The Privacy Policy has been updated as of December
12, 2023. For details on exercising rights under the California Consumer
Privacy Act, as amended by the California Privacy Right Act; the Virginia Consumer
Data Protection Act; the Colorado Privacy Act, the EU General Data Protection
Regulation (GDPR), the United Kingdom Data Protection Act 2018 (DPA), the Swiss
revised Federal Data Protection Act (revFADP) or the
Australian Privacy Act 1988 (APA), click here.
PLEASE READ THIS PRIVACY POLICY (THIS "PRIVACY
POLICY") CAREFULLY BEFORE USING THIS WEBSITE, APPLICATION OR ANY OTHER
TICKETS.COM SERVICES.
Tickets.com, LLC is a global ticketing company
that provides ticketing services for events and venues through it and its
subsidiaries Tickets.com Ltd., Tickets.com GmbH, Tickets.com Pty Ltd., TDC
Tickets Holdings, LLC, Tickets.com Holding, LLC, and Tickets.com Services, LLC
(collectively the “Company”). For customers within the European
Union and European Economic Area (“EEA”), the applicable data controller of
your personal data will depend on where you reside. Please see the contact details at the end of
this Privacy Policy.
Protecting the privacy of your personal
information is important to the Company and to ensure that your personal
information is maintained securely and privately, we have developed the
following Privacy Policy. This Privacy Policy applies to the use of any Company
site, including www.tickets.com (the “Website”), where this Privacy Policy
appears in the footer, and to any Company products, services, features, content
or applications where this Privacy Notice is referenced or a link to this
Privacy Policy in provided, all of which are referred to herein collectively as
the Company Services and individually as a Company Service. Our Privacy Policy is applicable to all
interactions between you and the Company, as there is the possibility that
during such interaction, we may acquire your personal information. This Privacy Policy describes the type of information
that we collect from you via Company Services, how we may use that information,
when and to whom it may be disclosed and the choices we offer for you to manage
the personal information we collect related to your use of Company Services. This Privacy Policy does not apply to
information about the Company’s employees, contractors, agents, and job
applicants in their capacity as such. The Company may link to services or
properties operated by another company entity or person (referred to in this
policy as “Other Company” or collectively “Other Companies”) which are not
subject to this Privacy Policy. You
should familiarize yourself with the privacy practices of any Other Company
whose services or properties you utilize and direct any concerns regarding any
such Other Company to the administrator of the applicable service or property.
1. Personal Information We Collect
In the course of selling tickets or other merchandise, we may
collect and maintain certain personal information that will help us to more
efficiently perform various transactions. In most instances, we are required to collect your
personal information for processing on behalf of certain entertainment
organizations and venues (an “Event Host”) as part of our contractual
relationship with them. Of course, if you wish to purchase tickets to an event
and remain anonymous, you may purchase your tickets in person, directly through
the Event Host's box office.
We collect personal information you choose to
provide during utilization of Company Services such as becoming a registered
user, purchasing tickets or admission to an event or venue, signing up for or
subscribing for products or services or participating in special promotions. The information we collect may include, but
is not limited to:
·
Full name,
·
Email address,
·
Username,
·
Password,
·
Street address,
·
City, Postcode, Country,
·
Telephone number(s),
·
Birth date,
·
Payment data,
·
IP addresses,
·
Location data,
·
Demographic data,
·
Device data,
·
Usage data,
·
Information about your
interests and preferences,
·
Data specifically
requested in relation to an activity or an event (e.g., emergency contact
information),
·
Data provided by Other
Companies if you choose to connect your use of our services through the Other
Company’s service,
·
Personal information of
a child if and only if a parent or guardian provides the child’s personal
information; and
·
Sensitive personal
information.
If we collect your information, in most
instances, the applicable page(s) or locations(s) within the Company Property
will include statements regarding what information is required and
functionality for you to submit required or requested information.
2.
How and for What Purpose We Use and Disclose
Your Personal Information?
If you submit personal
information to us, or to any Other Company acting on our behalf (a “Service
Provider”) or an Event Host via the Company Services, we may utilize and disclose
your personal information as set forth in this Privacy Policy, as disclosed
when you first submit your information or as otherwise permissible under
applicable law. We may use and share
your personal information as described in Section 1 above and:
- To provide you with the information you have requested,
or with the tickets or other products, services
or content you have purchased, used or otherwise engaged with (e.g., a
sweepstakes or loyalty program) and to communicate with you about the
same. For instance, if you are
purchasing tickets or admission to an event or venue, the Company utilizes
your personal information to complete the purchase transaction and to
communicate with you about your ticket order, ticket delivery or other
inquiry.
- Whenever you purchase tickets or admission to an event
or venue, we may be required to share your personal information with a third-party
credit card processor or other payment processing services to facilitate
completion of your transaction. The payments processor may share the same
information with your credit card issuer, bank or
payment services account provider for their use in connection with
gathering data related to use of their cards, rewards programs or other
purposes. Company is not liable nor exercises control over any of the
interactions between payments processors, issuers, or the like. You are
urged to read and become familiar with the privacy policies governing the
use of your credit cards.
- When you purchase a ticket or admission to an event or
venue, we may be contractually required to pass your personal information
to the Event Host, or their authorized service provider, so that they may
communicate with you about the event you are going to attend. Under those
circumstances, we cannot offer you the option to opt-out from having your
information passed to the Event Host, and Company shall not be liable for
the use of your personal information by the Event Host. When
you purchase tickets to an event, you should read and become familiar with
the privacy policies of the Event Host as such policies will be applicable
to the use of your personal information by the specific Event Host.
- In
certain instances, while utilizing Company Services you may consent to
share personal information or receive communications from Event Hosts or
specified Other Companies. Upon receiving your consent, Company may
disclose your personal information to the applicable Other Company and
subject to such consent may communicate with you accordingly.
- Company may share personal
information to trusted Service Providers who assist us in operating our
Company Services, conducting our business, or the provision of the Company
Services to you. These Services
Providers may use your personal information only to the extent necessary
to perform the services they provide to Company and are required to
provide a comparable level of protection and confidentiality of your
personal information.
- In accordance with any other permission you provide at the time you submit such
information to us.
For customers in the
EEA, we are required to give you information about the legal basis on which we
process your personal information. When
you purchase tickets or other items utilizing Company Services, your personal
data will be processed on the basis that it is necessary in
order to perform a contract with you.
In many other cases, the processing will be necessary for the purpose of
legitimate interests pursued by Company or on behalf of our Event Host clients,
namely the provision of ticketing services or the facilitation of other purposes
for which your personal information is processed as specified in this Privacy
Policy.
3.
Other
Information Collected; Cookies Consent
Technical Information. When
you use Company Services, including the Website, we use software tools, including but not
limited to cookies (small amounts of data which include a unique string of
characters sent to your browser or application from a website's computers and
stored on your computer's or device's storage), web beacons (technology used to
track activity, also known as pixel tags) and similar technologies, to collect
a variety of information, for example the IP address of the computer or device
used to access a Company Service, the type of internet browser or operating system used to access a Company
Service, the date and duration of a website visit or the Internet Protocol
address used to access the website. We use such technical information for
internal purposes, for example to study and improve the response times of our Company
Services, understand how certain features of our Company
Services are used, identify the geographic region our visitors are contacting
us from, and determine how many people visit our Company Services at any given
time.
We may associate technical information with personal
information you provide to us as described in Section 1 above, in which case we
will treat such associated information as personal information. Please be
advised that associating technical information with personal information may be
required for us, our Service Providers and on behalf of our Event Host clients,
to recognize you and your communications with us, for example to enable your
use of a "shopping
cart" or retain your marketing preferences. All customers, including those within the EEA,
will be notified when cookies are utilized in applicable Company Services. Customers can manage cookies as specified in
this privacy policy and may choose to discontinue use of the Company Services
requiring cookies.
Other
Companies’ Cookies and Web Beacons; Network Advertisers; Targeted Advertising. We
may allow and use select Service Providers and/or Other Companies, such as
those who deliver advertisements, content, or social networking or which
provide other services associated with Company Services, to collect data and/or
serve ads when you use Company Services.
We may also make available certain data you have given to us (e.g., IP
address) or that we have collected through publicly available means to third
parties engaged in targeting advertisements including for use in accordance
with such third party's privacy policy. Network
advertisers may use information
(not including your name, address email address or telephone number) about your
visits to the Website and other websites in order to
provide advertisements about goods and services of interest to you. This may
happen through permission given to such third parties to set cookies, web
beacons or similar technologies in certain locations, including but not limited
to certain of our emails. These companies may also use non-cookie
technologies to recognize your computer or device and/or to collect and record
information about your web surfing activity including your activities on or off
Company Services. Please keep in mind
that your web browser may not permit you to block the use of these non-cookie
technologies, and those browser settings that block cookies may have no effect
on such techniques. You may learn more about network advertising industry
practices and opt out of targeted behavioral advertising from many major third
party network advertisers and to know your choices about not having this information used by these
companies, via the information and tools available at https://optout.networkadvertising.org/?c=1 and http://optout.aboutads.info/?c=2#!/h.
Social Networking. When
using the Company Services or when using certain Other Companies’ social
networking services (e.g., Facebook, Twitter, Google +) (each a "Social Network"), you may have the option to connect your Company
Services information and activity with your Social Network information and
activity. If you authorize such a connection, you permit us to share or publish
information about your Company Services activity with that Social Network and
its users, and to access certain of your Social Network information, as
disclosed to you at the time you consent to the connection. Information we may share with a Social Network
may include, but is not limited to, technical information about your Company
Services activity. Information we may access about you, with your consent, from
a Social Network may include, but is not limited to, your basic Social Network
information, your location data, your list of contacts, friends or followers
and certain information about your activities on the Social Network. If you permit a connection between a Social
Network and a Company Services, we (and that Social Network) may be able to
identify you and to associate information received pursuant to the connection with
information we already have about you. We recommend that you familiarize
yourself with the privacy policy and privacy control options of any Social
Network with which you choose to share information or connect to a Company
Service.
Location Data. When you use Company Services
we may solicit your permission to collect your location data. Some features
within our Services may only function upon confirmation of your location, and
therefore such features will not be available if you choose not to provide your
location data to us. The specificity of the location data collected may depend
on a number of factors, including the device you are
using (e.g., laptop, smartphone, tablet) and how you are connected to the
Internet (e.g., via cable broadband connection, Wi-Fi). If you enable location
services for our Company Services, we may collect location data periodically as
you use or leave open our Company Services.
We use such location information for internal purposes and to improve
your Company Services experience. We may associate such location information
with personal information you provide to us as described in Section 1 above, in
which case we will treat such associated information as personal information.
Depending on the platform you use to access our Services (e.g., Apple’s iOS, Google's Android) you may be able to control whether
location data is collected from within "Settings" or other controls on your wireless device or
applicable Company Service (e.g., application).
Device ID. When
you use certain Company Services, we or our Service
Provider, may collect your unique device ID. We may use such information for
internal purposes and to provide you a better Company Services experience. We may associate Device ID with personal
information you provide to us as described in Section 1 above, in which case we
will treat such associated information as personal information.
Biometric Information. If you elect to participate in certain
programs offered by Event Hosts (e.g., biometric venue entry), the Event Hosts and/or
their Service Provider(s) may perform a scan or collect imagery of your
physical characteristics to create a unique identifier associated with you
based on biometric identifiers. The terms and conditions applicable to such
programs (e.g., biometric venue entry) may include terms regarding the capture
and use of this biometric information, and you should familiarize yourself with
those terms if you elect to utilize and engage with any such programs.
4. Other Circumstances When Your Data May Be Disclosed
Aggregated and Anonymous Information. We may disclose aggregated, anonymous
information to any Other Company. This information is not linked to personal
information that can identify you or another individual person. Amongst other
reasons, this information may be disclosed for advertising analytics purposes.
Google Analytics. As with many websites, we use Google
Analytics to understand how you and other visitors engage with Company Services.
If you don’t want Analytics to be used in your browser, you can install the Google
Analytics browser add-on (https://tools.google.com/dlpage/gaoptout). You can learn more about Google Analytics and
privacy here: (https://support.google.com/analytics/answer/6004245?hl=en.
Business Transfers. As time passes, Company may
disclose personal information with any person or party to whom we may transfer
any of our rights or obligations under any agreement, or in connection with a
sale, merger or consolidation of our business or other
transfer of our assets, whether voluntarily or by operation of law, or to any
person who is otherwise deemed to be our successor or transferee.
Disclosure for Legal
Purposes.
We may be required to share your personal and non-personal information pursuant
to judicial or governmental subpoenas, warrants or orders. If we are required
to do so, we will, of course, obey the law. In addition, notwithstanding any
term to the contrary in this Privacy Policy, we reserve the right to use,
disclose or share your personal and non-personal information in
order to investigate, prevent or take action regarding illegal
activities, suspected fraud, situations involving potential threats to the
safety of any person, violations of applicable Company Terms of Use or as
required by law.
5. Managing Your Personal Information
Company
utilizes Email as a vital and primary communication channel with registered
users of Company Services. By providing us with your Email address, you grant
to Company (and its service providers) permission to communicate with you via Email for any purposes Company determines to be relevant to
your use of its Company Services or your relationship with Company, including,
but not limited to, system messages, product updates, service announcements and
other marketing messages you have elected to receive. You may opt out of
receiving any marketing messages that we may send to you.
Users
who do not wish to receive marketing Emails are requested to contact Company
via Email ([email protected]). Users are not able to unsubscribe from
system messages, product updates and service announcements, which contain
important information about service notices and responsibilities. Company
occasionally communicates with its users via Email to provide information about
requested services and regarding issues related to their account.
In addition to
providing a mechanism for users to opt-out of marketing emails, Company strives
to provide users with access to their personal information. Users can access, update, correct or delete their
personal information by logging into their account on the Company website or
other Company Service, as applicable. In
many cases, users may also be able to access, update, correct or delete personal
information on Event Host websites.
If you do not want information collected through the use of cookies, there is a simple procedure in
most browsers that allows a user to accept or reject most cookies. Certain cookies called local shared objects,
or Flash Cookies, may not be managed using the settings in your web
browser. Information on rejecting these
cookies is available from Adobe’s website directly. If you set your browser or Adobe Flash
options not to accept cookies or local shared objects, you may not be able to
take advantage of certain features of the Company Services.
6.
How
Long Is Your Personal Information Retained?
Your
personal information will be held for the purposes and uses set out in this
Privacy Policy and for as long as there is a legal, taxation, accounting, risk
management or business requirement to do so. Different retention periods apply
to different types of records and data; however, the longest your personal data
will typically be held is 6 years from the date of your last transaction. This
period may be extended where circumstances so require or until a particular query,
investigation or dispute is fully resolved.
7.
Data
Quality and Security Statement
Company takes the
security of your personal information very seriously and utilizes security
measures to protect your personal information against unauthorized access to,
unauthorized alteration, and disclosure of data. We use data security systems
to encrypt your personal and financial information to reduce the risk of loss,
misuse, and alteration of your information, or that your information will be
obtained by unauthorized persons. Our electronic security measures are
complemented by the physical security of our facilities and limited access to
certain critical areas, such as our computer locations. Company may process and retain your personal
information on our servers in the U.S., Australia, United Kingdom
or Germany where our data centers are located.
All data is stored in line with the Payment Card Industry Data Security
Standards (PCIDSS) and such compliance is externally audited on an annual basis. We maintain your information in compliance
with applicable privacy laws and regulations including but not limited to the EU
General Data Protection Regulation (GDPR), the United Kingdom Data Protection
Act 2018 (DPA), the Swiss revised Federal Data Protection Act (revFADP) and the Australian Privacy Act 1988 (APA). Access and use of personal information is
restricted to employees, third parties or agents with a need to know. These individuals are bound by
confidentiality obligations with penalties specified for any breach of such
obligations, and our management team
and its engineers regularly review and update the integrity of Company Services
and the security of your Information. However, because of the increasing sophistication of computer hackers
and others who would seek to invade our computer systems for the purpose of
stealing information, damaging our systems or denying our systems' ability to
operate effectively to safeguard personal and financial information as
intended, we make no promises as to the security of personal or financial
information in our possession or the impenetrability of our computer systems
under unusual circumstances or our computer system's resilience to future
sophisticated attacks. Company also, cannot safeguard any data stored on your
own personal computer or device, or any public computer upon which you might
elect to access Company Services.
8.
Links
To / From Other Sites
Our Company Services,
including our Website, may contain links to other
Internet websites which we do not operate and, conversely, other Internet
websites may contain links to our Website. We are not aware of and are not
responsible for the privacy policies, practices, or content of such other
websites. We encourage visitors to read and become familiar with the privacy
policies maintained by such other websites.
9.
Information
of Minors & Children.
We do not target our Website or Company Services to children, and our Company Services
does not knowingly collect personal information from children under the age of sixteen
(16) without the consent of the child’s parent or guardian. For children located in jurisdictions within
the EU, where this Privacy Policy refers to consent, this
will require the consent of a parent or legal guardian in relation to any
person under the age specified by the law applicable to the location of the
child in question. Should we become aware that a child under the
applicable age of consent has provided us with personal information; Company
will take the necessary steps to remove such information and terminate the
child’s account.
If you are under the age
of 16, or the applicable age of consent in your jurisdiction, please do not
submit any personal information utilizing Company Services or ask us to email
you. If you are under the age of 18, you should get permission from a parent or
guardian before you email us, attempt to use our Company
Services, submit information via our Company Services, or ask us to email you.
10.
Your
Privacy Rights: California, Virginia and Colorado
Privacy Rights; Notice to Illinois Residents; EEA, U.K., Swiss & Australia
Privacy Rights.
If you are a resident of California, you have
certain rights pursuant to the California Consumer Privacy Act (“CCPA”), as
amended by the California Privacy Rights Act of 2020 (“CPRA”), and the Shine
the Light law. Except where specifically noted below, both the CCPA and the
CPRA are collectively referred to as the CCPA in this Privacy Policy. Those
rights are detailed in this Section 10. To exercise the rights detailed in this
Section 10, please click here or call us at 800-303-8368.
If you are a resident of Virginia, you have
certain rights pursuant to the Virginia Consumer Data Protection Act. Those
rights are detailed in this Section 10. To exercise the rights detailed in this
Section 10, please click here or call us at 800-303-8368.
If you are a resident of Colorado, you have
certain rights pursuant to the Colorado Privacy Act. Those rights are detailed
in this Section 10. To exercise the rights detailed in this Section 10, please click here or call us at 800-303-8368.
If you are a resident of
the EEA, U.K., Switzerland or Australia, you have certain
rights, as applicable, pursuant to the EU General Data
Protection Regulation (GDPR), the United Kingdom Data Protection Act 2018
(DPA), the Swiss revised Federal Data Protection Act (revFADP) or the Australian Privacy Act 1988 (APA). Those rights are detailed in this Section 10. To exercise these privacy rights, please click here or contact the applicable
data controller as specified in Section 14 at the end of this Privacy Policy.
and as noted below include the the right to see a copy of the personal information that we
hold about you, and you may ask us to make any necessary changes to ensure that
this information is accurate and kept up to date. In addition, customers in the EEA, subject to
limitations as provided for by applicable data protection legislation you have
the right to request the erasure of your personal data or the restriction of
its processing, or the transfer of your personal data to another data
controller.
Your privacy rights include (i) the right to know about your personal information that Company
collected, disclosed, sold or shared; (ii) the right to delete your personal
information; (iii) the right to correct inaccuracies in your personal
information; (iv) the right to opt-out of sale or sharing of your personal
information; (v) the right to opt-out of targeted advertising; (vi) the right
to data portability; (vii) the right to non-discrimination; and (viii) the
right to appeal a refusal to act on your data rights request. California Civil
Code Section 1798.83 permits our visitors who are California residents to
request certain information regarding our disclosure of personal information to
third parties for their direct marketing purposes. To make such a request,
please send an E-mail to [email protected] or write us:
Tickets.com, LLC
Attn: Global Privacy
Administrator
2100 East Grand Ave Suite 600
El Segundo, CA 90245
A. Right to Know About
Personal Information Collected, Disclosed, Sold or Shared
You have the right to request that Company
disclose the following information to you about our collection and use of your
personal information in connection with the Company Services over the last 12
months:
·
The categories of
personal information we collect about you.
·
The categories of
sources for the personal information we collect about you.
·
Our business or
commercial purpose for collecting or selling that personal information.
·
The categories of third
parties with whom we share that personal information for cross-context
behavioral advertising.
·
The specific pieces of
personal information collected about you.
·
If we sold or disclosed
your personal information for a business purpose, (i)
a list of the categories of personal information we have sold in the prior 12
months and (ii) a list of the categories of personal information we have
disclosed in the prior 12 months.
·
If we have not sold or
disclosed your personal information in the preceding 12 months, we will
disclose that upon request.
You also have the right to request that Company
disclose the following information to you about our collection and use of your
sensitive personal information in connection with the Company Services over the
last 12 months:
·
The categories of
sensitive personal information we collect about you.
·
The categories of
sources for the sensitive personal information we collect about you.
For California residents, our responses to right
to know requests will cover the personal information we have collected and
maintain about the consumer on or after January 1, 2022, or for a shorter
period if an exemption applies or if requested by the consumer.
B. Right to Request
Deletion of Personal Information
You also have the right to request that Company
delete any of your personal information that we collected via the Company
Services and retained. We will not delete your information if we need it to
protect the security, integrity or functionality of our operations and systems,
to comply with legal obligations, to provide you with a good or service you
requested, or for certain other reasons.
C. Right to Request
Correction of Personal Information
You have the right to request that Company
correct inaccuracies in your personal information that we collect and maintain
about you. If Company receives a verifiable consumer request to correct
inaccurate personal information, we will use commercially reasonable efforts to
correct the inaccurate personal information as directed by you. We will not be
able to update your information if we need it to protect the security or
functionality of our operations, to comply with legal obligations, or for
certain other reasons.
D. Process Company will
use to Verify Request to Disclose, Correct, or Delete Personal Information of a
California, Virginia,Colorado,
EEA, U.K., Swiss or Australia Resident
A request to disclose, correct or delete your
personal information must provide sufficient information that allows us to reasonably
verify you are the person about whom we collected personal information and that
you are a resident of California, Virginia, Colorado, EEA, U.K., Swiss or
Australia as applicable. Your request must describe your request with
sufficient detail that allows us to properly understand, evaluate, and respond
to it. We will only use personal information provided in a verifiable consumer
request to verify the requestor’s identity or authority to make the request. We
ordinarily process requests within 45 days of its receipt. In some cases, we
may extend this period to 90 calendar days. If we require more than 45 days, we
will inform you or your authorized agent in writing of the reason we did so and
the extension period.
E. Right to Opt-Out of
the Sale or Sharing of Personal Information
You have the right to direct us at any time to
not sell your personal information or share your personal information for
cross-context behavioral advertising. You may submit an opt-out request by clicking here or by dialing 800-303-8368.
F. Right to Opt-Out of
Targeted Advertising
You have the right to direct us not to process
your personal information for targeted advertising. You may submit an opt-out
request by clicking here or by dialing 800-303-8368.
G. Your Right to Data
Portability
You have the right to have a copy of personal
information that Company collected and maintains about you transferred to you
or to another authorized party.
H. Your Right to
Non-Discrimination for the Exercise of Your Privacy Rights
We will not deny services, charge different
prices, offer a different quality of service or
otherwise discriminate against you for exercising your California, Virginia or
Colorado privacy rights, as applicable. Nothing in this section prohibits Company
from charging you a different price or rate, or from providing a different
level or quality of goods or services to you, if that difference is reasonably
related to the value provided to you by the use of
your data. With your consent, Company may choose to offer you financial incentives
directly related to the value of your personal information for the collection,
sale, or deletion of your personal information.
I. Information Regarding
Authorized Agents
You may designate an authorized agent to make a
request on your behalf. If you choose to do so, Company may require you to (1)
provide the authorized agent written permission to do so and (2) verify your
own identity and residency directly. Company may deny a request from an agent
that does not submit proof that they have been authorized by the consumer to
act on their behalf.
J. Right to Appeal
If you are a Colorado or a Virginia resident,
and Company denies your request to exercise any of the data rights described
above, you have the right to appeal our decision within a reasonable period of time after your receipt of our decision.
You may appeal our decision by sending an email
to [email protected]. We will respond
to an appeal within 60 days of receipt for residents of Virginia, and within 45
days of receipt for residents of Colorado. We may extend the response period by
60 additional days for residents of Colorado where reasonably necessary and, if
we extend the response period, we will inform you of the extension within 45
days after our receipt of your appeal. Our response to your appeal will inform
you of decisions and actions in response to your appeal, including an
explanation of the reasons for the decisions.
EEA, U.K. and Swiss residents may appeal any
decisions as specified in Section 12 below.
If you have concerns about the results of your
appeal, you have the right to contact your state attorney general. If your
appeal is denied and you are a Virginia resident, you may contact the Virginia
Attorney General to submit a complaint at: https://www.oag.state.va.us/consumer-protection/index.php/file-a-complaint.
K. Personal Information
We Collect, Disclose, Sell, or Share of Personal Information
Company has disclosed, sold
or shared personal information to parties for a business or commercial purpose
in the past 12 months. Company does not knowingly sell or share the personal
information of minors under 16 years of age without affirmative authorization.
These are the general categories of consumer
personal information that Company have collected in the last 12 months, the
sources from which that information was collected, the business purpose for
which the information was collected, and the categories of parties with whom Company
discloses, sells, or shares personal information.
Category
of Personal Information Collected |
Source(s)
from which that Personal Information may be collected |
Business Purpose |
Categories
of Service Providers and/or Other Companies to whom Company discloses this
Personal Information |
Categories
of Third Parties to whom Company sells or shares this Personal Information |
Full name |
· Company Services (including but not limited to
websites, apps, customer service) · Event Hosts · Ticketing service partners (e.g., group and
secondary ticket sales providers) · E-commerce partners (e.g., ticket insurance,) · Social Media |
· Ticket Sales · Order fulfillment · Personalization · Promotions |
· Event Hosts · Ticketing service partners (e.g., group and
secondary ticket sales providers) · Data processing and analytics vendors · Fulfillment vendors · Payment processors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· None |
Email address |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partners · Social Media |
· Tickets Sales · Order fulfillment · Subscription management · Security and access control · Provision of services purchased or requested |
· Event Hosts · Ticketing service partners (e.g., group and
secondary ticket sales providers) · Partners and licensees · Data processing and analytics vendors · Fulfillment vendors · Payment processors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· None |
Password |
· Company Services · Event Hosts · Ticketing service partners |
· Security and access control · Provision of services purchased or requested |
· Technical Service Providers providing security
and access control services |
· None |
Street Address |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partners · Social Media |
· Ticket Sales · Order fulfillment · Subscription management |
· Event Hosts · Ticketing service partners (e.g., group and
secondary ticket sales providers) · Data processing and analytics vendors · Fulfillment vendors · Payment processors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· None |
Telephone number |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partners |
· Tickets Sales · Order fulfillment · Subscription management · Provide requested information · Promotion |
· Event Hosts · Ticketing service partners (e.g., group and
secondary ticket sales providers) · Data processing and analytics vendors · Fulfillment vendors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· None |
Birth date / age |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partner · Social Media · Partners and licensees |
· Security and access control · Provision of services purchased or requested · Legal compliance |
· Event Hosts · Ticketing service partners (e.g., group and
secondary ticket sales providers) · Data processing and analytics vendors · Fulfillment vendors · Service Providers such as website hosting,
security and/or customer service vendors |
· None |
Payment data |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partner |
· Tickets Sales · Order fulfillment |
· Payment processors |
· None |
Hashed emails and/or phone numbers |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partners · Social Media |
· Provide requested services · Deliver advertising · User account verification |
· Data processing and analytics vendors · Advertising vendors |
· Advertising vendors |
Hashed biometric information |
· Biometric authentication services vendor |
· Provide requested services |
· Technical Service Providers such as website
hosting, security and/or customer service vendors |
· None |
IP address / Device ID |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partner · Social Media · Advertising vendors (e.g., Google) |
· Provide requested services · Deliver advertising |
· Data processing and analytics vendors · Advertising vendors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· Advertising vendors · Advertisers |
Location data |
· Company Services
· Ticketing service partners · E-commerce partners · Social Media · Advertising vendors |
· Venue access control · Providing services (e.g., in venue services)
that are location dependent · Delivering personalized experiences · Providing improved experiences and products · Promotions and advertising |
· Event Hosts · Data processing and analytics vendors · Advertising vendors · Service Providers such as website hosting,
security and/or customer service vendors |
· Advertising vendors · Advertisers |
Demographic data |
· Company Services · Event Hosts · Ticketing service partners · Social Media · Third party data and analytics vendors |
· Providing tailored services, experiences and products · Improving services, experiences
and products |
· Event Hosts · Data processing and analytics vendors · Advertising vendors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· Advertising vendors · Advertisers |
Cookie data |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partner · Social Media |
· Delivering optimized services, experiences and products · Advertising |
· Advertising vendors · Service Providers such as website hosting,
security and/or customer service vendors |
· Advertising vendors · Advertisers |
Usage data |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partner · Social Media |
· Delivering optimized services, experiences and products · Advertising |
· Data processing and analytics vendors · Advertising vendors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· Advertising vendors · Advertisers |
Data specific to an event, activity, or
product (e.g., fan clubs) |
· Company Services · Event Hosts · Ticketing service partners |
· Ticket Sales · Order fulfillment · Event operations · Providing requested services |
· Event Hosts · The entities producing the event or activity,
if other than an Event Host |
· None |
Preferences |
· Company Services · Event Hosts · Ticketing service partners |
· Providing services · Tailoring products and services in accordance
with preferences |
· Event Hosts · Data processing and analytics vendors · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· Advertising vendors · Advertisers |
These are the categories of sensitive consumer
personal information that Company has collected in the last 12 months, the
sources from which that information was collected, the business purpose for
which the information was collected, and the categories of third parties with
whom Company discloses, sells, or shares sensitive personal information.
Company does not use sensitive personal
information to infer characteristics about you for purposes other than those
permitted by applicable law, including the CCPA and its regulations. Company typically
limits its use and disclosure of sensitive personal information to the
following purposes: (1) to perform services, such as to provide benefits to
consumers; (2) to resist deceptive, fraudulent, or illegal actions; (3) to
ensure the physical safety of our personnel, customers, visitors, and others;
and (4) to provide short-term, transient and
non-personalized advertising.
Category
of Personal Information Collected |
Source(s)
from which that Personal Information may be collected |
Business Purpose |
Categories
of Service Providers and/or Other Companies to whom Company discloses this
Personal Information |
Categories
of Third Parties to whom Company sells or shares this Personal Information |
Tickets.com / Event Host account credentials |
· Company Services · Event Host · Ticketing service partners · E-commerce partners |
· Providing requested services · Ticket sales · Order fulfillment · Security and access control · Provision of services purchased or requested |
· Service Providers providing security and
access control services |
· None |
Precise geolocation information |
· Company Services · Event Hosts · Ticketing service partners · E-commerce partners · Social Media · Advertising vendors |
· Providing services (e.g., in venue services)
that are location dependent · Venue access control · Delivering personalized experiences · Providing improved experiences and products |
· Event Hosts · Data processing and analytics vendors · Technical Service Providers providing location
verification and related services |
· None |
Health information |
· Company Services · Event Hosts · Ticketing service partners · E-Commerce partners |
· Providing requested services |
· Event Hosts · Technical Service Providers such as website
hosting, security and/or customer service vendors |
· None |
Biometric Information |
· Biometric authentication services vendor |
· Providing requested services |
· Service providers, such as the biometric
authentication services vendor |
· None |
L. California Privacy Rights Report of Metrics
Below reflects the number of requests from individuals related
to the California Consumer Privacy Act received and processed by Company during
the period of time noted below. These numbers will be
updated at least annually (with the date of such update, and prior update,
noted below):
Requests to Know
Personal Information |
Received: N/A |
Requests to Delete Personal
Information |
Received: 260 |
Requests to Correct
Personal Information |
Received: N/A |
Requests to Opt Out of Sale or Sharing of Personal Information |
Received: 68 |
Requests to Limit
Use and Disclosure of Sensitive Personal Information |
Received: N/A |
The median number of
days within which Company substantively responded to requests to know,
delete, and opt-out of sale is: 0.25 days |
|
Most recent update: October
1, 2023 |
M. Shine the Light Law
If you are a resident of California, pursuant to California
Civil Code Section 1798.83, you may request information regarding our
disclosure of your personal information to a third party for that party's
direct marketing purposes. Any such disclosure made to a third party by us
would be otherwise in accordance with the terms of this Privacy Policy. To make
such a request please click here or write to us at: Tickets.com, LLC, Attn: Global Privacy Administrator
2100 East Grand Ave Suite 600, El Segundo, California 90245
N. Do Not Track Requests
“Do Not Track” signals are options on your browser that inform
website operators that you would not like to have your online activity tracked.
Currently, there is no industry standard regarding any appropriate action that
websites should take when they receive “Do Not Track” signals. As there is no
industry standard, please note that we do not alter our Website’s
data and information collection and use practices when we receive a “Do Not
Track” signal from your browser.
O. Loyalty Program Disclosures
If you are a resident of California or Colorado and you
participate in a loyalty, rewards, premium feature, discount, or club card
program established by Company for the purpose of providing discounts, rewards,
or other value to you in connection with your participation (each, if any, a
“Loyalty Program”), we may disclose and/or share your personal information as
set forth in this Privacy Policy and/or pursuant to any separate consent you
may provide in connection with your participation in the Loyalty Program. You
may cease your participation in any Loyalty Program at any time by following
the instructions provided in connection with the Loyalty Program or by
contacting 800-303-8368.
P. Notice to Illinois Residents
If you are a resident of Illinois and you elect to participate
in any program or offering requiring you to provide biometric information to Company
or its Service Provider(s), Company will permanently destroy such biometric
information, and any information directly derived from such biometric
information, when the initial purpose for collecting or obtaining such
information has been satisfied or within three (3) years following your last
interaction with us, whichever occurs first.
11.
Terms of Use
Please
also refer to our Terms of Use to view the terms and conditions governing the
use of the applicable Company Services.
12. Transferring Your Personal Information Across Borders
For customers in the EEA, we are obliged
to provide certain information relating to the transfer of your personal
information outside the EEA. Where you
have purchased a service, it may often be necessary to transfer your personal
information in order to perform a contract with you or
to provide ticketing services on behalf of our Event Host client. If you submit
personal information to us, or to a Service Provider, via the Company Services,
you will be voluntarily consenting to transferring this personal information to
the United States or other country where Company data centers are located (i.e.,
Australia or United Kingdom). The same
will be the case in relation to your personal information which is collected
when you use Company Services as specified above. In any such transfer of
personal information, Tickets.com, LLC and its controlled U.S. subsidiaries
(i.e., TDC Tickets Holdings,
LLC, Tickets.com Holding, LLC, and Tickets.com Services, LLC) (Section 12
herein, collectively “Tickets.com”) will comply with the EU-U.S., the UK Extension to EU-U.S. and the
Swiss-U.S. Data Privacy Framework as specified herein.
As specified in Section 10
above, if you are a resident of the EEA, U.K., or Switzerland, you have certain
rights under applicable law, including,
(i)
the opportunity to access your personal information that
the Company holds and the right to be able to correct, amend, or delete that
information where it is inaccurate, or has been processed in violation of the DPF
Principles, except where the burden or expense of providing access would be
disproportionate to the risks to the individual’s privacy in the case in question,
or where the rights of persons other than the individual would be violated;
(ii)
the opportunity to choose (i.e., opt out) whether your personal
information is (i) to be disclosed to a third party
or (ii) to be used for a purpose that is materially different from the
purpose(s) for which it was originally collected or subsequently authorized by
the you;
(iii)
obtaining your affirmative consent (i.e.,
opt-in) if any sensitive information (i.e., personal information specifying
medical or health conditions, racial or ethnic origin, political opinions,
religious or philosophical beliefs, trade union membership, information
specifying the sex life of the individual or any personal information received
from a third party where the third party identifies and treats it as sensitive)
is to be (i) disclosed to a third party or (ii) used
for a purpose other than those for which it was originally collected or
subsequently authorized by you through the exercise of opt-in choice.
To exercise these privacy
rights, please click here or
contact the applicable data controller as specified in Section 14 at the end of
this Privacy Policy.
EU-U.S., UK Extension to EU-U.S. and Swiss-U.S. Data Privacy Framework
Tickets.com, LLC and its controlled U.S.
subsidiaries (as defined herein, “Tickets.com”) complies with the EU-U.S. Data Privacy
Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S.
Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of
Commerce. Tickets.com has certified to the Department of Commerce that it
adheres to the Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from
the European Union in reliance on the EU-U.S. DPF and from the United Kingdom
(and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Tickets.com has certified to the U.S.
Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework
Principles (Swiss-U.S. DPF Principles) with regard to
the processing of personal data received from Switzerland in reliance on the
Swiss-U.S. DPF. If there is any conflict
between the terms in this privacy policy and the EU-U.S. DPF Principles and/or
the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework
(DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF and
the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Tickets.com commits
to resolve DPF Principles-related complaints about our collection and use of
your personal information. EU and UK and
Swiss individuals with inquiries or complaints regarding our handling of
personal data received in reliance on the EU-U.S. DPF and the UK Extension to
the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Tickets.com at:
Tickets.com, LLC
Attn: Global Privacy
Administrator
2100 East Grand Ave Suite 600
El Segundo, CA 90245
USA
In compliance with the EU-U.S. DPF and
the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Tickets.com commits
to refer unresolved complaints concerning our handling of personal data in
reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the
Swiss-U.S. DPF to International Center for Dispute Resolution (“ICDR”), the international division of
the American Arbitration Association, an alternative dispute resolution
provider located in the United States. If
you do not receive timely acknowledgment of your DPF Principles-related complaint
from us, or if we have not addressed your DPF Principles-related complaint to
your satisfaction, please visit ICDR at: https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of ICDR are provided at no cost
to you. To
the extent practicable, hearings will be conducted via telephone or other
electronic means intended to facilitate a hearing forum. Any in-person arbitration proceeding will take
place in New York, New York, USA. Upon conclusion of the arbitration, any court
having jurisdiction over the matter may enter judgment on any award issued in
the arbitration.
As explained in this Privacy Policy, Tickets.com sometimes provides
personal information to third parties to perform services on our behalf. If we transfer personal information received
under the DPF Principles to a third party, the third party's access, use, and
disclosure of the personal data must also be in compliance
with our DPF obligations, and we will remain liable under the DPF for
any failure to do so by the third party unless we prove we are not responsible
for the event giving rise to the damage.
As further explained in the DPF Principles, you have the
possibility, under certain conditions, to invoke binding arbitration to address
residual complaints regarding DPF compliance not resolved by any of the other
DPF mechanisms; see DPF Annex I for additional information at: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2. The Federal Trade Commission
has jurisdiction over Tickets.com’s compliance with the EU-U.S. Data Privacy
Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the
Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
13.
Changes to Privacy Policy. Company reserves the right to change this
Privacy Policy from time to time. The most current version of the policy will
govern our use of your personal information. In the event that Company, at its
sole discretion, determines that updates to the Privacy Policy constitute a
material change, we may inform you of such changes in a notice published via
the Company Services or send an email to the email address associated with your
User account. Notwithstanding the foregoing, Company
is under no obligation to notify a User regarding changes to this policy, and
thus Users should periodically visit this page to review the then current
Policy to which you are bound.
14.
Data Controllers, Privacy Questions; Contact Us. In cases where the company processes your
personal data on behalf of our Event Host clients, the Event Host client will
be a data controller of your personal information and you should contact the
Event Host directly with respect to your personal information under their
control. With respect to your personal
information controlled by Company, the applicable Company data controller
varies by where you reside as follows:
·
All countries in the
European Union (except Germany), Tickets.com Ltd., The Mezzanine, CBXII West, 380
Midsummer Boulevard, Milton Keynes, Buckinghamshire, MK9 2EA, United Kingdom
·
Germany, Tickets.com
GmbH, Marienstrasse 19-20, 10117, Berlin,
Germany
·
Australia, New Zealand
and Malaysia, Tickets.com Pty Ltd., Suite 8, iC
Enterprise 1, Innovation Campus, Squires Way, North Wollongong NSW 2500,
Australia
·
All other countries,
Tickets.com, LLC, 2100 East Grand Ave Suite 600, Suite 250, El Segundo, CA 90245,
USA
Your data controller is
responsible for the collection, use, discloser, retention
and protection of your personal information in accordance with this Privacy
Policy, as well as applicable national laws.
Pursuant to this Privacy Policy and applicable laws, your data
controller may transfer data to other members of the Tickets.com corporate
family. If you have any questions or
concerns about this Privacy Policy or our global privacy processes, you may
write to your data controller at the addresses provided above or direct your
inquiry about the information that we collect, your privacy or our security
measures to:
Tickets.com, LLC
Attn: Global Privacy
Administrator
2100 East Grand Ave Suite 600
Suite 250
El Segundo, CA 90245
USA
Phone: +1- 800-303-8368
Upon
receipt of any complaint, Company will commence an investigation into your
complaint. You will be informed of the
outcome of your complaint within a reasonable period of time
following completion of the investigation.