Valid from: 7/12/20
The Paysera Tickets system
1. Your Personal Data Controller is the private limited liability company “Paysera LT”, legal person code 300060819, address: Pilaitės pr. 16, Vilnius (hereinafter – Paysera), its branches and representative offices, Paysera group companies, in accordance with the person’s (client’s) country of residence, also other legal persons, involved by “Paysera LT”, UAB in providing services and authorised to act on behalf of “Paysera LT”, UAB. Contact details of Paysera are published at www.paysera.com. Contact details of the Data Protection Officer authorised by Paysera: firstname.lastname@example.org.
2. Paysera manages the event ticketing system “Paysera Tickets”, accessed under the address tickets.paysera.com (hereinafter – the Paysera Tickets system).
3. Services provided by the Paysera Tickets system include event creation by the Organisers and registration to events, and provision of information on events, selling tickets to events, ticket purchases by Buyers, and registration in the Paysera Tickets system, reading (using) published information, providing and receiving any information and/or data of any type and all the other services which Paysera provides or may provide in the future via the Paysera Tickets system (hereinafter – the Services).
6. Paysera respects the right to personal privacy and undertakes all reasonably possible efforts to ensure the safety and confidentiality of personal data and other information processed in the Paysera Tickets system. In order to protect this information from unauthorised access, usage, copying, or disclosure, Paysera uses a variety of administrative, technical, and physical security instruments.
7. All personal data collected by Paysera is processed in accordance with the Republic of Lithuania Law on Legal Protection of Personal Data, the General Data Protection Regulation, and other legal acts.
10. Paysera notes that the Paysera Tickets system contains links to websites of third persons, companies, or organisations (e.g. event organisers), and the personal information provided when purchasing a ticket or registering to a specific event is transferred to the organiser of the event. Paysera does not hold the responsibility for the content of websites, personal data processing methods, and assurance of personal privacy on the websites of event organisers (or other third persons), even if the person accesses websites of third persons via links provided on the present website; thus, prior to providing information about themselves, the person shall learn read the rules, privacy terms and conditions, and other documents of the relevant website and its manager, related to the processing of personal data.
Personal Data Collected in the Paysera Tickets System
13. The scope of data collected in the Paysera Tickets system depends on the services which the user of the Paysera Tickets system or website visitor uses or aims to use.
14. Website visitor: A person can visit the website of the Paysera Tickets system and read the information given therein without providing any information about themselves.
16. If a buyer who is not registered in the Paysera Tickets system wishes to buy a ticket to an event published on the Paysera Tickets website, Paysera always requests and processes a personal email address where the purchased electronic tickets will be sent later.
17. When a person purchases a ticket, the email address provided by the person is always transferred to the organiser of the event of the purchased ticket. By confirming the order of the ticket to the event, the person also confirms their consent to transfer the personal information (personal data) they fill in to the event organiser.
18. Paysera processes the following personal data of the person who has registered in the Paysera Tickets system, obtained during registration in the Paysera Tickets system: name, surname, email address, the identifier of registration in the system (e.g. Facebook ID, Google ID, Paysera ID, etc.), country, and language.
19. The Paysera Tickets system provides the possibility for the event organiser to create fields of additional information about ticket buyers (event attendees) for a specific event. This personal data of buyers is processed by the event organiser as the personal data controller, while Paysera processes (retains) this data as the data processor under the order of the data controller (event organiser), on the basis of the Personal Data Processing Agreement.
20. The event organiser holds full responsibility for the lawfulness of the processing of collected personal data of buyers. The event organiser must ensure that the processing of the personal data of buyers is performed for legitimate purposes and on legitimate grounds, where required, to receive an appropriate consent of the Buyer regarding the processing of personal data, and that proper notification about personal data processing or concluded agreements on personal data processing is provided.
21. Event organisers are recommended to confine the collection of data to that which is necessary for the specific event and collect it only for purposes of the event and services provided during the event, and in no cases collect personal identity codes and/or other sensitive data.
22. If the event organiser aims to use the collected data for marketing purposes, the event organiser shall inform persons thereof before collecting such data and receive their consent.
23. If the person agrees to provide the information required by the event organiser, by confirming the order of the ticket to the event, the person also confirms their consent to transfer the personal information (personal data) they fill in to the event organiser.
25. The Buyer is responsible for the provision of their personal data, its accuracy, and completeness.
Purpose of Personal Data Collection
Use of Personal Data for Purposes of Internal Administration
28. Paysera has the right to use collected personal data for purposes of internal administration:
28.1. in order to improve the operation and functionality of the Paysera Tickets system, to better understand the needs of users, to improve Services, etc.
28.2. also, if a person has voluntarily provided their personal data for a certain specific purpose to Paysera, Paysera can use this personal data for this specific purpose, e.g. if a person contacts Paysera via email to submit a request on Services provided in the Paysera Tickets system, Paysera saves and uses the data provided by the person to submit the answer to the person’s questions, resolve the problem, and reply to the indicated email address or other indicated contact data.
Use of Personal Data for Purposes of Direct Marketing
29. Paysera has the right to use personal data for purposes of direct marketing.
29.1. Personal data is processed for this purpose in order to provide offers to clients about the services provided by Paysera Tickets.
29.2. The following personal data can be processed for this purpose: email address, phone number.
29.3. Paysera can also perform profiling for purposes of direct marketing. Profiling can be performed by using Piwik, Google, Facebook, and other analytics tools.
29.4. This document serves as a confirmation for a person that they have been informed that their above data may be processed for the purposes of direct marketing, and also that they can disagree and refuse the usage of their personal data for such purposes at any time. The possibility of refusal is provided in every message of direct marketing by using an active link, which, when enabled, revokes the consent of a person given for personal data processing for purposes of direct marketing.
29.5. Data retention time limits: until the end of the business relationship with the client or until the client’s statement of refusal to process data for this purpose.
29.6. Data providers: directly from the data subject themselves.
29.7. Data recipients: data for this purpose may be transferred via search and social network systems (a possibility to refuse data processing is ensured on the pages of these systems). Data is not provided to other persons.
Personal Data Retention Terms
31. Paysera retains the collected personal data of users registered in the Paysera Tickets system for 10 (ten) years from the termination of the business relationship with the registered user.
32. Paysera retains the collected personal data of users who are not registered in the Paysera Tickets system for 10 (ten) years from the date of purchasing the ticket to the event or provision of personal data, if the personal data has not been provided for the purposes of a specific event.
Voluntary Nature, Accuracy, and Completeness of Data Provision
34. Paysera does not verify the provided personal information. It is considered that the information provided by the person is complete and accurate, and the person who provides the information holds the responsibility for the accuracy and completeness of the provided information.
Disclosure of Data
36. Paysera may disclose personal data or information provided by the person when such disclosure is required by the valid legislation or competent authorities. Paysera may also disclose personal data or information only if it is not prohibited by the legislation and only when it can be objectively justified in the specific case. Paysera commits not to disclose personal data to third persons, except for the following cases:
36.1. when the person gives their consent for disclosure of personal data;
36.3. to law enforcement authorities under the procedure set forth by the legislation of the Republic of Lithuania;
36.4. if it is necessary to prevent or investigate criminal activities;
36.5. in other cases set forth by the legislation.
37. In case of the need, Paysera reserves the right to employ other persons at its own discretion for the execution of certain functions on behalf of Paysera. For such persons to be able to execute their assigned functions, they may be given access to certain personal information. However, in such cases, Paysera will ensure that the mentioned persons will not able to use such information for any other purposes and only to the extent necessary to execute the assigned functions.
Learning about personal data retained by Paysera, correction of inaccuracies, refusal of data processing, and other rights
38. The person has the right to demand to learn their personal data collected and retained via the Paysera Tickets system, its processing method, and ask for such data to be provided to them. Once a calendar year, such data may be provided free of charge, but in other cases, the provision of data may be charged at an amount which does not exceed the cost of data provision.
39. The subject of the personal data has the right to demand from Paysera to correct all inaccuracies of their personal data free of charge. The subject of the personal data also has the right to refuse to have their personal data processed and disclosed to third persons, except when it is necessary to provide Services on the website.
40. The subject of the personal data has the right to stop the data processing (delete the data) in case the personal data has been processed under the consent of the person, when the person revokes their consent, or when the personal data is no longer necessary for the purpose it was collected for, or if the personal data has been processed illegally, or if the personal data must be deleted under legal obligations. A written request regarding the refusal of data processing must be submitted to Paysera personally, by email, or other electronic means of communication. If the refusal is legally justified, Paysera, after examining the request, will stop processing the data, except for cases stipulated by the law. It shall be taken into account that the right to delete personal data immediately may be limited or not feasible due to a legal obligation of Paysera to retain clients’ personal data.
41. The subject of the personal data has the right to demand to limit the data processing when the subject of the personal data disputes the accuracy of such data for a period of time within which the data processor can verify the accuracy of the data; when the data processing is illegal and the subject of the personal data does not agree for their personal data to be deleted and requires to limit its use instead; when the data processor does not need the data for the purpose of data processing anymore, but it is required for the subject of personal data to declare, execute, or protect legal requirements. The data processor shall inform the subject of the personal data, whose data was limited from processing, prior to removing the limitation to process the data.
42. The subject of the personal data has the right to address a complaint regarding their data processing to a supervisory institution, if the client assumes that their data is processed in breach of their rights and legal interests under applicable law; to address the personal data processor and/or the data protection officer regarding the implementation of their rights; other rights stipulated by legal acts.
43. The request to access personal data retained by Paysera, correct it, or refuse to have it processed has to be sent to the email address email@example.com. In the request, the person shall clearly indicate their name, surname, and email address.
44. For correction or deletion of data which has been transferred to the event organiser, the person shall contact the event organiser directly.
Cookies and Attendance
46. Necessary cookies used by Paysera are always stored on the person’s device and are used for improving identification, website functionality and use, as well as making the person’s access to the website easier.
47. Other non-necessary cookies are used for improving the person’s experience using the website and/or the Paysera Tickets system, and improving the quality of services provided. These cookies are used only after obtaining a person’s consent.
48. All the information about cookies used on the website, their purpose, validity, and data used is presented here.