fbpx

Privacy Policy

Information Clause – GDPR-Compliant Privacy Policy

Dear User!

We care about your privacy and want you to feel comfortable while using the services offered on our website. Therefore, below we present the most important information about the rules for processing your personal data and cookies that are used by our Service.

This information has been prepared in accordance with the GDPR, the General Data Protection Regulation.

This policy applies to the process of purchasing tickets, vouchers, and passes on the website.

PERSONAL DATA ADMINISTRATOR

The administrator of the Customer’s personal data, within the meaning of the provisions of generally applicable law, regarding the Customer’s personal data, is the Seller.

The registration and contact details for the Seller can be found in the store element, including in the footer of the Sales Panel.

PERSONAL DATA, PURPOSES OF PROCESSING, LEGAL BASIS FOR DATA PROCESSING, PROCESSING PERIOD

Personal data, in particular name, surname, email address, and possibly telephone number, will be processed by the Seller and duly authorized processing entities solely for the purpose of providing services and fulfilling obligations towards the Customer, enabling the realization of rights arising from the Entry Ticket, explaining the circumstances of any misuse of services inconsistent with the Regulations or applicable laws, and handling any complaints. The subject, scope, nature of processing, type of personal data, and categories of persons concerned, as well as all data required by generally applicable law, are specified in Annex No. 1;

If the Customer gives consent by selecting the appropriate box during purchase, the Seller may process the Customer’s personal data for marketing purposes and send commercial information to the email address. Consent to the processing of data for marketing purposes and sending commercial information may be withdrawn by sending an appropriate message to the Seller’s email address.

DATA PROCESSING

While processing your personal data, we use organizational and technical measures in accordance with applicable law (especially the GDPR), including encrypting the connection using an SSL certificate.

PROVIDING DATA

Providing data is voluntary but necessary for the provision of services. The Customer, whose data is concerned, has the right to control the processed data by obtaining information regarding the processing of personal data, requesting supplementation, updating, rectification of personal data, the right to submit a written request to cease processing, and to be forgotten. For this purpose, the Customer should contact the Seller in writing via email to the address visible in the footer of the Sales Panel.

If you believe that your data is being processed unlawfully, you can lodge a complaint with the supervisory authority.

The Seller is not responsible for the consequences of providing false or incorrect data by the Customer, if, despite the Seller’s due diligence, it is not possible to contact the Customer.

DATA RECIPIENTS (ENTITIES WHOSE SERVICES WE USE)

In connection with the ticket, voucher, and pass sales service, we use the services of other entities that provide services supporting our activities. Thus, your data may be transferred solely for the purposes specified in this policy:

  • companies providing us with sales software,

  • the payment platform provider through which you can pay for our services,

  • the provider of the invoicing software,

  • entities providing accounting and bookkeeping services,

  • In the case of sending you a parcel by traditional mail: the courier/postal service company.

In the case of sending you system and educational communications, as well as marketing content electronically:

  • entities providing software for sending marketing messages, especially within the newsletter service.

Your data may also be processed by entities outside the European Union based on Article 49(1)(b) and (c) of the GDPR. The appropriate level of protection for your data, including through the use of appropriate safeguards, is ensured by the inclusion of Standard Contractual Clauses with these entities.

The Seller may provide the company responsible for IT services related to issuing, maintaining, and ensuring access to e-receipts with the Customer’s phone number, which may be processed for the purposes of:

  1. verifying whether a given phone number has been registered in the company’s own products that provide access to e-receipts, and in the case of positive verification, providing the Customer with e-receipts and additional information related to the issuing process within these products

  2. sending SMS and other notifications to Customers confirming the issuance of an e-receipt to the company’s IT system managing e-receipts.

PROFILING

In the Service, we do not conduct profiling that would result in decisions that have legal effects on you or similarly significantly affect you.

COOKIES

The Service does not automatically collect any information, except for information contained in cookies.

Cookies are IT data, in particular text files, which are stored in the User’s terminal equipment and are intended for the use of the Service’s web pages. Cookies typically contain the name of the website from which they originate, the storage time on the terminal equipment, and a unique number.

Cookies are used for the following purposes:

  • adjusting the content of the Service’s web pages to the User’s preferences and optimizing the use of the web pages; in particular, these files allow the recognition of the User’s device and properly display the web page, tailored to their individual needs;

  • creating statistics that help to understand how Users use the Service’s web pages, which enables improving their structure and content;

Within the Service, two basic types of cookies are used: “session” cookies and “persistent” cookies. “Session” cookies are temporary files stored on the User’s device until they log out, leave the web page, or turn off the software (web browser). “Persistent” cookies are stored on the User’s device for the time specified in the cookie parameters or until the User deletes them.

The following types of cookies are used within the Service:

  • “necessary” cookies, enabling the use of services available within the Service, e.g., authentication cookies used for services requiring authentication within the Service;

  • cookies used to ensure security, e.g., used to detect abuses in the field of authentication within the Service;

  • “performance” cookies, enabling the collection of information about the use of the Service’s web pages;

In many cases, the software used for browsing websites (web browser) by default allows the storage of cookies on the User’s terminal equipment. Users of the Service can change the settings regarding cookies at any time. These settings can be changed, in particular, to block the automatic handling of cookies in the web browser settings or to inform about them each time they are placed on the User’s device. Detailed information about the possibilities and methods of handling cookies is available in the software (web browser) settings.

The Service Operator informs that restrictions on the use of cookies may affect some functionalities available on the Service’s websites.

More information about cookies is available at http://pl.wikipedia.org/wiki/Ciasteczko.

Google Analytics

The Service uses cookies for monitoring website traffic, i.e., data analytics, including Google Analytics cookies belonging to Google Inc. (1600 Amphitheatre Parkway, MountainView, CA 94043, USA), hereinafter referred to as Google. Cookies are stored on the User’s computer and then transferred to Google servers in the USA, where they are stored. They are used to distinguish users for the purpose of collecting information about visits to the website and monitoring the query rate in relation to their own servers. The cookies installed by Google Analytics do not allow for personal identification of the User, as no information or personal data is tracked. Moreover, Google Analytics uses cookies that allow displaying personalized ads on other websites, conducting marketing campaigns that are more interesting to users.

Google does not use the collected data to identify the Service User, nor does it combine this information to allow identification. The website uses IP anonymization, which means that within member states of the European Union or other states that are parties to the Agreement on the European Economic Area, the User’s IP address will be previously shortened by Google. The full IP address is transmitted to Google’s server in the USA and shortened there only in exceptional cases. Regarding exceptional cases where personal data is transferred to the USA, Google is certified under the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. This means that this entity has committed to comply with the data protection principles applicable in the European Union.

Detailed information on the scope and rules for collecting data related to this service can be found at: https://www.google.com/intl/pl/policies/privacy/partners.

The legal basis for using Google Analytics is Article 6(1) sentence 1 letter f of the GDPR, which is the legitimate interest of the Administrator in conducting analysis and statistics.

Choosing the appropriate settings in the browser allows you to prevent the use and storage of cookies on the devices used by the Service User while browsing the Service. However, we inform you that this may prevent you from using all the functions of the Service. You can also block the storage and processing by Google of data generated by cookies related to the use of the website (including the user’s IP address). To do this, you need to download and install browser plugins available at the following link: Google Analytics Opt-out Browser Add-on

Changing cookie settings

In general, web browsers, as well as other software installed on a computer or other device connected to the network, by default allow the placement of cookies on such a device. As a result, they enable the collection of information about people visiting the Service. However, by changing the web browser settings, the consent to use cookie technology may be modified or revoked by the Service User at any time. This means that the Service User can, for example, partially restrict the storage of Cookies on their device or completely disable this possibility. The Administrator informs, however, that restricting or preventing the use of cookies may affect some functionalities available on the Store’s website.

Detailed information on changing settings for cookies and their independent removal in the most popular web browsers is available in the web browser’s help section and on the following pages:

If you do not disable the use of cookies in the browser settings, it means that you agree to their use.

In our Service, we use two types of cookies:

  • session – remain on your device only during the use of the Service,

  • permanent – remain on your device for as long as the lifespan set for them or until you remove them.

 

Annex No. 1 – Detailed purposes and scope of personal data processing

No. Subject Scope Purpose of processing Type of personal data Category of people Storage period
1. Purchase Ticket
  • Names
  • Email addresses
  • Phone numbers
  • Data necessary to issue a VAT invoice
  • Information on service preferences
 Conclusion of the contract between Customer and Seller Regular personal data, in accordance with Art. 4 pt. 1 GDPR Potential customers of the Seller Period necessary to provide the service
2. Provision of service for which the Ticket was purchased
  • Names
  • Email addresses
  • Phone numbers
  • Data necessary to issue a VAT invoice
  • Information on service preferences
 Implementation of the contract with the Customer Regular personal data, in accordance with Art. 4 pt. 1 GDPR Customers of the Seller Period necessary to provide the service
3. Consideration of complaints or refund requests
  • Names
  • Email addresses
  • Phone numbers
  • Data necessary to issue a VAT invoice
  • Information on service preferences
 Handling complaints and refunds Regular personal data, in accordance with Art. 4 pt. 1 GDPR Customers of the Seller Period necessary to provide the service
4. Purchase Ticket
  • IP Address
  • Information on service preferences
 Legitimate interest of the Administrator in conducting analysis and statistics Regular personal data, in accordance with Art. 6(1) sentence 1 letter f GDPR Customers of the Seller Period necessary to provide the service
5. Responding to inquiries
  • Names
  • Email addresses
  • Phone numbers
  • Content of the inquiry
 Responding to inquiries Regular personal data, in accordance with Art. 4 pt. 1 GDPR and special category personal data referred to in Art. 9 pt. 1, in relation to the content of the inquiry Persons who contacted via form, email, or phone Period necessary to provide the service
6. Sending proposals for the purchase of ticketed services and information about events and promotions
  • Names
  • Email addresses
  • Phone numbers
  • Data necessary to issue a VAT invoice
  • Information on service preferences
 Conclusion of the contract between Customer and Seller Regular personal data, in accordance with Art. 4 pt. 1 GDPR Persons who consented to receive information Until withdrawal