Privacy Terms

This Privacy Policy was last updated on January 23, 2024..

Ingresse Ingressos para eventos Espanha Sociedade Limitada (“Ingresse” or “we”) is committed to your privacy. The protection of privacy and personal data reflects our values and reaffirms our commitment to continuous improvement of the effectiveness of data protection process. Therefore, we present this privacy policy (“Privacy Policy”), the purpose of which is to inform, in a simple and transparent way, the way in which personal data are processed by the personal data subjects who acquire or may acquire tickets in our platform (“Customers” and “Potential Customers” respectively, or simply “you”), from collection to disposal. Ingresse Platform means the website and application used to provide the companies’ services to you (“Platform”).

It is important that you read and understand these rules, which should be interpreted jointly with other applicable provisions, especially those arising from the legislation in force in Spain, including the General Data Protection Regulation (Regulation EU 2016/679 or “GDPR”) and the Ley de Protección de Datos Personales y garantía de los derechos digitales (Ley 3/2018).

THIS PRIVACY POLICY SHALL APPLY AS FROM ANY USE OF OUR PLATFORM OR OUR SERVICES. PLEASE READ IT CAREFULLY AND MAKE SURE YOU KNOW THE PROVISIONS BELOW, BEFORE USING OUR PLATFORM AND OUR SERVICES.

TABLE OF CONTENTS

1. WHICH PERSONAL DATA ARE COLLECTED?

2. FOR WHAT PURPOSES DO WE COLLECT YOUR DATA AND WHAT IS THE LEGAL BASIS FOR PROCESSING?

3. WHO CAN DATA BE SHARED WITH?

4. HOW LONG DO WE STORE YOUR PERSONAL DATA?

5. YOUR RIGHTS

6. HOW DO WE PROTECT YOUR PERSONAL DATA?

7. PERSONAL DATA INTERNATIONAL TRANSFERS 

8. COOKIES 

9. LINKS TO THIRD PARTY PAGES

10. CHANGES TO THIS PRIVACY POLICY

11. IDENTIFICATION OF THE CONTROLLER AND OFFICER

1. WHICH PERSONAL DATA ARE COLLECTED?

  • Contact or Identification Registration Data: you will provide us with your personal data for registration, which include: full name, telephone number, date of birth, nationality, gender identity, legal identification document number issued by the government of your country and email. You can also register on the Platform with your account details available on other digital platforms that may be indicated at the time of registration;

  • Location Data: we may collect other data that helps us identify you, such as: address, device geolocation (city and state) and/or IP number;

  • Financial and Purchase Data: we may process bank details, payment details (including credit card photo), ticket purchase details (such as transaction ID). Data may also be collected from a third party owner of the payment method used to purchase a ticket on the Platform.

  • Your Preferences: We may process data related to personal interests (for example, events in which you are interested), ticket data that has been or will be purchased, events added to the shopping cart, direct interactions with Ingresse (email, inquiries and contact us), photo (selfie), if necessary; and

  • Consent: to collect and process your personal data, you will need to give your consent to Ingresse on the user registration page.

2. FOR WHAT PURPOSES DO WE COLLECT YOUR DATA AND WHAT IS THE LEGAL BASIS FOR PROCESSING?

Your personal data collected are stored and processed by us for the purposes listed below, justified by one of the legal events provided for in personal data protection legislation. We will process your personal data to:

  • make your registration on our Platform.

  • enable the purchase of tickets on the Platform. In this sense, we will be able to:

  • Allow your purchase transactions, based on your registration, to occur;

  • Get in touch to inform you that payment for a purchase in processing is pending;

  • Receive payment and sell physical tickets.

  • checking and preventing the occurrence of frauds. In this sense, we will be able to:

  • Suspend or block a transaction, for purposes of preventing occurrence of frauds when purchasing tickets on our Platform;

  • Check the match between the data used for the purchase and your identity;

  • Check the occurrence of frauds in purchases, after detecting indications;

  • Carry out quality control of the fraud prevention process, in addition to making the last risk check of operations;

  • Check the match between the credit card details used to purchase on the Platform and the physical credit card details presented by you.

  • provide services to you. In this sense, we will be able to:

  • Make refunds requested by you;

  • Transfer tickets between your account and the account of other Customers;

  • Provide technical support when you report problems accessing some functionality of our Platform or need information about a purchased ticket;

  • Enable producers to contact you, inside or outside our Platform;

  • Confirm your identity for purposes of approving changes to your registration or making a refund;

  • Respond to your requests made through the contact Platform available on our website or by email;

  • Take measures to enable your access in case you are having problems with the two-factor authentication via telephone.

  • carry out activities relevant to the conduct of our activities. In this sense, we will be able to:

  • Control and even allow access to the event, whether through turnstiles or manually;

  • Announce promotions and events published on our Platform;

  • Develop our products and services that involve partnerships with brands and companies that want to interact with you to make offers or carry out activation campaigns whenever this is related to the interests that you have clearly demonstrated and are previously approved by you;

  • Send newsletter and other advertising materials;

  • Manage transaction track records and entries to events;

  • Perform metrics, including for purposes of providing solutions and/or improvements in our activities;

  • Send updates about events for which tickets were purchased through the Platform; and

  • Send institutional communications regarding cancellations, postponements and other relevant changes to events whose tickets were sold on the Platform.

  • whenever necessary, enable producers and partners to conduct events and develop activities with us (whenever possible, we send these data in an aggregated form to producers, so that they cannot identify you directly). In this sense, we will be able to:

  • Provide technical support to producers selling tickets to events on our Platform;

  • Provide information to producers, regarding the marketing metrics sent to you;

  • Allow producers’ access to information regarding events;

  • Send a report on the event statistics to the producer.

The data identified above will be processed based on Ingresse’s lawful interest and your consent to enable the purchase of the ticket, you to have due support in case of need for service and be able to join the event, as well as monitor and prevent fraudulent and malicious activities. Hence, you allow Ingresse to successfully offer the event experience purchased on our Platform. In addition, the lawful interest also has a legal basis to internally analyze the information on the Platform, to monitor the performance of the website, enabling an improvement in the provision of the service through updates.

3. WHO CAN DATA BE SHARED WITH?

We may share your personal data with third parties or business partners and will do so to enable our services, to meet our or a third party’s lawful interest (in which case, provided that your rights are respected), comply with legal or regulatory obligations, defend our rights and in other situations authorized by law.

Said sharing occurs based on the following criteria and for the purposes described below.

  • Service providers. Service providers work with us to facilitate our activities, as well as to improve them. The purposes for which we share data with service providers include: (i) management of Ingresse’s operational and marketing emails, (ii) management of our database, (iii) creation of Ingresse’s marketing actions; (iv) door operation at events; and (v) enabling ticket verification at integrated turnstiles, through APIs.

  • Vendors for fraud checking. Fraud solution providers provide services and provide systems that help us check the occurrence of fraud when purchasing tickets on the Platform. The purposes for which data are shared with suppliers include: (i) carry out fraud analyses in general, including by crossing your data with databases from legitimate and public sources; (ii) assessment of your identity match; and (iii) implementation of security procedures to check the authenticity of credit cards.

  • Event producers. Producers organize the parties and events for which you buy tickets on our Platform. The purposes for which we share data with producers include: (i) make relevant data available for the producer's conduction/organization of the event; (ii) data analysis for intelligence purposes (e.g., so that the producer can better understand the audience of a given party, the main moments of ticket sales, among other situations). Whenever possible, we send these data in aggregate form to producers, so they cannot identify you directly); (iii) enabling direct contact between producers and you, if necessary; (iv) solve problems that require data transmission (for example, when there is a technical error with your ticket and we need to find other ways to ensure your access to the event); and (v) confirmation of the ticket sold to you.

  • With purchasers. Purchasers are entities that accredit companies to accept payment instruments (such as credit cards and debit cards) and, among other activities, participate in the intermediation, processing and settlement of payment transactions carried out on our Platform. The purposes for which we share data with acquirers include: (i) performance of contractual obligations; (ii) making refunds according to our policies; (iii) assistance with measures to combat fraud; and (iv) confirmation of ticket payment.

  • Authorities. Authorities are the public entities with which we interact within the scope of our activities, due to some legal or regulatory requirement. The purposes for which we may share your personal data with authorities include: (i) compliance with a judicial or administrative requisition according to the law; and (ii) defending our interests in the context of legal, administrative or arbitration actions.

  • Group Companies: we may provide and share your personal data with Ingresse Group companies for purposes of processing these data on our behalf to provide services to you, and the processing will be carried out in accordance with the bases of this Privacy Policy.

    If it is necessary to share data with a third party or for other data processing actions not covered by Ingresse’s lawful interests, we will request your specific consent for such Platform event before purchasing the ticket.

4. HOW LONG DO WE STORE YOUR PERSONAL DATA?

We store and maintain your data: (i) for the time required by law; (ii) until the end of the personal data processing, as mentioned below; or (iii) for as long as necessary to preserve our lawful interest (such as, for example, during applicable limitation periods or for compliance with a legal or regulatory obligation).

The end of personal data processing will occur upon verification:

  • That the purpose for which the data were collected has been achieved or that the personal data collected are no longer necessary or relevant for achievement of the intended specific purpose;

  • Your statement in this regard, in cases where we receive your specific consent for certain personal data processing; or

  • Legal determination to that effect.

In such cases of personal data processing termination, except for events established by applicable law or by this Privacy Policy, personal data will be deleted of anonymized.

5. YOUR RIGHTS

You have rights in relation to your personal data, which rights are ensured and include:

  • Possibility of confirming the existence of, and easy access to, information regarding personal data processing. Upon sending a request, you will receive confirmation of the existing processing of your personal data and, when applicable, explanations about the processing activities, pursuant to applicable legislation;

  • Access to personal data. You may request access to your personal data collected and stored with us;

  • Correction of incomplete, inaccurate, or outdated data. You may, at any time, change and edit your personal data by logging into your account or by contacting us;

  • Data on shared use of data. Information about sharing personal data can be found in this Privacy Policy.

  • Automated decision review. You may request a review of decisions made solely based on automated personal data processing that affect your interests, including decisions intended to check, for example, the presence of fraud in the approval of your purchases on our website;

  • Deletion, anonymization and blocking of personal data. You may request the deletion, anonymization and blocking of personal data collected by us, including as from your consent (where applicable), at any time, upon free and facilitated request. The deletion, anonymization or blocking of personal data may only be completed for personal data that are excessive or not necessary for us to comply with legal and contractual obligations, to protect your legitimate interests and in other cases allowed in law;

  • Revocation of consent. We will collect your consent in very limited cases. Even so, when applicable, you may revoke the consent you have given to Ingresse to process your personal data for certain purposes, at any time, upon free and facilitated declaration through the channel to be indicated when consent is collected. It is important to inform that the processing carried out prior to revocation of consent are ratified and the requested revocation will not imply the deletion of previously processed personal data and which are maintained by us based on other legal grounds.

To exercise the rights set out above, send an email to dpo@ingresse.com.

6. HOW DO WE PROTECT YOUR PERSONAL DATA?

We take our duty to protect the data you entrust to us against accidental or unauthorized alteration, loss, misuse, disclosure or access very seriously. We use several security technologies and technical and organizational measures to help protect your personal data against these incidents, such as imposing access restrictions to personal data only to those employees who have a real need to access them and restricting access and use of personal data depending on when they were collected.

7. PERSONAL DATA INTERNATIONAL TRANSFERS

Within the purposes explained to you in item (2) above, it may be necessary to transfer some of your personal data to service providers or partners located abroad, including cloud service providers. In this case, we will take appropriate measures to ensure adequate protection of your personal data according to requirements of applicable data protection legislation, including the execution of data transfer agreements with third parties for your personal data, where necessary.

In this sense, your personal data being collected may be transferred and stored in destinations outside the European Economic Area (“EEA”), so that laws on data processing may be less restrictive than in your country. However, we inform that we value appropriate security measures to respect your privacy rights, ensuring a similar level of protection regardless of where they are transferred from.

Additionally, when you purchase tickets or register for an event, that event may be organized by an organizer located outside the EEA. When making a purchase for the event located outside the EEA, you expressly agree to the transfer of your Personal Data to the organizer, for purposes of managing your participation in the event.

8. COOKIES

Cookies are small text files sent to the user’s computer that serve to recognize, track and store the users Internet browsing. This technology helps us better understand Customer behavior, including for security and fraud prevention purposes. Additionally, cookies help us identify which sections of our websites Customers have visited, and contribute to the effectiveness of advertisements and Internet searches.

Cookies are treated as non-personal data and are divided according to their functions, including functional, analytical and advertising; as well as they are divided according to their stay in the machine, between permanent or session.

Our Platform may use “cookies” that will be sent to your browser and stored on your computer’s disk.

Some cookies are necessary for the Platform to function and to provide our services to you. These cookies are generally set in response to actions you make, such as setting privacy preferences, logging in, filling out forms and selecting a ticket.

Another purpose of cookies is to identify your activities on our Platform. These cookies help us, for example, to identify especially popular areas of our Platform and your preferences and interests. Based on them, we can adapt the content of our Platform more specifically to your needs and thus improve your experience, and may facilitate your browsing with the characteristics, preferences and quality of the information conveyed to your browsing. These cookies may also be used to send relevant advertising and promotional information to you, for example based on the web pages you have visited, to the extent permitted by applicable law.

Currently, we do not use a technical solution that would allow us to fully respond to “do not track” signals from your browser. However, you can manage your cookie settings in your browser settings at any time. By disabling all cookies in your browser settings, there is the possibility that certain sections or features of the Platform may not function or may take time to load, as your browser may prevent us from setting necessary cookies.

9. LINKS TO THIRD PARTY PAGES

We may provide links to other pages on the Internet, such as, for example, the websites of event producers or their profiles on social networks. We are not liable for the personal data processing practices of these pages outside the Platform. If you are interested in accessing them, we recommend that you check the respective privacy policies, to be adequately informed about your personal data processing.

10. CHANGES TO THIS PRIVACY POLICY

We reserve the right to correct or update this Privacy Policy from time to time. When we update this Privacy Policy, we will also update the date at the top of this Privacy Policy.

In relevant situations, mainly in the event of changes to the purposes for which the data were collected, we will inform you by email about the changes made. Unless otherwise provided for, the new Privacy Policy will be effective immediately after publication.

11. IDENTIFICATION OF THE CONTROLLER AND OFFICER

Ingresse Ingressos para eventos Espanha Sociedade Limitada, a company registered with the NIF under no. B70640081, with registered office at Calle Poeta Joan Maragall 3 1 I, 28020 Madrid, is the controller of personal data processed within the scope of this Privacy Policy for the activities of Ingresse Platform. To contact the personal data processing officer (“Officer”), send an email to dpo@ingresse.com.

In case of doubts, you may:

  • Visit the “Questions Center” of our App; or

  • Send an email to our officer, as indicated above.