Privacy Policy
This Privacy Policy explains how Entrytickets processes personal data through its websites, ticket shops, organiser dashboard, ticketing services and Entrywallet services.
Laatst bijgewerkt
Entrytickets
Kuringersteenweg 46
3500 Hasselt
Belgium
Company number: BE 0870.784.044
Email: privacy@entrytickets.be
General contact: hello@entrytickets.be
1. Who does this Privacy Policy apply to?
This Privacy Policy applies to people who use our services, including:
- ticket buyers and event visitors;
- participants using Entrywallet or electronic consumption cards;
- organisers and their staff;
- users of the Entrytickets dashboard;
- people who contact our support team;
- visitors to our website.
Our services are used by organisers to manage events, sell tickets, provide visitors with access and, where applicable, enable cashless payments through Entrywallet.
2. Our role and the role of the organiser
For ticket sales and event management, Entrytickets often processes personal data on behalf of the organiser.
For event-specific data of ticket buyers, visitors and participants, the organiser is generally the data controller. The organiser determines, among other things, which event is organised, which tickets are sold, which additional questions are asked and how visitor data is used for the event.
Entrytickets processes this data as a data processor for the organiser, where we process the data to provide ticketing, access control, reporting, support and event management services.
Entrytickets is also a data controller for limited processing activities that are necessary for our own operations, such as:
- platform security;
- fraud prevention;
- payment processing;
- invoicing and accounting;
- support;
- legal obligations;
- dispute management;
- management of our website and systems.
For Entrywallet, Entrytickets/Datatim is the data controller for the operation, security and administration of the Entrywallet platform, including wallet accounts, balances, top-ups, transactions, refunds, card management, fraud prevention, settlements and legal or accounting obligations. The organiser remains responsible for the event, the sale of consumptions and its own use of participant data.
Entrytickets does not use ticket buyer, visitor or participant data for its own direct marketing, unless the person has separately and explicitly consented to this.
3. What personal data do we process?
Depending on the service, we may process the following personal data.
3.1 Ticket buyers and event visitors
We may process the following data:
- first name and last name;
- email address;
- phone number;
- language preference;
- ordered tickets, ticket types, quantities and ticket codes;
- event name, date, location and organiser;
- payment status, payment method, transaction reference and refund information;
- invoicing details, such as name, address, company number, VAT number or Peppol details when an invoice is requested;
- data additionally requested by the organiser, such as meal preference, team name, membership number or other event-specific information;
- communication with support.
The organiser is responsible for any additional questions it asks through the platform. Organisers may only request data that is necessary and relevant for their event.
3.2 Entrywallet users and participants
When Entrywallet or electronic consumption cards are used, we may process, among other things, the following data:
- identification details needed for activation, support or refund;
- unique identification number of the consumption card;
- balance of the consumption card;
- top-ups, payments, refunds and transaction history;
- data about loss, blocking, deactivation or replacement of a card;
- technical data needed to process transactions securely.
A physical chip card does not store a full set of personal data. Where necessary, only a unique identification number is used to make the card function technically.
3.3 Organisers and dashboard users
We process data of organisers and their staff, such as:
- name, role and contact details;
- company name, address, company number, VAT number and invoicing details;
- IBAN and payment details for payouts;
- login and account details;
- rights and roles within the dashboard;
- data about sold tickets, balances, transactions, refunds and reports;
- information needed for registration, verification, fraud prevention, payment and compliance.
3.4 Website and technical data
When using our website and systems, we may process technical data, such as:
- IP address;
- browser and device data;
- log files;
- date and time of use;
- cookie data;
- security logs;
- error messages and technical diagnostic data.
4. Why do we process personal data?
We only process personal data when there is a valid reason and legal basis.
| Purpose | Examples | Legal basis |
|---|---|---|
| Ticket sales and reservations | processing orders, delivering tickets, enabling access | performance of a contract, legitimate interest, or processing on behalf of the organiser |
| Event management | participant lists, ticket checks, communication about the event | performance of a contract, legitimate interest, or processing on behalf of the organiser |
| Entrywallet | activating cards, managing balances, processing top-ups, payments and refunds | performance of a contract, legitimate interest |
| Payments | payment status, refunds, chargebacks, fraud prevention | performance of a contract, legal obligation, legitimate interest |
| Invoicing and accounting | invoices, Peppol, tax administration | legal obligation |
| Support | answering questions, resending tickets, solving issues | performance of a contract, legitimate interest |
| Security | detecting misuse, fraud, suspicious transactions and technical incidents | legitimate interest, legal obligation |
| Dashboard for organisers | account management, reporting, data export | performance of a contract |
| Entrytickets marketing | newsletters or commercial communication from Entrytickets | consent or, where legally permitted, legitimate interest |
| Analytics and improvement | fixing errors, improving performance, measuring use | legitimate interest or consent for non-essential cookies |
| Legal defence | complaints, disputes, debt collection, legal claims | legitimate interest, legal obligation |
Where Entrytickets acts as a processor for the organiser, the organiser determines the legal basis for the processing. Entrytickets then processes the data according to the organiser’s instructions.
5. Marketing
Entrytickets does not use ticket buyer, visitor or participant data for its own direct marketing, unless the person has separately consented to this.
Organisers may send their own communications to their visitors or participants. The organiser is responsible for the lawfulness of that communication and for its own privacy policy.
When you receive commercial communication from Entrytickets, you can unsubscribe at any time via the link in the email or by contacting privacy@entrytickets.be.
6. Payments and payment service providers
For payments, top-ups, refunds and chargebacks, we use external payment service providers, acquirers, banks or card networks.
These parties may process data such as:
- payment method;
- amount;
- currency;
- transaction reference;
- payment status;
- refund or chargeback information;
- technical data for fraud prevention and security.
Payment service providers may act as independent data controllers for their own legal, compliance, fraud prevention and payment obligations. They may also act as processors where they process data strictly on behalf of Entrytickets or the organiser.
When payment details are entered directly into the payment environment of a payment service provider, those details are processed according to that provider’s terms and privacy policy.
7. With whom do we share personal data?
We only share personal data where necessary for our services, legal obligations, security, support or with consent.
Personal data may be shared with:
- the organiser of the event;
- staff or authorised users of the organiser;
- payment service providers, acquirers, banks and card networks;
- hosting, cloud and infrastructure providers;
- email, SMS and communication providers;
- support and ticketing tools;
- Peppol, invoicing and accounting partners;
- IT and security providers;
- professional advisers, such as accountants, lawyers or auditors;
- public authorities, regulators, courts or police services where legally required or necessary to defend rights.
We do not sell personal data to third parties.
Organisers may access data of ticket buyers, visitors or participants of their own event through the dashboard. When an organiser exports or further uses data, the organiser is responsible for that further use.
8. Hosting, storage and international transfers
Personal data is stored in secure databases and systems of professional hosting, cloud and IT providers.
Where possible, we process and store personal data within the European Economic Area.
Where personal data is processed outside the European Economic Area, we ensure appropriate safeguards, such as an adequacy decision, standard contractual clauses or other legally permitted mechanisms.
We do not publish technical details about our database infrastructure, server architecture or security configuration, as this could harm the security of our systems and users.
9. Cookies
Our website uses cookies and similar technologies.
Some cookies are necessary for the functioning of the website, dashboard, ticket shop or security of our services. For analytics, marketing or tracking cookies, we request consent where legally required.
10. How long do we keep personal data?
We do not keep personal data longer than necessary for the purposes for which it was collected, unless a longer retention period is legally required or necessary to defend rights.
Our retention periods are determined based on:
- the duration of the event or service;
- the need for support, refunds or complaint handling;
- legal accounting and tax obligations;
- possible disputes or legal claims;
- security and fraud prevention;
- instructions from the organiser where Entrytickets acts as processor.
In general, the following principles apply:
| Data category | Retention |
|---|---|
| Ticket and order data | as long as needed for ticket delivery, event management, support, refunds, disputes and legal obligations |
| Entrywallet data | as long as needed for balances, transactions, refunds, card management, settlements, disputes and legal obligations |
| Invoicing and accounting data | as long as required by applicable accounting and tax law |
| Organiser and contract data | during the cooperation and afterwards as long as needed for administration, legal obligations or disputes |
| Support communication | as long as needed to handle the request and for a reasonable period afterwards for follow-up and evidence |
| Marketing data | until unsubscribe, withdrawal of consent or when the data is no longer needed |
| Technical and security logs | as long as needed for security, incident investigation and fraud prevention |
| Cookies | according to the periods stated in the Cookie Policy |
When data is no longer needed, we delete or anonymise it.
11. Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration or disclosure.
These measures include, among others:
- access control and user rights;
- secure connections where appropriate;
- logging and monitoring;
- limiting access to people who need the data;
- confidentiality obligations;
- backups and continuity measures;
- procedures for security incidents.
No system is completely free of risk. When an incident occurs, we take appropriate measures in accordance with applicable law.
12. Your rights
Under privacy law, you have several rights regarding your personal data.
Depending on the situation, you may ask to:
- access your personal data;
- correct inaccurate data;
- delete data;
- restrict processing;
- object to certain processing;
- transfer your data;
- withdraw consent where processing is based on consent.
You can send your request to privacy@entrytickets.be.
Where your request concerns data for which the organiser is the data controller, we may refer you to the organiser or forward your request to the organiser. Entrytickets will support the organiser where we are legally or contractually required to do so.
To protect your data, we may ask you to verify your identity before handling your request.
Some rights are not absolute. We may refuse a request where we are legally required to keep data, or where the data is needed for the performance of a contract, fraud prevention, security or the defence of rights.
13. Complaints
If you have a question or complaint about the processing of your personal data, please contact us first via privacy@entrytickets.be. We will try to handle your question as quickly and correctly as possible.
You also have the right to file a complaint with the Belgian Data Protection Authority.
Belgian Data Protection Authority
Drukpersstraat 35
1000 Brussels
Belgium
www.gegevensbeschermingsautoriteit.be
14. Automated decision-making
Entrytickets does not make fully automated decisions that have legal effects on you or similarly significantly affect you.
We may use automated technical checks to detect payments, fraud, misuse, security risks or technical issues. This may, for example, lead to an additional check, temporary blocking or refusal of a suspicious transaction.
15. Changes to this Privacy Policy
We may update this Privacy Policy when our services, systems or legal obligations change.
The most recent version is always available on our website. In case of important changes, we may additionally inform users or organisers by email, dashboard notification or a notice on our website.