AudienceView Unlimited
Services Description

This page provides the services description for AudienceView Unlimited. Within each section you will find helpful information on a variety of topics, including functionality, the onboarding process, our support team and our security program.

Functionality

Functionality – Including ticketing, e-commerce, CRM/marketing, fundraising, analytics, CMS, day of event services, platform

Last updated July 4, 2022

Box Office

Event Creation and Listing: Store your event information where it belongs while using it in real-time throughout your marketing and sales channels. When things happen, make the changes in a single place. Key features include:

Standard Reserved Ticketing: Create and sell tickets to reserved seating events. Customers can select seats using an easy-to-use best available option, or select their seats within an interactive venue map.

General Admission Ticketing: Create and sell tickets to general admission events. Customers can easily select from a range of price types.

Price Management: Create and manage sophisticated pricing structures to maximize sales revenue. An unlimited number of price zones and price types can be built for maximum flexibility. Pricing can be updated at any time during the sales cycle, and can be managed for a single event or for multiple events simultaneously. Pricing can be set as absolute values, or as percentage or flat rate offsets from a default value. Price adjustments can be set to automatically take effect at a given time in the future.

Ticket Promotions: Configure promotions to expose a special price or to give VIP access to a presale. Customers can access promotions by entering a code, or the promotion can be automatically activated when qualified customers log into their online accounts. Promotion sales can be capped at a certain number of tickets.

Season Tickets, Subscriptions & Packages: Manage your most loyal customers through flexible bundling of items, including events, merchandise, memberships and gifts. Bundles can contain any combination of items on a fixed or flexible basis, and can be renewed using a batch utility. Scheduled payments can be used to allow a customer to pay in installments.

Payment Processing: Process credit card, debit card and PayPal payments in real time using AudienceView’s secure payment gateways. Payment reports can be used to balance sales to bank deposits. Desktop users can schedule payments to be processed automatically on future dates.

  • Anderson Zaks RedCard (United Kingdom)
  • Automated Payment Transfer Limited Validata (United Kingdom, Europe)
  • Bluefin (United States) 
  • Braintree 
  • CBORD (colleges/universities using CBORD student cards) 
  • PayPal Payflow Pro 4.0.0.1 (Canada, United States, Australia, New Zealand) 
  • PXP Solutions Limited PCEFT 3.001.246 (formerly ServeBase) (United Kingdom) 
  • TenderRetail – Merchant Connect Multi (Canada) 
  • TouchNet (Canada, United States – colleges/universities only) 
  • WorldPay (using Access WorldPay) (United Kingdom)

Marketing/CRM
An integrated, actionable CRM module that provides a unique experience for each customer and donor, including:

Email Correspondence Tools
Automated communication tools provide the ability to pre-configure automatic, custom designed and personalized patron customer email alerts such as: 

  • Reminders and important information.
  • Membership, subscription and package renewals and recaptures. 
  • Cross-sell and upsell opportunities after specific purchases and interactions.

Loyalty & Memberships
Sell products linked to members or create memberships directly on the customer record. Memberships deliver benefits to the customer that, via AudienceView’s promotions feature set, can deliver exclusive access to products, pricing or additional tickets. Customers can earn points for purchasing Performances, Bundles or Donations and move through benefit levels based on points earned. Memberships and benefits can be set to expire based on a fixed date or on an offset from their start date.

Customer Profiling & Segmentation
Create Business Intelligence queries to segment your customer database based on customer profiles and purchase histories. Expand the profiles of your customers by importing data from external sources using the Data Management tool.

Customer Activities
Present an at-a-glance view of the selected customer’s most recent activities and interactions. An activity stream shows all of the correspondence either generated by the system or users of the system. Users can preview correspondence generated through email marketing and view high-level statistics. The display of notes, correspondence and offers is user-definable through a Business Intelligence query and can be defaulted for the user or the role. Use the interactive calendar month view to see all of the activities including the upcoming performances the customer will be attending.

User-Defined Fields
Create user defined input fields on customers, orders and the configuration of products. Configure labels, control who can view and enter data, attach user-defined lists, set default values and define whether entry is required or optional. Define which fields accept or require numbers, dates, currency, and single or multiple text input.

Associations
Automatically associate your customers to types of products or business groups within your organization. Associations can be set on users, venues and products. Segment customers by association using the Business Intelligence tool. Customers can choose which associations they wish to receive communication from via their message source preference.

Communication Preferences
Customer communication preferences can be captured as opt-in or opt-out choices. Multiple preferences can be captured per customer. Customers can be segmented based on their preferences using Business Intelligence.
 
Special Offers
Deliver easy-to-scan digital Create special offer pricing for items or bundles, available by promotion code or as a benefit of membership. Promotions can be embedded in links for easy distribution. Bundles can be configured with fixed or flexible options.
  
Task Management
Task management allows you to properly develop key donors. Create and assign tasks to staff. Highlight the type of communication and the due date for completing tasks.

Customer Merge
Manage and maintain clean customer data by merging duplicate customer records.

E-Commerce/Consumer Interface
A mobile-friendly and API driven consumer interface that powers e-commerce activity, including:

Single Shopping Cart
AudienceView’s online experience uses an e–commerce industry standard shopping cart model. Customers can add multiple products to their shopping carts and check out with a single payment.

Mobile-Responsive Shopping
AudienceView’s online web pages are designed to automatically optimize the users experiences to suit the screen size of their devices. Users on all web-enabled devices have the same access to products and features.

Ticket Delivery (Mobile and Print-At-Home)
Deliver easy-to-scan digital mobile tickets which are only available to patrons who have logged into their account.

Design attractive PDF and paper tickets with a flexible visual ticket editor. Generate e-tickets in PDF format with 2D or 1D barcodes, and deliver them to any web-enabled device. Traditional thermal tickets can be printed directly from an order or in a batch.

Patron Account Management
A self-serve interface for customers to track order history, manage renewals, maintain contact information, redeem gift cards and membership benefits.

Reserved Seating Events
A visual representation of your venue captured in emblematic seating charts designs that readily support the intuitive selection of seats within any size venue.

Shopping Cart Upsell
Increase the value of an order by offering upsell and add-on items at appropriate points in the transaction flow. Upselling can be used to convert a single ticket sale to a bundle, or promote a membership. Add-on items could include merchandise or food and beverage items.

Gift Cards
Gift cards and certificates, with fixed or flexible values, can be purchased, printed, redeemed and reloaded through the Desktop and Online interfaces.

Merchandise
Use AudienceView’s flexible merchandise configuration to set up an online store. Add multiple images to items, use options to handle different clothing sizes or colours, and organize products into categories.

Membership Benefit Redemption
Create loyalty by selling memberships, either as standalone items or as part of a season ticket or a bundle.

Smart-Cart Packages Automatically Applied
Benefits associated with a parent package or add-on package in the cart are automatically applied to eligible tickets so that the appropriate discounts are applied during checkout. Package limits are respected, and if the package is removed from the cart or the customer logs out then all of the parent and add-on package benefits and discounts are removed from the items in the cart.

Event Availability
Customers can use the calendar to readily distinguish between days that have available event dates and those that don’t. The calendar gives them a better sense of a show’s schedule and popularity without having to click into each date. You can also customize the Sold out and canceled messaging.

Checkout Questions
Add unlimited checkout questions to any sales channel to better understand your customers.

Google Analytics/Google Tag Manager
Support for Google Tag Manager conversion tracking and ROI measurement for traditional advertising campaigns. Pull custom variables from the consumer interface and send them to a third-party marketing campaign via manager tagging, so that partner sites can keep track of referrals, behavior and purchases within their own systems. Track pageviews and e-commerce activity with Google Analytics and Pixel Tracking integrations. The Cross Domain Tracking – Link Decorator for API preserves the proper source/medium variables via API links so that campaigns and ad buys appear as a single visit when customers move from your website through to the checkout.

Payment Plans
Allow customers to pay off their balances over time with configurable payment plans. Set the allowed duration, amount, and schedule payment plans for any sellable items.

Online Changes
Customers and box office staff can easily exchange their bundle admissions based on rules and permissions you set. You control which events the patron can exchange, the price, and any associated fees.

Fundraising & Development

Gift Solicitation & Management
Create gift products with fixed, recommended or user defined amounts. Automatically determine the funds and appeals associated with the gift. Collect additional information related to the gift.
 
Memberships
Create multiple incremental or static giving levels and apply those levels automatically based on the donation amount. Giving levels can be managed on the donor record.
 
Benefits
Drive donor benefits such as advanced access to merchandise, tickets or packages, season tickets or subscriptions, special prices or free items. Add and display the list of donor benefits whether it’s fulfilled through the system or externally. Associate those benefits to a donor automatically based on the Membership level or add them as needed.
 
Scheduled Payments
Create payment plans for monthly or recurring donations. Automatically process credit card payments associated with payment plans.
 
Tax & Gift Recognition
Generate tax receipts and thank you letters using our integrated mail merge tool. Multiple tax receipt and thank you letter templates can be created and assigned to gifts.
 
Campaign Goals
Each fundraising campaign can be customized with a goal amount to track your progress and measure success.
 
Donor Benefit
Automatically assign benefits and perks at specific giving levels through memberships.
 
Task Management
Ensure you appropriately follow up with donors and donor prospects. Assign tasks to any user and include a due date, type and description.

Communication History Tracking
Tagging customers as recipients of a communication allows you to segment groups who have already received a certain communication so that you can do appropriate follow-ups.

Reporting

Data Extraction
Extract selected data in either CSV or XML format using Business Intelligence. Users can restrict the data set using criteria and choose columns for output.
 
Data Import 
Import data into customer records using the Data Management DataMonkey tool. Set values based on a CSV, XML or a Business Intelligence query source. Import jobs can be on-demand or set to repeat on a schedule.
 
Business Intelligence 
Create queries for selected business objects. Queries can have multiple criteria. Users can select columns for output and perform aggregate functions to group and summarize data. Formulas can be used to generate calculated results from selected columns. Queries can be saved for future use either privately or shared with other users. Criteria can be restricted by user group permission. Column output can configured to create pivot tables. Results can be previewed or output to CSV, XML, PDF, HTML and Fusion Chart formats. Output can be delivered via email, downloaded or printed. Output can be used to create correspondence records for customer– level Business Intelligence queries. These versatile queries power the search UI in the Desktop and can be configured to suit the needs of specialized user roles.
 
Dashboards and & Charts 
Create dashboards from a suite of dashboard templates designed for everyday business functions. Users can control the layout of dashboard components and set criteria. Dashboards are displayed on the user’s Desktop. Users can select a favourite dashboard as the first thing they see.
 
Standard Reports 
Access a standard suite of reports covering accounting, sales, marketing, fundraising and access control. View, print or email reports. Report configuration can be saved for future use. User access to saved reports is controlled through Public/Private permissions. Configure saved reports for scheduled execution.
 
Google Analytics 
Users can configure Google Analytics per website. The implementation tracks standard Google Analytics page views and reports eE–Ccommerce transactions upon order completion. Selected customer interactions are recorded as Google Analytics events.
 
Automation 
Automate data extraction, data transformation and data loading using a powerful, integrated scripting engine combined with a task scheduler service. Schedule frequent tasks like report generation and email campaigns so that they execute with no user intervention. Tasks can be scheduled to run daily, weekly and monthly.

Web API

Last updated July 4, 2022

1. Definitions

Capitalized terms not defined here will have the meaning as set out in your Order Form.

a.“API” means the Application Programming Interface which you can subscribe to from us, to be used only for development of your coded Software.

b. “API Development Guidelines” means our current best practices guide for use of the API, which we develop and make available to you on a periodic basis.

c. “API Subscription Date” means the Start Date as set out in your Order Form.

d. “API Specification” means the relevant specification in respect of the API, which will be made available to you in connection with updates to our services (the “Services”) as applicable.

e. “API Support Services” means support services in respect to the API.

f. “Client-coded Software” means all source and object code forms of the computer software developed by you using the API that integrate with the Services.  Client-coded Software will not be considered part of the Services (including its underlying software) or Support Services, and we will not have any responsibility for such Client-coded Software.

2. License

2.1 Right to Use API. Subject to the terms of your Order Form and during the Term as set out in your Order Form you can request to use our API, and any related documentation, to develop Client-coded Software. Any Client-coded Software will reside on either (i) the servers that you own and maintain or have a right to use or (ii) the servers of any third party vendor you engage. The development and/or hosting of Client-coded Software is subject to all requirements and best practices of Payment Card Industry (PCI) data security standards (“PCI-DSS”), applicable law and regulations and our internal policies and procedures.

2.2 Restrictions. Inbound and outbound connections to the Services are permitted if they follow our security and privacy policies, and applicable law and regulations (including but not limited to PCI-DSS). You (or any third party engaged by you) may only use the API in the manner which is documented as detailed in the API Specification and the API Development Guidelines, and in a manner that does not generate abnormally high load on the Services.

2.3 Changes to the API. The API and its governing terms are subject to change, including but not limited to its interface, calls and URLs. These terms will remain in effect for the Term as set out in your Order Form. We don’t guarantee that the API will work with the Client-coded Software, but we will reasonably consider the impact of any change on you and minimize changes to the API to the extent practical. Any changes to the API will be documented in the release notes that accompany each new generally available update to the Services and made available to you with reasonable advance notice. Without limiting the generality or effect of the first sentence of Section 5.1 below, the delivery of API Support Services does not extend to: (i) Client-coded Software, (ii) any work requiring us to make corresponding changes to the API in order to align or otherwise integrate with any generally available update to the Subscription Service or with Client-coded Software and (iii) uses of the API in a way other than that for which is documented and intended to be used.

3. Use of the API

3.1 If you request to use our API, you will be provided with the right to use the API during the Term as stated on your Order Form

4. Support of the API

4.1 You will be entitled to up to a maximum number of hours as set out in your Order Form (the “Maximum Hours”) per Term year of API Support without additional charge. This API support will consist of customer-specific consulting and training services in respect of the API and is provided by our Support and/or development team and by other resources as deemed appropriate by us. API Support must be used in increments of one hour (with no carry-over of hours from Term year to Term year). Additional support over the Maximum Hours will be chargeable at our current hourly rates. The time utilized to set you up with the API will be counted towards the allowable hours for the first Term year.

4.2 All support that we provide, costs associated with the Client-coded Software, and any other actions required to ensure that the Client-coded Software does not affect the PCI-DSS compliance of the Subscription, will be charged as Services at the chargeable rate set out in Section 4.1 above. We will deliver any documentation regarding the API and/or the Client-coded Software requested by you as part of the annual API Support. If your Maximum Hours allowance has been consumed, providing such documentation will be subject to the additional charges specified in Section 4.1

5. Your Responsibilities

5.1 You will always be responsible for the development, documentation, hosting, support and maintenance of the Client-coded Software. However, subject to payment of the additional charges specified in Section 4.1 above, if your annual Maximum Hours allowance has been consumed, we will use reasonable commercial efforts to assist you with issues related to the Client-coded Software.

6. Ownership

6.1 We acknowledge that we obtain no ownership rights in the Client-coded Software, or any of its elements or components (collectively, the “Client Property”). All right, title, and interest in and to the Client Property, including any and all modifications and additions thereto (but for clarity, excluding customized software developed by Vendor) will at all times remain with you or any third party from/to whom you have licensed or procured software, technology or other elements. All copies of the Client-coded Software remain your property. Notwithstanding anything to the contrary contained here, we are permitted to, and will in no way be prevented from, developing, licensing and/or selling software, inventions, products, systems, features, business plans or business methods which are similar, identical, or related, in any way to the Client-coded Software.

Accessibility

Last updated August 19, 2022

We’re dedicated to creating usable and feature-rich products for the ticketing industry. We aim to make these products as functional and as intuitive as possible for everyone who uses them, including client users and ticket buyers.

We make every reasonable effort to conform to the current Web Content Accessibility Guidelines (WCAG) levels A and AA and want client users and ticket buyers, regardless of potential impairment, to be able to freely and easily navigate all of our web interfaces without frustration or confusion.

Both accessibility consultants and user testing are used to validate and improve our products. We’re dedicated to responding as quickly as reasonably possible to accessibility issues brought to our attention regarding our public user interfaces.

We believe that everyone regardless of disability or impairment should have access to our products and the excitement of purchasing tickets for live events in the same way as those without barriers.

Onboarding

Last updated August 19, 2022

Once you’re ready for onboarding, we work with you to get you up and running as soon as possible. Our onboarding process is described below.

Kicking-off Onboarding 
We contact you to detail the onboarding steps ahead that will take you from kick-off to your eventual launch. At this time, you’re introduced to your project manager. Your project manager will coordinate a kick-off meeting to introduce the project team, review project details, and confirm the timeline. You are responsible for preparing documentation of your organization’s policies, procedures, and practices to share with your project team  

Onboarding Contact & System Administrator Obligations
You provide a designated onboarding contact, as needed, and attend any scheduled meetings with our team. You identify the system administrator(s) for the product, who attend all training sessions with our team, and who are responsible and accountable for the configuration of the product. The administration tools used to access our product are password-protected, and only your properly registered personnel receive login IDs and passwords. You’re solely responsible for administering and monitoring the use of your login IDs and passwords.  

Payment Processing Obligations
You need to establish and pay for relationships with a compatible payment gateway and payment processor. All setup and associated hardware costs, credit card or debit card processing fees or other credit and collection issues for your transactions are your responsibility. You must provide your merchant account information to us so that we can configure your product to take payments.

For more information, see the Finance Operations section. 

Hosted Environment Preparations & Obligations 
Your project manager will initiate the provisioning of your production, and your staging/sandbox environments for your instance (or multiple instances if noted on your Order Form). If needed, a Data Migration Test environment is provisioned specifically for data migration purposes for the duration of your onboarding. You need to establish and pay for your own domain names and SSL certificates.  

Reliable & Reasonable Operations

To ensure reliable and reasonable operations, you need your own reliable high speed internet connectivity to and from our services (for all of your locations that need access to our services); provide and maintain your own premises equipment, including but not limited to administrator workstations, ticket-seller workstations, printers and scanners; provide all other customer relations, fulfilment and obligations, including but not limited to, customers/events establishment, operation and maintenance, ticket stock, advertising and promotion, nondurable operational supplies (e.g. printer toner) and ticket seller expenses and fees; maintain all configuration, use and operation of our services to suit your environment and specifications.

You will need to confirm that all of the above items comply with the functionality requirements of our product. If you’re unable to organize these items, it may reduce our ability to provide you with the services as designed.

The Learning Portal
Your designated onboarding contact is immediately provided with access to our Learning Portal. The Learning Portal contains our on-demand courses and training material, knowledge base, client community, support resources and more. The designated onboarding contact and/or system administrator are responsible for granting and managing this access to other team members.

Discovery Sessions, Training & Configuration  
At our discovery sessions, we meet with you and your team to understand your business objectives and your desired outcomes for the project. Upon completion of the discovery sessions, we create your system administrators’ training plans, which includes recommended OnDemand training videos and follow-up training sessions. Regular check-ins are scheduled to provide configuration support as your team configures the product for launch.  

Website 
We create a website template based on your current, branded website and associated style sheets. You’re responsible for building out the website content within the product.

Data Migration

We work with you to determine the supported configuration and provide a data schema for use as a preparation guide for the migration.

The following can be migrated into the product:

  • Customer accounts.
  • Pledged donations.
  • Subscriptions.
  • Advanced single ticket sales.
  • Historic donations, single ticket admissions and subscriptions.


You need to ensure that the data from your legacy system has been transformed to conform with our data schema as outlined by our project team. You will need to provide all images of places according to specification (seat maps) and current or desired seat manifest information and other artifacts related to ticketing activities such as pricing, delivery and payment information. We work with you through this process.

Preparing for Go-live
You get an opportunity to validate that your regular operational activities (setting up events, selling tickets, reporting) are working as expected. Once you’re confident, let your project manager know that you’re ready to launch.

Launch
Congratulations! Your new ticketing platform is launched. At this time, you have full access to the Client Support team.

Support

Last updated August 30, 2023

You receive the following support services as part of our relationship:

  • Access to the Learning Portal to log cases, read documentation and articles, watch training videos, register for live webinars and post on the client discussion boards.
  • Direct access to our team of solution experts via the Learning Portal during business hours.
  • After-hours emergency support via our on-call number and the Learning Portal.
  • Investigation and triage of cases related to application performance, defects, configuration issues, and technical tasks including system configuration and “How do I” type questions.
  • Deployment of regularly released software updates and patches to the current version of the product.
  • Access to update and review open and historical cases.
  • Status page subscription for real-time maintenance and system performance updates.
  • Automated system monitoring – twenty-four-seven. · For the current Support contact information, refer to our Contact Support article.

All reported standard (non-emergency) issues will be responded to by Support staff during business hours within one (1) business day.

All reported emergency issues will be responded to by Support staff within fifteen (15) minutes. An emergency issue is where a client has complete loss of a core (mission critical) business process and work cannot reasonably continue. Examples of an emergency issue that needs immediate attention includes: not being able to access the system, not being able to sell, not being able to print tickets, and not being able to scan tickets.

These response times are good faith estimates only, based on our current averages.

Hardware

Last updated December 2, 2022

Printers
Ethernet-connected printers are required with our product. We recommend printers from Boca Systems or Stimare. These printers, as well as your ticket stock, can be purchased directly from us. 

Scanners
We sell and rent a proprietary, commercial-grade, Android-based device with an integrated laser barcode scanner.  

Payment Terminals
Your payment terminal options are dependent on your selected payment gateway and processor. Payment terminals are typically purchased through your selected payment gateway. We work with you to determine your options. 

Hardware Policy

If you’re purchasing hardware from us, it’s provided “as is”. We provide a one (1) year warranty for AudienceView scanners purchased directly from us. If any other hardware is defective, you may have the ability to access the manufacturer’s warranties directly against the manufacturer. We provide reasonable assistance with any defective claims you raise with the manufacturer

If you’re renting hardware from us, you’re not allowed to rent, lease, sell or otherwise transfer the hardware to any third parties. You’re responsible for supervising and controlling the use of the hardware by your employees to ensure that it’s used safely and appropriately. While you’re responsible for the hardware from the time it’s delivered to you until it’s returned to us, if you’re leasing the hardware, you don’t receive any ownership interest in it. If there is any loss or damage to the hardware while you’re leasing it from us, you’re responsible for any costs to repair or replace it. If you don’t return any or all of the hardware to us within thirty (30) days of the expiration of our relationship, you’ll be charged a replacement fee equal to our replacement cost plus any applicable taxes and shipping fees. You’re responsible for all shipping costs unless otherwise agreed. 

Security

Last updated June 22, 2022

As a global leader in both technology and consumer experiences for live events, processing billions of dollars each year in ticket sales, you trust us with their live events and the patrons who attend those events. That trust is predicated upon us keeping the data of you and your patrons private and secure. Our services are compliant with PCI-DSS and our latest Attestation of Compliance can be viewed here. We also leverage best practices from other standards such as NIST, ISO, and SOC. where it makes sense to do so, but we don’t formally comply or attest to those standards. This information is intended to provide an overview of how we protect that data and will be updated as we continually review and enhance our processes. 

Security & Compliance
Our dedicated Security and Compliance team’s mandate is to protect the data you store in our services. Our Security and Compliance program includes: 

  • Product security. 
  • Protecting and securely transmitting cardholder data. 
  • Vulnerability management. 
  • Infrastructure controls (physical and logical). 
  • Policies and Operating Procedures 
  • Employee education and awareness. 
  • Intrusion prevention and detection. 
  • Data loss prevention. 


We regularly assess our infrastructure and applications for vulnerabilities and remediate those that could impact the security of your data. Our Security and Compliance team continually evaluates new tools to increase the coverage and depth of these assessments. 

Perimeter Security 
We define and manage our network boundaries using a combination of network appliances including load balancers, firewalls and VPNs. We use these to control how services are exposed and to segment our production network from the rest of our computing infrastructure. We use role-based access control protocols that are based on business needs to define and authenticate access to our production infrastructure. 

Application/Product Security 
Application security is by means of an individual username and password. We provide you with the ability to manage application security to best meet your own needs and standards. It’s the responsibility of each client to ensure application-level roles are defined, implemented and managed such to comply with any protocols or standards to which they may subscribe. Securing our Internet-facing web service is critically important to protecting your data. Our Security and Compliance team drives an application security program to improve code security hygiene and regularly assess our service against OWASP for common application security issues. 

Client Segregation 
Our services are designed and developed using single and multi-tenant architectures. In both cases, we take great care to ensure your data is accessible only to you. We consider your data private and don’t permit any other user to access it. 

Data Retention & Deletion 
We retain client data for the purposes of performing the services and after termination or expiration of the agreement we make available, return or delete the data as agreed with the client and in accordance with applicable law. 

Activity Logging
We consolidate logs from all production servers into a security information and event management tool. Logs are consistently monitored and reviewed by our Security and Compliance Team. 

Transport Encryption
We use industry-standard encryption to protect your data in transit. This is commonly referred to as transport layer security (TLS) V1.2 or above, or secure socket layer (SSL) technology. 

Encryption at Rest
Where necessary we encrypt cardholder and other sensitive data while at rest in the database tables. For the security of our systems and your data, we don’t publish the encryption standards used in this process. 

Physical Security
We leverage DataCenter and Cloud-based technologies to provision our service. Our Cloud storage vendor is a global industry leader and is the primary storage location for clients with the data residing in the United States. Our DataCenter is Tier 3 equivalent and located in Canada. This DataCenter is used as temporary backup facilities for clients for failover over or other temporary support. Our infrastructure is located in a private, locked cage in an environmentally controlled facility that includes 24x7x365 monitoring and backup power. In both cases, access to our equipment is tightly controlled and only authorized personnel are permitted access. 

Resiliency/Availability 
Our goal is to ensure our services are available to you at all times. As every system requires maintenance, we have regularly planned maintenance windows during which times we complete all essential maintenance work. We may also perform emergency maintenance from time to time. We have a global footprint and in most cases can be flexible and schedule planned maintenance windows at a time most convenient for you. We provide notice well in advance of any maintenance that may require a service outage. We also work with you to schedule those outages at times that are convenient. However, this isn’t always possible. You also have varying needs when it comes to disaster recovery or service failover. We can offer a range of options to best meet the needs of the individual client. 

Incident Response Plan
Our incident response plan lays out the steps we follow when suspicious activity is detected. 

  • Containment: We take immediate action to contain any suspicious activity. This may involve isolating components or taking services offline. 
  • Confirmation: We move to confirm that any suspicious activity is a cause for concern and warrant further action. 
  • Engagement: Within 48 hours of confirmation of an issue we communicate with affected clients. We also engage relevant third parties such as crisis management, forensic specialists, cybersecurity professionals and where required law enforcement. 
  • Remediation: We work with all parties involved to remedy the immediate issue, re-secure the environment and return to normal operations

System Audit 
All changes to data are stored in audit tables. Users with appropriate permissions can search the audit logs and view what changes were made, by who and when for robust troubleshooting. 

User Permissions
Control user access to application features and functions with a flexible permissions management tool. Access can be configured on an individual user-level or by user group. Specific pages and individual fields can be exposed or hidden by user. 

PCI-DSS Responsibility Matrix 
The table below outlines our mutual responsibilities: 

PCI-DSS requirement Our responsibilities Your responsibilities 
REQ-1:
Install and maintain a firewall configuration to protect cardholder data. 		Install and maintain a firewall configuration to protect the Cardholder Data Environment.
Ensuring vendor default settings are changed where appropriate/required by this standard. 		You are responsible for protecting and managing access to your own infrastructure and network assets; changing default vendor configurations, security controls, and vendor default passwords. 
REQ-2:
Do not use supplied defaults for system passwords and other security parameters. 		Our owned systems are installed and managed with hardened minimum security baselines using industry best practices, including changing or deleting vendor defaults where appropriate/required by this standard. You’re responsible for:
 Changing default vendor configurations, security controls, and vendor default passwords client workstations and
 Managing access to the application/application data through the end-user GUI 
REQ-3:
Protect stored
cardholder data 		We deploy policies and procedures such that credit card numbers (i.e., primary account numbers or PANs) and sensitive authentication data (e.g., CVV) are a) not stored within the system or b) where storing sensitive data cannot be avoided, it is encrypted using industry standard encryption protocols. You’re responsible for:
 Security of your workstations
 Access to application/application data through the end user GUI
The Security or PCI compliance status of your cardholder data environment (CDE). 
REQ-4:
Encrypt transmission of
cardholder data across open, public networks. 		Data transmitted by us for payment processing uses industry standard encryption and security technologies to protect credit card numbers and sensitive authentication data transmitted during payment processing and order fulfilment. You’re responsible for implementing encryption on all applicable internal and external network connections. 
REQ-5:
Use and regularly update anti-virus software or programs. 		We ensure compliance with respect to all owned and managed infrastructure. You’re responsible for deploying and managing anti-virus and malware protections on your managed OS instances commonly subject to malware. 
REQ-6:
Develop and maintain secure systems and
applications. 		We use industry best practices Secure – Standard Development Life Cycle in the development of its products / services. We also maintain security patching on infrastructure it manages as part of payment processing. You’re responsible for monitoring published OS and application vulnerabilities and patching on your own infrastructure. 
REQ-7 :
Restrict access to
cardholder data by
business need-to- know. 		We maintain industry best practice access controls. System access is restricted to a “need-to-know” basis across all infrastructure and systems within its control. You’re responsible for provisioning and managing access to the application and data through the end user GUI. 
REQ-8:
Assign a unique ID to each person with computer access. 		We assign a unique ID, strong authentication and processes to properly manage access to the payment processing systems we maintain. You’re responsible for providing unique access ID’s (e.g., no shared ID’s) to your employees accessing the GUI through your own network and devices. You will ensure User ID’s and Passwords conform to the PCI-DSS standard 
REQ-9:
Restrict physical
access to cardholder
data. 		We have implemented physical and other controls (e.g., cameras) to physically protect the infrastructure and payment processing devices we manage. You’re responsible for access to workstations or other devices that may be used to gain access to the application/application data as well as any media created outside of the managed environment is your sole responsibility. 
REQ-10:
Track and monitor all access to network resources and cardholder data. 		Our service tracks access to cardholder data. You’re responsible for using handheld scanners (e.g., IDTech) over cellular to connect to payment processors, which fall under your’ PCI program. PCI compliance for the POS devices (i.e., point of swipe/dip) aren’t in scope for this PCI Assessment, instead fall within the merchants’ PCI compliance programs. 
REQ-11:
Regularly test security systems. 		We regularly test the security controls using an industry standard vulnerability management program including performing annual internal/external penetration testing, semi-annual segmentation testing, quarterly ASV scans for our payment processing systems and edge security. You’re responsible for regularly testing the security controls using an industry standard vulnerability management for the systems that you manage that connect to any systems that connect to payment processing systems. 
REQ-12:
Restrict. 		We deploy a vendor management program to provide ongoing due diligence for the payment processors. You’re responsible for training staff on protecting devices that store, process, or transmit credit card data (e.g., POS devices). Introduce an Information Security Program, for your staff, including proper training. Instituting an Incident Response Program to alert your team and us (where appropriate) when you believe security of payment processing has been breached. 

Finance operations

Last updated June 15, 2022

Service fee billing and Payment terms 
You’ll be assessed Service Fees as set out on your Order Form. Unless otherwise agreed in writing, Subscription fees are due and payable annually in advance. If Overage fees apply, you’ll receive an invoice at the end of each term year, typically within 15 business days.  

Unless otherwise agreed in writing, invoices are due and payable within 30 days of invoice date. Our preferred payment method is ACH transfer. Refer to your invoice for remittance instructions. Our fees are final and will be timely paid. Delinquent balances are subject to suspension of your account. 

Media Services

Last updated June 15, 2022

Distribution 
As an AudienceView client, you have the option to automatically list events with TheaterMania.com and WhatsOnStage.com at no cost. After you create a listing, simply check the box and the listing you have created appears immediately on TheaterMania.com. To list with WhatsOnStage.com, contact editorial@whatsonstage.com and we will create the listing for you. Should you need to modify the listing, you can return to the marketing portal and make any edits then save. 

Advertising & Promotions
You receive a discount on all advertising on TheaterMania.com and WhatsOnStage.com, our primary consumer websites that features comprehensive listings, news, reviews, interviews and video content for theater and arts worldwide. TheaterMania and WhatsOnStage can also help promote your events through various other digital marketing campaigns including email, social media, audience extension, retargeting and other forms of digital marketing. Those interested in advertising on theatermania.com can create and manage their own campaigns by using Campaign Manager, our self-serve advertising tool which can be found at www.campaignmanager.audienceview.com. For more information or to contact an advertising representative, you can email us  advertising@theatermania.com

Editorial
Engage with the TheaterMania.com and WhatsOnStage.com editorial communities by sending us story ideas and information about your upcoming programming so we can look for ways to expose this information to our consumer audiences. Email us at editorial@theatermania.com

Additional Services

Last updated September 22, 2023

You have the option to purchase additional services from us. Pricing is available upon request.

Professional Services: for when you need a Solution Expert to build new venues, create events, configure bundles, and set up fundraising programs and other mini projects. Professional Services are available in blocks of time starting at 20 hours.

On-site Training Packages: are available to enhance your training experience. A Solution Expert will travel to your location and provide in-person training to an individual or a few team members. A two-day minimum is required.

On-sale Preparedness Packages: ensure your customers experience a personalized purchasing experience during high-demand on-sales.

Integration Services: which provides an integration between your AudienceView Unlimited instance and various third-party software, designed to make data flow more effectively between systems, and allowing you to gain efficiencies with automation and scale, and meet your business objectives.