Basic Identification Data

• Name, email address, phone number, mailing address

• Date of birth, gender (only when necessary, e.g., age verification)

Transaction Data

• Purchase records, order numbers, payment methods (the Organizer does not store complete credit card numbers)

• Delivery address, shipping information

Website Usage Data

• IP address, browser type, access time, browsing and click records

• Device information, operating system, referral source

On-Site Data

• Entry verification records (ticket barcode / QR Code scans)

• On-site activity participation records

• Emergency contact information (only if voluntarily provided)

4. Methods of Collection

We collect your personal data through the following methods:

• Directly from You: Ticket purchases, member registration, form submissions, customer service inquiries, surveys, or promotional events

• Automatic Collection: When you browse our website, servers automatically record your IP address, browser information, access time, and browsing records

• Third-Party Sources: Data obtained through partner ticketing platforms or publicly available information from social media platforms

5. Processing and Use of Personal Data

Your personal data will be processed and used within the scope of the aforementioned purposes. The period, region, recipients, and methods are as follows:

• Period: From the date of collection until the purpose ceases to exist, plus any legally required retention period (see Section 6)

• Region: Primarily within the Republic of China (Taiwan); may be transferred to regions where service providers are located when necessary (see Section 14)

• Recipients: The Organizer, partner ticketing platforms, payment processors, logistics providers, partner brands, and authorities with legal authority

• Methods: Electronic data transmission, paper processing, telephone communication

Statistical data and reports are de-identified and do not involve any specific individual’s personal data.

6. Data Retention Period

We retain your personal data according to the following principles:

• Transaction Records: Retained for 5 years as required by tax and commercial accounting regulations

• Member Accounts: Until you request deletion or 3 years after your last login

• Marketing Consent Records: Deleted within a reasonable period after you withdraw consent

• Browsing Records: Retained for a maximum of 2 years

After the purpose ceases to exist, we will delete or de-identify your personal data within a reasonable period.

7. Sharing Personal Data with Third Parties

The Organizer will never provide, exchange, rent, or sell your personal data to any individual, group, private enterprise, or government agency, except in the following circumstances:

• With your written or electronic consent

• As required by law

• To protect your life, body, liberty, or property from imminent danger

• In cooperation with government agencies or academic institutions for statistical or academic research in the public interest, where data has been processed to prevent identification of specific individuals

• When your behavior on the website violates the terms of service or may harm the rights of others, and disclosure is necessary for identification, contact, or legal action

• When it benefits your interests

Outsourced Processing: When the Organizer engages vendors to assist in collecting, processing, or using your personal data, we will exercise due diligence in supervising such vendors and require them to sign confidentiality agreements.

8. Cookies and Tracking Technologies

To provide a better service experience, our website uses cookies and similar tracking technologies. The types and purposes are as follows:

Essential Cookies

Ensure basic website functionality (e.g., shopping cart, login status). These cannot be disabled.

Analytics Cookies

Help us understand website usage (e.g., Google Analytics) to improve service quality.

Marketing Cookies

Used to deliver relevant advertisements and measure advertising effectiveness (e.g., Meta Pixel, LINE Tag).

You may refuse or manage cookies through your browser settings. Disabling cookies may cause some website features to function improperly.

9. On-Site Special Provisions

Photography and Videography

Official photographers and videography teams will be operating at the Festival. By entering the venue, you acknowledge and agree that:

• Your image may be captured and used for Mirage Festival official marketing, social media, website, and partner media coverage

• CCTV surveillance systems are installed at the venue as a necessary measure for venue security

If you do not wish your image to be used for marketing purposes, please contact the on-site service desk before or during the event.

Entry Verification and Identification Technology

The Festival may employ electronic tickets, QR Codes, or wristband technology for entry verification. Such technology is used solely for:

• Confirming your entry eligibility

• Maintaining event safety and crowd management

Entry verification data will be deleted within 30 days after the event concludes.

10. Data Security Measures

The Organizer implements security measures pursuant to Article 27 of the PDPA, including but not limited to:

• Servers are equipped with firewalls, intrusion detection, and antivirus systems

• SSL/TLS encryption technology is used for data transmission

• Only authorized personnel may access your personal data

• All personnel handling data have signed confidentiality agreements and are subject to legal sanctions for violations

• Regular data security audits are conducted

11. Your Rights

Pursuant to Article 3 of the PDPA, you have the following rights regarding your personal data:

1.Inquire or request access to your personal data

2.Request copies (reasonable fees may apply)

3.Request supplementation or correction of your personal data

4.Request cessation of collection, processing, or use of your personal data

5.Request deletion of your personal data

You may exercise these rights through the contact information provided at the end of this Policy. We will respond within 30 days of receiving your request.

12. Protection of Minors

The Festival may have age restrictions. Persons under 18 years of age should use this website and provide personal data only with the consent of their parents or guardians. The Organizer will not knowingly collect personal data from children under 14 years of age.

13. Marketing Communications and Opt-Out

With your consent, we may send you Mirage Festival-related information via email, SMS, LINE, or other channels.

You may opt out at any time by:

• Clicking the “Unsubscribe” link in our emails

• Replying “Unsubscribe” to LINE messages

• Contacting us via LINE Official Account (@mirage.tw) or email

After you opt out, we will immediately cease marketing use. However, transactional notifications directly related to your orders or services (e.g., shipping notices, ticket confirmations) are not affected.

14. Cross-Border Data Transfers

Your personal data is primarily stored within the Republic of China (Taiwan). If it is necessary to transfer data outside of Taiwan due to the use of cloud services, third-party tools (e.g., Google Analytics, payment services), or international cooperation, we will ensure that the receiving party maintains adequate personal data protection standards and process such transfers in accordance with Article 21 of the PDPA.

15. Consequences of Not Providing Personal Data

You are free to choose whether to provide personal data. However, if you decline to provide data necessary for contract performance, it may result in:

• Inability to complete ticket or merchandise purchases

• Inability to use certain website features (e.g., member area)

• Inability to participate in specific events or promotions

16. Amendments to This Policy

This Policy may be amended from time to time in response to changes in law, business needs, or best practices. Amended terms will be posted on this website, and we will notify you prominently in the event of material changes. Your continued use of this website constitutes acceptance of the amended Policy.

17. Contact Us

If you have any questions about this Policy or wish to exercise your personal data rights, please contact us through the following channels:

Organizer: Lesbright Co., Ltd. (Tax ID: 60454971)

Email: mirage.festival.tw@gmail.com

LINE Official Account: @mirage.tw

LINE Link: https://line.me/R/ti/p/@653tlpnt內容