Current version published on 05/01/2020
Current version effective 05/01/2020
Last update: December 2019
Who are we and what do we do?
Protecting your privacy is very important to us. We comply with the General Data Protection Regulation (GDPR), which replaces the various privacy laws of the Member States of the European Union since May 25, 2018.
What personal data do we collect and why do we use it?
We may collect different types of personal data about you when you use our Website:
General information: name, date of birth, gender, city and country of residence, telephone number, email address and avatar.
We are using :
- general information about you to contact you appropriately;
- your email address to send you information and updates about your transaction (s); If you give your consent (optional), we can also send you information on other subjects which could interest you by means of a newsletter;
- your avatar as well as your city and country of residence are used to personalize your account;
- your phone number allows us to check if it exists and if it is indeed yours. When selling tickets, verification of your phone number (not the number itself) will be posted on our Websites to enhance the security of buying and selling second-hand tickets for buyers ( potential). Once your ticket is sold, we send an SMS to your phone number.
Payment information: Bank account, tokenized payment data and name of the account holder
We are using :
- your payment information allowing us - and the subcontractors we work with - to process and record your payments.
Information from social networks: Specific identification of the Facebook application and Twitter identification and Google identifier
We are using :
- Your Twitter ID, username, name, location, number of followers, number of friends, number of status updates, status security, status check, and account creation date to complete your account. This "Twitter data" will be displayed on our Websites when you sell tickets to enhance the security of second-hand ticket sales and purchases for (potential) buyers.
Electronic identifiers: IP address, cookies (cookies) and pixels
We are using :
- Your IP address, cookies (cookies) and pixels in order to communicate with you in a language you speak and present you with the content related to your country of residence.
Fraud prevention: Technical and personal information
We are using :
- We use personal data to prevent fraud (users who are the perpetrators of fraud).
Why can we process your personal data?
The relevant legislation sets out various reasons for which we are authorized or required to process your personal data:
Consent: We ask for your permission to send newsletters and direct marketing by email. This permission can easily be canceled via the unsubscribe link in each newsletter.
- Execution of the agreement: We process your general information, that relating to payments, social networks and electronic identifiers in order to offer you our Services as a user.
- Legal obligation: We are required to store certain general information and certain payment data in our files intended for the tax authorities, for example billing data and your country of residence.
- Legitimate interest: For the processing of your general information, that relating to payments, social networks and electronic identifiers in order to record the activities of the user and to identify and prevent illegal use of the account and the Services.
Are you under the age of sixteen?
If you are under the age of sixteen, you are not authorized to register your profile on our Websites. This is because the law (the General Data Protection Regulation) imposes strict rules on us regarding the personal data of minors.
What is the retention period of personal data?
Our policy states that we only store and process personal data that is essential to provide you with the best possible service. We do not store or process personal data that we do not use.
We keep personal data as long as we need it for the reasons stated above:
- For personal data contained in our accounting files intended for the tax authorities, the storage period is 10 years after the purchase or sale through our platform;
- For the personal data that we process in order to prevent fraud (users who are the perpetrators of fraud), we keep the data for 5 years after your last connection.
- For all other personal data that we use in connection with your account, we keep it for 2 years after your last connection. If your account is inactive, we will send you a notification after 2 years, and if your account then remains inactive, we will delete your account and your personal data. We will also delete your personal data if you cancel your account.
Do we share your personal data with third parties?
Passetonbillet does not sell, market or rent personal data to third parties. However, we use “Subcontractors” who collaborate with us as part of our Services. In this context, these Subcontractors receive from us personal data which they process according to our instructions. By virtue of "Data Processing Agreements", we contractually oblige all Processors with whom we work not to process personal data for purposes other than those which we communicate to them in our instructions . These Subcontractors are required to follow our instructions to the letter. They will therefore not use personal data for their own purposes. We will verify that all of our Subcontractors comply with the relevant legislation.
We may transfer personal data outside the EU if one of our Processors is located there. Personal data will only be transmitted to countries and / or parties offering a sufficient level of protection in accordance with European standards. Among other things, we will check whether an organization outside the EU is on the list of data protection shields ("Privacy Shield List ”) and whether the level of protection of the third country has been approved by the European Commission.
The Subcontractors we use for the processing of personal data are listed below.
We may share aggregated generic data with our trusted business partners and affiliates. In such a case, the data will be completely anonymized.
How do we protect personal data?
We protect all personal data that we process from unauthorized or illegal access, modification, disclosure, use or destruction. For example, we adopt in particular the technical and organizational measures indicated below to protect personal data:
- Security of our network connections by Secure Socket Layer (SSL) protocol;
- The data (and their access) are secured using passwords;
- All new employees are trained on data protection during their integration phase;
- Periodic data protection training is provided to all employees;
- Access to databases containing personal information is limited to higher-level employees.
- A background check of all employees is performed before they are hired.
Third party websites
We use the following types of cookies:
- Technical cookies: Technical cookies are essential for the operation of our Website. They allow you to navigate our Website and use the functions incorporated therein.
- Analytical or statistical cookies: Analytical cookies are used to check the quality and effectiveness of the Website. For example, we can see how many users visit the Site and which pages they visit. We use this information to improve our Website and our Services.
- Tracking cookies: Tracking cookies analyze the browsing behavior and clicks of our visitors. Thanks to these same cookies, we can see if you have examined your profile, when you have done so, and if you move through our Website by clicking. We may also use them to show you ads based on your interests. To obtain more information on the tracking cookies used to personalize the advertisements according to your areas of interest and how to cancel them, you can modify Your choices online or Cookiebot.
If you do not want cookies to be sent to your computer, you can change your browser's cookie settings. Please note that some features or services may not work as well or not at all without cookies.
Your rights and our contact data
As stipulated by the relevant Legislation, you have the right:
- To have access to a copy of your personal data which we process. You can find a copy of the personal information we process about you here;
- To ask us to correct, revise or delete your personal data in our systems;
- To object to the processing of your personal data;
- To file a complaint with your national data protection authority if you believe that we are processing your personal data unlawfully. Consult the list of all national data protection authorities in the European Union here.
Please note that you can also modify or delete your personal data by logging into your own account.
If you wish to exercise any of the rights set out above or if you have questions, comments or concerns about how we manage your personal data, please contact our Data Protection Officer using the contact details below. We will endeavor to respond to any request for this style within 30 days.
operating under the name of Passetonbillet
63 Coram Street,
Chamber of Commerce and Industry No .: 12002310
VAT number: GB328871471
Email address: firstname.lastname@example.org
The Subcontractors we use for the processing of personal data in order to provide our Services are listed below:
Marketing / Analytics:
- Branch Marketing Analytics, California, USA
Branch provides solutions that unify user measurements across different devices, platforms and channels. It solves this problem by providing an overview of the different user touchpoints and ensuring that the links take the user to the right place on the website.
- Facebook, California, United States
For Facebook, we use Facebook Custom Audience (see Facebook Company for more information). This implies that the Facebook data that you share with us will be (r) sent to Facebook in a hashed format. Facebook has a contractual obligation not to use this data for purposes other than those aimed at offering its audience targeting services. Consult the conditions concerned here.
Included in the list of data protection shield.
- Google Adwords, California, United States
Google AdWords is an online advertising service developed by Google; advertisers pay to display short ad copy, product listings and video content in Google’s ad network for web users (Google Display Network, Google Search, YouTube, etc.). These companies also use automated technologies to collect information when you click on our ads, which helps track and manage the effectiveness of our marketing efforts (for example, retargeting or new marketing contacts) . You can opt out of automated information gathering by third-party ad networks to provide you with ads tailored to your interests. Consult here the details of the conditions concerned.
- Google Analytics, California, United States
Google Analytics is a web analytics service provided by Google. Google uses the personal data collected to track and review the use of this Application in order to prepare reports on the activities concerned and share them with other Google services. Google may use the personal data collected to contextualize and personalize the advertisements of its own advertising network. The personal data collected are cookies and usage data. See details here.
- Google Optimize, California, United States
Google Optimize (Optimize) is an experimental tool developed by Google. Optimize uses Google Analytics cookies to target content variants intended for a user and a content experimentation cookie to determine a user's participation in an experiment. We use this tool to record and track visitor participation in a website experiment as an A / B test where half of the website users see a page and the other half a variant, different and personalized. These tests help us to improve the experience this users.
- Google Login API, California, United States
A Google Account is a user account that is required for accessing, authenticating, and authorizing certain online Google services, including Gmail and similar products. This is a public application programming service (API) offered by Google Inc. Google uses the personal data collected to track and review the use of this application in order to prepare reports on relevant activities and share them with other Google services. We use Google Login API for the quick registration process.
- Google Tag Manager, California, United States
- Hotjar, Malta, EU
Hotjar is a tool that reveals the online behavior and the voice of our users. By combining analysis and feedback tools, Hotjar gives us ways to improve our platform.
Mass email forwarding
- Mailchimp, Georgia, United States
- Mailgun, California, United States
- Nexmo, Paris, France
- MangoPay, Paris, France
Included in the list of data protection shield.