Thank you for your confidence in choosing Ticketninja to organize and run your event. Below we would like to draw your attention to the privacy requirements of the operation of Ticketninja. The framework for the protection of personal data is contained in Act CXII of 2011 on the Right to Information and the Freedom of Information. and Regulation 2016/679 of the European Parliament and of the Council (EU) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Regulation 95/46 / EC (General Data Protection Regulation, GDPR). Our company strives to ensure that the products we develop also provide all the features that may be required to comply with GDPR.
What is Personal Information?
Personal Data Any data relating to an identified or identifiable natural person (data subject). For example, personal information includes your name, address, date of birth, the content of the message sent to us, or the details of your order.
Non-natural person data is not considered personal data. That is, information about a company, institution, public office, association (such as company name, contact information, or order information from a company) is not covered by personal data. Also excluded is data where the data subject is not identifiable, ie anonymous or statistical data.
Who is the data controller and who is the data processor?
According to the GDPR, it is the data controller who determines the purposes and means of the processing of personal data, individually or jointly with others. In the case of Ticketninja, your company / institution qualifies as a data controller when collecting, using or transmitting personal data of users. As a result, it is your responsibility and responsibility to properly configure the system, properly inform the stakeholders (whose personal information is processed by the system), and make and obtain the necessary statements of consent.
Please note that the user data stored in the system and the data requested and provided by you for your event are also used by Szintézis-Net Kft., Therefore they are also considered as data controllers for certain data. Synthesis-Net informs users about this fact and about data management on Ticketninja’s website.
According to the GDPR, a data processor is the person who handles personal data on behalf of the data controller. Szintézis-Net Kft. Shall be considered as a data processor in the course of its operation, if it carries out data processing operations on your behalf (read, store, transmit, analyze, delete or modify them) on personal data. In this capacity, Szintézis-Net Kft. Hereby certifies that in the course of the processing of personal data, it shall act in accordance with the applicable data protection laws, and shall at all times ensure the confidentiality, integrity and availability of the personal data. Operations on personal data shall be carried out only on the instructions of the sponsor, and personal data obtained in the course of this activity shall be deleted immediately after the successful completion of the activity, unless it is no longer needed.
Organizing tasks in the Ticketninja system
Information and consent
Organizers are required to inform participants about the data management that is specifically requested from users in addition to user registration. If such additional information is required for the organization, successful conduct of the event, or the participation of the user (eg, the user responds to and submits to several parallel programs), the user is only required to be informed of such data management without consent; as data processing is necessary here for the proper performance of the contract. Any request for information other than for the purpose of the event or appropriate participation requires the explicit, informed and informed consent of the user. The user can also express his consent by checking the checkbox.
Please note that in the case of consent based data processing, consent can only be legally given through one explicit, actionable act. “No protest” and the pre-ticked checkbox do not constitute legal consent. You may not be required to consent to the management of optional data beyond what is required to provide the service.
The Organizer may use personal data provided by users only for the purpose for which they have been provided and for which the Organizer has previously informed them. Inform users of any use other than the original purpose
Duration of data storage
The organizer may only store user-provided data for the purpose of organizing the event for as long as is necessary for the original purpose of data management (event organization, conducting, billing, etc.). After that, the organizer is obliged to destroy the personal data obtained.
The Organizer shall take appropriate organizational and technical measures to protect the confidentiality, integrity and availability of the personal data in its possession from any intentional or negligent human behavior, omission, malicious act, unavoidable external circumstance, elemental strike or other event. Users should, however, be aware that any network, server, database, internet or email connection may not be completely free from any errors that may occur and should pay special attention to this when publishing personal information.