Valid from: 3/30/23
The Paysera Tickets platform
1. Your Personal Data Controller is the private limited liability company “Paysera LT”, legal person code 300060819, address: Pilaitės pr. 16, Vilnius (hereinafter – Paysera), its branches and representative offices, Paysera group companies, in accordance with the person’s (client’s) country of residence, also other legal persons, involved by “Paysera LT”, UAB in providing services and authorised to act on behalf of “Paysera LT”, UAB. Contact details of Paysera are published at www.paysera.com. Contact details of the Data Protection Officer authorised by Paysera: email@example.com.
2. Paysera manages the event ticketing platform “Paysera Tickets”, accessed under the address tickets.paysera.com (hereinafter – the Paysera Tickets platform).
3. Services provided by the Paysera Tickets platform include event creation by the Organisers and registration to events, and provision of information on events, selling tickets to events, ticket purchases by Buyers, and registration in the Paysera Tickets platform, reading (using) published information, providing and receiving any information and data of any type and all the other services which Paysera provides or may provide in the future via the Paysera Tickets platform (hereinafter – the Services).
6. Paysera respects the right to personal privacy and undertakes all reasonably possible efforts to ensure the safety and confidentiality of personal data and other information processed in the Paysera Tickets platform. In order to protect this information from unauthorised access, usage, copying, or disclosure, Paysera uses a variety of administrative, technical, and physical security instruments.
7. All personal data collected by Paysera is processed in accordance with the Republic of Lithuania Law on Legal Protection of Personal Data, the General Data Protection Regulation, and other legal acts.
10. Paysera notes that the Paysera Tickets platform contains links to websites of third persons, companies, or organisations (e.g. event organisers), and the personal information provided when purchasing a ticket or registering to a specific event is transferred to the organiser of the event. Paysera does not hold the responsibility for the content of websites, personal data processing methods, and assurance of personal privacy on the websites of event organisers (or other third persons), even if the person accesses websites of third persons via links provided on the present website; thus, prior to providing information about themselves, the person shall read the rules, privacy terms and conditions, and other documents of the relevant website and its manager, related to the processing of personal data.
Personal Data Collected in the Paysera Tickets platform
13. The scope of data collected in the Paysera Tickets platform depends on the services which the person uses or aims to use.
14. A person can visit the website of the Paysera Tickets platform and read the information given therein without providing any information about themselves.
16. If a person who is not registered with the Paysera Tickets platform wishes to buy a ticket to an event published on the Paysera Tickets website, Paysera always requests and processes a personal email address where the purchased electronic tickets will be sent later.
17. When a person purchases a ticket, the email address provided by the person is always transferred to the organiser of the event of the purchased ticket. By confirming the order of the ticket to the event, the person also confirms their consent to transfer the personal information (personal data) they fill in to the event organiser.
18. The Paysera Tickets platform provides the possibility for the event organiser to create fields of additional information about ticket buyers (event attendees) for a specific event. This personal data of buyers is processed by the event organiser as the personal data controller, while Paysera processes (retains) this data as the data processor under the order of the data controller (event organiser), on the basis of the Personal Data Processing Agreement.
19. The event organiser holds full responsibility for the lawfulness of the processing of collected personal data of buyers. The event organiser must ensure that the processing of the personal data of buyers is performed for legitimate purposes and on legitimate grounds, where required, to receive appropriate consent from the buyer regarding the processing of personal data, and that proper notification about personal data processing or concluded agreements on personal data processing is provided.
20. Event organisers are recommended to confine the collection of data to that which is necessary for the specific event and collect it only for purposes of the event and services provided during the event.
21. If the event organiser aims to use the collected data for marketing purposes, the event organiser shall inform persons thereof before collecting such data and receive their consent.
23. The buyer is responsible for the provision of their personal data, its accuracy, and completeness.
Data processing purposes
Registration in the Paysera Tickets platform
26.1. Personal data for this purpose is processed in order for the person to register an account on the Paysera Tickets platform, and view their events, seating plans, or purchase history.
26.2. The following personal data may be processed for this purpose: name, surname, email address, identifiers of registration in external platforms (e.g. Facebook, Google, Paysera, etc.), country, and language.
26.3. Data retention period: 10 (ten) years from the termination of the registration.
26.4. Data providers: the data subject directly.
26.5. Data recipients: the data for this purpose is not provided to other persons.
To support and administer relations with platform users
27.1. If a person has voluntarily provided their personal data for a certain specific purpose to Paysera, Paysera can use this personal data for this specific purpose, e.g. if a person contacts Paysera via email to submit a request for Services provided in the Paysera Tickets platform, Paysera saves and uses the data provided by the person to submit the answer to the person’s questions, resolve the problem, and reply to the indicated email address or other indicated contact data.
27.2. For this purpose, the following personal data may be processed: name, surname, phone number, and email address.
27.3. Data retention period: 10 (ten) years from the date of provision of personal data.
27.4. Data providers: the data subject directly.
27.5. Data recipients: the data for this purpose is not provided to other persons.
Informing about services
28.1. Personal data for this purpose is processed in order to inform the Organiser about the services provided by Paysera Tickets, their prices, specifics and other messages relating to the provided Paysera Tickets services.
28.2. The following personal data may be processed for this purpose: email address, phone number, country, and language.
28.3. The data subject confirms that they are aware that such messages are necessary for the execution of the Paysera Tickets platform, and they are not considered to be direct marketing messages.
28.4. Data retention period: 10 (ten) years from the termination of the registration.
28.5. Data providers: the data subject directly.
28.6. Data recipients: the data for this purpose is not provided to other persons.
Use of Personal Data for Purpose of Direct Marketing
29.1. Personal data is processed for this purpose in order to provide offers to the Buyers about the services provided by Paysera Tickets and find out the Buyers’ opinions on the above-mentioned services.
29.2. The following personal data can be processed for this purpose: email address, phone number, country, and language.
29.3. Paysera can also perform profiling for purposes of direct marketing. Profiling can be performed by using Piwik, Google, Facebook, and other analytics tools.
29.4. For this purpose, Paysera sends newsletters and direct marketing messages after obtaining the person's consent. Paysera may use a newsletter service provider while ensuring that said provider complies with the personal data protection requirements set out in the Joint Controller Agreement. A person may revoke their consent upon receiving newsletters or direct marketing messages by clicking on the Revoke your consent link provided in every direct marketing message, as well as informing Paysera at any time about their refusal to process personal data for direct marketing purposes by email to firstname.lastname@example.org.
29.5. Data retention time limits: until the person’s statement of refusal to process data for this purpose or for buyers registered in the Paysera Tickets platform for 10 (ten) years from the termination of the registration, for buyers who are not registered in the Paysera Tickets platform for 10 (ten) years from the date of purchasing the ticket to the event or provision of personal data.
29.6. Data providers: directly from the data subject themselves.
29.7. Data recipients: data for this purpose may be transferred via search and social network platforms (a possibility to refuse data processing is ensured on the pages of these platforms), and newsletter service providers.
30. Personal data collected for the aforementioned purposes may be processed for the purpose of statistical analysis. For this purpose, personal data shall be processed in such a way that, by including it in the scope of statistical analysis, it is not possible to identify the data subjects concerned. The collection of personal data for the purpose of statistical analysis is based on the legitimate interest to analyse, improve, and develop the conducted activity. A person has the right to disagree and object to their personal data processing for such purpose at any time and in any form by informing Paysera thereof. However, Paysera may continue to process the data for statistical purposes if it proves that the data is processed for compelling legitimate reasons beyond the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defence of legal claims.
31. The data collected for all of the above purposes can be used to improve technical and organisational tools, IT infrastructure, adapt services to the devices used, develop new Paysera services, as well as enhance satisfaction with existing services.
Service misuse prevention and proper service delivery
32. The data collected for all of the above purposes may be used to prevent unauthorised access and use, i.e. to ensure privacy and information security.
Voluntary Nature, Accuracy, and Completeness of Data Provision
35. Paysera does not verify the provided personal information. It is considered that the information provided by the person is complete and accurate, and the person who provides the information is responsible for the accuracy and completeness of the provided information.
Disclosure of Data
37. Paysera may disclose personal data or information provided by the person when such disclosure is required by valid legislation or competent authorities. Paysera may also disclose personal data or information only if it is not prohibited by the legislation and only when it can be objectively justified in the specific case. Paysera commits not to disclose personal data to third persons, except for the following cases:
37.1. when the person gives their consent for disclosure of personal data;
37.3. to law enforcement authorities under the procedure set forth by the legislation of the Republic of Lithuania;
37.4. if it is necessary to prevent or investigate criminal activities;
37.5. in other cases set forth by the legislation.
38. In case of the need, Paysera reserves the right to employ other persons at its own discretion for the execution of certain functions on behalf of Paysera. For such persons to be able to execute their assigned functions, they may be given access to certain personal information. However, in such cases, Paysera will ensure that the mentioned persons will not be able to use such information for any other purposes and only to the extent necessary to execute the assigned functions.
Learning about personal data retained by Paysera, correction of inaccuracies, refusal of data processing, and other rights
39. The subject of the personal data has the right to learn about their personal data collected and retained via the Paysera Tickets platform, and its processing method, and ask for such data to be provided to them. Once a calendar year, such data may be provided free of charge, but in other cases, the provision of data may be charged at an amount which does not exceed the cost of data provision.
40. The subject of the personal data has the right to demand Paysera to correct all inaccuracies of their personal data free of charge.
41. The subject of the personal data has the right to stop the data processing (delete the data) in case the personal data has been processed under the consent of the person, when the person revokes their consent, or when the personal data is no longer necessary for the purpose it was collected for, or if the personal data has been processed illegally, or if the personal data must be deleted under legal obligations. A written request regarding the refusal of data processing must be submitted to Paysera personally, by email, or by other electronic means of communication. If the refusal is legally justified, Paysera, after examining the request, will stop processing the data, except for cases stipulated by the law. It shall be taken into account that the right to delete personal data immediately may be limited or not feasible due to a legal obligation of Paysera to retain clients’ personal data.
42. The subject of the personal data has the right to demand to limit the data processing when the subject of the personal data disputes the accuracy of such data for a period of time within which the data processor can verify the accuracy of the data; when the data processing is illegal and the subject of the personal data does not agree for their personal data to be deleted and requires to limit its use instead; when the data processor does not need the data for the purpose of data processing anymore, but it is required for the subject of the personal data to declare, execute, or protect legal requirements. The data processor shall inform the subject of the personal data, whose data was limited from processing, prior to removing the limitation to process the data.
43. The subject of the personal data has the right to address a complaint regarding their data processing to a supervisory institution, if the client assumes that their data is processed in breach of their rights and legal interests under applicable law; to address the personal data processor and the data protection officer regarding the implementation of their rights; other rights stipulated by legal acts.
44. The request to access personal data retained by Paysera, correct it, or refuse to have it processed has to be sent to the email address email@example.com. In the request, the person shall clearly indicate their name, surname, and email address.
45. For correction or deletion of data which has been transferred to the event organiser, the person shall contact the event organiser directly.
Cookies and Attendance
47. Necessary cookies used by Paysera are always stored on the person’s device and are used for improving identification, website functionality and use, as well as making the person’s access to the website easier.
48. Other non-necessary cookies are used for improving the person’s experience using the website and the Paysera Tickets platform, and improving the quality of services provided. These cookies are used only after obtaining a person’s consent.
49. All the information about cookies used on the website, their purpose, validity, and data used is presented here.