The EU General Data Protection Regulation
(GDPR) requires EliveTix and Organizers using the Service to provide Users
with more information about the processing of their Personal Data. Here is what
you need to know:
Legal grounds for processing your Personal Data
The GDPR requires us to tell you about the legal ground we're relying on to
process any Personal Data about you. The legal grounds for us processing your
Personal Data for the purposes set out in Section 4 above will typically be
provided your consent;
- it is
necessary for our contractual relationship;
processing is necessary for us to comply with our legal or regulatory
processing is in our legitimate interest as an event organizing and
ticketing platform (for example, to protect the security and integrity of
our systems and to provide you with customer service, etc.).
EliveTix has also certified its compliance with the EU-U.S.
and Swiss-U.S. Privacy Shield as set forth by the U.S. Department of Commerce
regarding the collection, use, and retention of personal data transferred from
those countries. We have certified that we adhere to the Privacy Shield
principles of Notice, Choice, Accountability for Onward Transfers, Security,
Data Integrity & Purpose Limitation, Access and Recourse, Enforcement &
Liability when processing Personal Data from the EEA, Switzerland or the UK in
the United States. You can find out more about our commitment to the EU-U.S.
and Swiss-U.S. Privacy Shield Framework in our Privacy Shield Notice.
Personal Data retention
We retain your Personal Data for as long as necessary to provide you with our
Services, or for other important purposes such as complying with legal
obligations, resolving disputes, and enforcing our agreements.
If you have an account with us, we will typically retain your Personal Data for
a period of ninety (90) days after you have requested that your account is
closed or if it's been inactive for seven (7) years.
Data protection law provides you with rights in respect of Personal Data that
we hold about you, including the right to request a copy of the Personal Data,
request that we rectify, restrict or delete your Personal Data, object to
profiling and unsubscribe from marketing communications.
For the most part, you can exercise these rights by logging in and visiting the
My Account page or changing the "cookie settings" in your browser
(see our Cookie Statement for more information). If you can't find what you're
looking for in the My Account page, please contact us using the contact
information set out in Section 15 above. Please note that requests to exercise
data protection rights will be assessed by us on a case-by-case basis. There
may be circumstances where we are not legally required to comply with your
request because of the laws in your jurisdiction or because of exemptions
provided for in data protection legislation. If you have a complaint about how
we handle your Personal Data, please get in touch with us as set forth in
Section 15 to explain. If you are not happy with how we have attempted to
resolve your complaint, you may contact the relevant data protection authority.