Information on Tickething Customer Data Processing
Controller: Tickething-Change Kft. Registered seat: 3360 Heves, Hunyadi út 25. Company Registry Number, Place of Registry: Company Registry Court of Heves County Regional Court E-mail: email@example.com Phone: +36 304068886 Tax identification number: HU25566734 (hereinafter referred to as the Controller).
To whom is this information addressed? This information on customer data processing addresses the data procession of all and any natural person partners of our Company who visit all or any of the following webpages: Tickething.hu, Tickething.com, Tickething.at, Tickething.de, Tickething.es and Tickething.fr webpages (hereinafter collectively referred to as Tickething webpages and provide us with their personal data in return for using our services.
Most signifcant legislations applied in our data processing procedure:
"personal data" means any information relating to an identified or identifiable natural person ("data subject"), an identifiable natural person is one who can be identfied, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
"data subject" means an identifiable natural person whose data has been provided (such as the visitor of the webpage, subscriber to the newsletter, job applicant).
"processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
"controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
"data processing" means the performance of technical tasks connected to data processing operations.
"processor" means a natural person or legal person, public authority, agency or other body which processes personal data on behalf (mandate, instruction or decision) of the controller.
"profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
"third party" means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
"consent of the data subject" means any freely given, specific, informed and umambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
PRINCIPLES RELATING TO PROCESSING OF PERSONAL DATA
DATA PROCESSING ACTIVITIES
6.1. Webpage visit In order to prevent misuse and ensure and control the performance of our services, our webpages' visitors' personal data are recorded.
If a visitor visits our webpages, certain data of the device used during the visit will be automatically recorded (e.g.: PC, laptop, phone, notebook) including the exact time and date of the visit, IP address, a webpage from which the visit origins, browser's type, type of the operational system, and the domain name and address of the internet service provider. The webserver of the visited webpage automatically records the data without your declaration or action during the visit, from which the system automatically generates statistical data. This information is used exclusively in consolidated and aggregated form for statistical purposes and to enable us to enhance the user experience and improve the level of our services.
Purpose of our data processing: to control the service and prepare statistics. In case of data breach, the stored data may be used to track down the source of breach in cooperation with the visitors' internet providers and authorities.
Legal basis for data processing: Act CVIII of 2001 on certain issues of electronic commerce services and information society services, §13/A, section 3.
Duration of data processing: it commences with the visit of the webpage and continues until the end of service performance. Data processing terminates should the user claim it in writing.
Most internet browsers automatically consent to cookies, however, the data subjects have the possibility to erase or refuse them. As every browser is unique, it may set its cookie preferences arbitrarily by way of its own devices. Should the user decide to refuse every cookie of the webpage, (s)he can modify the settings of the web browser to be informed of the sent cookie or can simply refuse every cookie. Moreover, the user may erase any cookies stored on his / her computer or mobile device. Please, find further information on settings in the support centre of the browser. However, refusal of all cookies may result in restricted use of the webpage.
Purposes of data processing:
Legal basis for data processing: data subjects' consent to the abovementioned service providers Duration of data processing: There are two types of cookies: session cookies and persistent cookies. Both of them are stored in the browser until they are deleted by the user.
Outer service providers also use web beacons to collect information with regard to evaluating user habits and serving advertisements. The function of web beacons is similar to those of the cookies, however, their refusal is not possible in the browsers.
6.3. Social network cookies
Features of social networks are available on the webpage, too. These features have an operational principle which allows them to read cookies and, in some cases, to place social network cookies on the users' devices. These cookies can make it possible to send targeted advertisement. The Controller has no access to these cookies and the information collected by them. The webpage may contain social network cookies of the following service providers: Facebook - The data protection principles and rules of the service provider can be read here:
6.4. Facebook Tickething is available on Facebook, too. A Facebook user can subscribe to Tickething posts by clicking on the "Like" button on Facebook's Tickething page and can unsubscribe any time by clicking on the "Dislike" button on the same page. The user can also delete any unwanted post on his /her Facebook wall by choosing the appropriate settings on the message board.
Purpose of data processing: to notify the subject of news, products, news from Tickething webpages and to send propagatory articles, documents.
Legal basis of data processing: consent of the subject.
Duration of data processing: Tickething news appears on the data subject's Facebook wall until the data subject consents to it.
Purpose of data processing: to keep contact with the user, to answer questions or to solve the emerging problems.
Legal basis of data processing: consent of the subject.
Categories of processed personal data: name, email address.
Duration of data procesing: The messages and the processed personal data are deleted by the Controller after handling the given problem, complaint or answering the question. However, the Controller archives them for tax and accounting reasons or if it is necessary to ensure or protect the user's rights or interest. In this case, the Controller stores them until the end of the investigation.
6.7. Registration on the webpage
Certain Tickething services and products are available only for registered cases. The user who wishes to use Tickething services and products has to create a personal account on the webpage in order to improve the buying or selling activities on the Webpage in the future. Upon registration, the user accepts to be contacted by the Controller by using the given contact for direct marketing.
Purpose of data processing: to register the personal data necessary for using the Webpage.
Legal basis of data processing: consent of the subject. Categories of processed personal data: name, email address. Additionally, in case of Facebook registration, city and the number of Facebook friends.
Duration of data processing: it lasts until withdrawal of the user's consent.
How to withdraw consent: after registration, the user can withdraw his / her consent at any time by sending an email here: firstname.lastname@example.org. 6.8. Buying and selling on the webpage The unique feature of Tickething webpages is that they allow for both buying and selling online tickets. Data processing is necessary to ensure the smooth and transparent buying or selling experience, confirming, accepting and performing the transaction. Purpose of data processing: to ensure the successful buying, selling and exchange on the web. Legal basis of data processing:
Data sent to the issuer of the ticket:
Duration of data processing:
6.10. Sending newsletters, advertisements The Controller sends newsletters and advertisements to potential customers about the services and products of Tickething webpages. Tickething regularly sends customer satisfaction surveys to its registered users and Tickething visitors. Filling them in is optional, however, the user and the visitor consent to the publication of his / her name and opinion by doing so.
Purpose of data processing: marketing activity to solicit new customers. Legal basis for data processing:
RIGHTS OF THE SUBJECTS
The data subject has the following rights detailed in chapter 7 relating to data processing. Should you, as a subject, wish to exercise your rights, please, contact Tickething in the following way:
e-mail address: email@example.com.
The Controller has the obligation to identify the subject natural person in every case before granting the request. It is forbidden to grant the user's request without prior identification. After identification, the Controller provides information concerning the request in writing in an electronic way. If the request has been filed in an electronic way, the Controller will answer in an electronic way, too. However, the subject may request the answer to be given in a different form. The Controller informs the subject of the actions taken regarding the request within maximum 1 (one) month as of the receipt of the subject's letter. If it is necessary, taking account of the high number or the complexity of the requests, this deadline may be extended to another 2 (two) months and the Controller shall inform the subject of it still within the first one month administrative period. The Controller shall inform the subject of the lack of actions within the first one month administrative period, too. The subject may file a complaint against it with the Hungarian National Authority for Data Protection and Freedom of Information and may exercise his / her rights to remedy.
The provision of the requested information and the Controller's actions are free of charge. Exemptions are if the request is unsubstantiated or - due to its repeated occurence - excessive. In this case, the Controller may charge a cost or may decline to grant the request. The data subject has the following rights to exercise against the Controller: 7.1. Withdrawal of consent The subject may withdraw his / her consent to any data processing which has formerly been carried out based on his / her consent (Art. 7 GDPR). In this case, Tickething shall delete the data subject's personal data related to the given data processing without unreasonable delay upon receipt of the request. 7.2. Provision of information (access) The data subject may request information if the Controller processes his / her personal data (Art. 15 GDPR) and in case of affirmative answer the subject may pose the following questions:
8.1. Right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information).
In the event the data subject considers that the processing of his / her personal data relating to him / her infringes GDPR, the data subject shall have the right to lodge a complaint with the Hungarian Authority for Data Protection and Freedom of Information. president: dr. Péterfalvi Attila postal address: 1534 Budapest, Pf.: 834 address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c Telephone: +36 (1) 391-1400 Fax: +36 (1) 391-1410 web: http://naih.hu e-mail: firstname.lastname@example.org 8.2. Right to judicial remedy The data subject shall have the right to an effective judicial remedy where he or she considers that his or her rights under this Regulation have been infringed as a result of the processing of his or her personal data in non-compliance with GDPR. Proceedings shall be brought before the regional courts and may be brought before the courts of the Member State where the data subject has his or her habitual residence should the data subject decide so. The Hungarian Authority for Data Protection and Freedom of Information shall have the right to intervene in the litigation in favour of the data subject.
The Controller is assisted in personal data processing by the following data processors:
Activity: Invoicing Name / Company name: Számlázz.hu Registered seat: 1031 Budapest, Záhony utca 7
Activity: Accounting Name / Company name: Hungarian Venture Capital Services Accounting & Consulting Könyvelő és Tanácsadó Kft. Registered seat: 9027 Győr, Hűtőházi út 2