PRIVACY POLICY

www.seatsza.com

Effective date: 1^st September 2023

1. Introduction

1.1 Background

Welcome to the privacy policy of Ticketshop Management Ltd, the owner of www.seatsza.com. We are committed to safeguarding the privacy of our users while providing a personalized and valuable service. This privacy policy explains our data processing practices and your options regarding the ways your personal data is used.

1.2 Scope and Applicability

This privacy policy applies to all personal information collected or processed by us, which includes information collected on our website, mobile applications, or other platforms or services that directly link to this policy. It outlines the types of information we collect, how we use it, and the steps we take to safeguard it.

1.3 Definitions

1.3.1 “Personal Data” refers to any information relating to an identified or identifiable natural person.

1.3.2 “Processing” is any operation or set of operations which is performed on personal data, whether or not by automated means.

1.3.3 “Data Subject” is the individual whose personal data is being processed.

2. Information Collection

2.1 Types of Information Collected

We collect various types of personal information, including but not limited to:

• Identifiers such as name, address, email address, and IP address.
• Personal characteristics such as gender and age.
• Commercial information such as purchase history and transaction information.
• Internet or network activity information such as browsing history and interactions with our website.

2.2 Methods of Information Collection

We collect personal information through various methods, including:

• Directly from the data subject, for instance, through forms on our website.
• Automatically, as is common with most websites, through cookies and similar technologies.
• From third parties, including public databases, social media platforms, and credit agencies, as permitted by law.

2.3 Collection from Minors

We do not knowingly collect personal information from individuals under the age of 16 without the consent of a parent or guardian. If we become aware that we have inadvertently received personal information from a minor, we will delete such information from our records.

3. Use of Personal Data

3.1 Purpose of Data Processing

We process personal data for various purposes, including:

• To provide and manage our services.
• To personalize user experiences on our platform.
• To conduct research and analysis to improve our services.
• To comply with legal obligations and protect our rights.

3.2 Legal Basis for Data Processing

We process personal data based on various legal grounds, including:

• Consent: where the data subject has freely given clear consent for the processing of their personal data for a specific purpose.
• Contractual necessity: where processing is necessary for the performance of a contract to which the data subject is a party.
• Legal obligation: where processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate interests: where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.

4. Sharing and Disclosure of Personal Data

4.1 Sharing with Third Parties

We may share personal data with third parties, including corporate affiliates, business partners, and third-party service providers to facilitate the provision of our services and for business operational purposes.

4.2 Legal Disclosures

We may disclose personal data:

• In response to legal process, such as a court order or subpoena;
• To protect our rights, privacy, safety, or property, and that of our affiliates, service providers, and other customers;
• To prevent fraud and other criminal activities;
• To comply with or enforce applicable legal and regulatory obligations.

5. User Rights (GDPR)

Under the General Data Protection Regulation (GDPR), users have several rights concerning their personal data, including:

5.1 Right to Access

Data subjects have the right to request access to their personal data and to obtain information about how it is being processed.

5.2 Right to Rectification

Data subjects have the right to request the rectification of inaccurate personal data concerning them.

5.3 Right to Erasure (Right to be Forgotten)

Data subjects have the right to request the erasure of personal data concerning them under certain conditions.

5.4 Right to Restrict Processing

Data subjects have the right to request the restriction of processing of their personal data under certain conditions.

5.5 Right to Data Portability

Data subjects have the right to receive the personal data concerning them in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller without hindrance.

5.6 Right to Object

Data subjects have the right to object to the processing of their personal data under certain conditions.

5.7 Rights Related to Automated Decision-Making

Data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

6. Compliance with California Consumer Privacy Act (CCPA)

6.1 Notice at Collection

We are required to notify our California consumers at or before the time we collect their personal information. We provide clear and comprehensive information about our data collection practices in this privacy policy.

6.2 Right to Know About Personal Information Collected, Disclosed, or Sold

California consumers have the right to request that we disclose the categories and specific pieces of personal information that we have collected, used, disclosed, or sold about them over the past 12 months.

6.3 Right to Request Deletion of Personal Information

California consumers have the right to request the deletion of their personal information collected or maintained by us, subject to certain exceptions as provided by the law.

6.4 Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights

We will not discriminate against any consumer for exercising their privacy rights under the CCPA, including by denying goods or services, charging different prices or rates for goods or services, or providing a different level or quality of goods or services to those who exercise their privacy rights.

6.5 Authorized Agent

California consumers have the right to appoint an authorized agent to make a request under the CCPA on their behalf. We may require proof of authorization and the consumer’s identity when an authorized agent makes a request on a consumer’s behalf.

7. U.S. Privacy Addendum (For Residents of Specific States)

7.1 Scope and Applicability

This section supplements the information contained in our privacy policy and applies solely to residents of specific U.S. states, as mentioned in the addendum.

7.2 No Sale of Personal Information

We do not sell personal information, including sensitive personal information, in the preceding 12 months. Moreover, we do not sell or knowingly “share” personal information for cross-context behavioral advertising purposes, including that of minors under age 16.

7.3 Categories of Personal Information Collected and Disclosed

In this section, we detail the categories of personal information we collect and disclose for operational business purposes and the categories of third parties with whom we share this information, as described in a detailed chart in this section.

7.4 Purposes for the Collection, Use, Disclosure, or Sharing of Personal Information

We collect, use, disclose, or share personal information to operate our business, provide our products and services, and achieve our business objectives, as detailed in this section.

8. Data Security

8.1 Security Measures

We employ various security measures, including encryption and secure servers, to protect the personal information we collect. We maintain physical, electronic, and procedural safeguards to protect your personal information from unauthorized access or intrusion.

8.2 Data Breach Notification

In the event of a data breach that is likely to result in a high risk to the rights and freedoms of individuals, we will notify the affected individuals and relevant authorities as required by law, without undue delay.

9. International Data Transfers

9.1 Transfer of Data Outside the European Economic Area (EEA)

We may transfer personal data outside the EEA to countries not deemed to provide an adequate level of data protection. In such cases, we take steps to ensure that appropriate safeguards are in place to protect your personal data.

9.2 Adequate Level of Data Protection

We ensure that data transferred outside the EEA is treated with an adequate level of data protection as stipulated by applicable data protection laws.

10. Third-Party Websites and Services

10.1 Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of such websites. We encourage users to read the privacy policies of any linked third-party websites.

10.2 Third-Party Services

We may use third-party services to facilitate our service, and these third parties may have access to your personal information for the limited purpose of performing these tasks on our behalf and are obligated to protect and secure your personal information.

11. Cookies and Similar Technologies

11.1 Use of Cookies

We use cookies and similar technologies to enhance your experience on our website. These technologies help us understand user behavior, inform us about which parts of our website people have visited, and facilitate and measure the effectiveness of advertisements and web searches.

11.2 Cookie Policy

We maintain a separate Cookie Policy that provides detailed information about the types of cookies we use, the information we collect using cookies, how that information is used, and how to control the cookie preferences. For further information, visit our Cookie Policy linked at the footer of our website.

12. Data Retention

12.1 Retention Period

We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. The precise length of time we hold your data will vary depending on the nature of the personal data and the purpose for which we are processing them.

12.2 Disposal of Data

Upon expiry of the retention period, or upon your request, we will securely dispose of or delete your personal information in accordance with applicable laws and regulations.

13. Changes to the Privacy Policy

13.1 Updates and Modifications

We reserve the right to update or modify this privacy policy at any time to reflect changes to our information practices. Any changes will be effective immediately upon the posting of the revised privacy policy on the website.

13.2 Notification of Changes

We will take appropriate steps to inform you, in a manner consistent with the significance of the changes we make, such as through email notification or through notice on our website.

14. Contact Us

14.1 Contact Information

For any questions, comments, or concerns regarding this privacy policy, please contact us at:

• Address: Northlink Business Centre, Level 2, Triq Burmarrad, Naxxar, NXR6345, Malta.
• Email: [email protected]
• WhatsApp: +447563796604

14.2 Data Protection Officer

You can contact our Data Protection Officer at the above address or through the above email for any queries related to the processing of your personal data.

15. Complaints and Disputes

15.1 Lodging a Complaint

If you have any complaints regarding our privacy practices, you have the right to lodge a complaint with the competent data protection authority in your jurisdiction or the Maltese Data Protection Commissioner.

15.2 Dispute Resolution

In the event of any dispute arising out of or in connection with this privacy policy, including any question regarding its existence, validity, or termination, the parties shall first seek settlement of that dispute by mediation administered by the Maltese Centre for Arbitration under its rules, which are deemed to be incorporated by reference into this clause.

16. User Responsibilities

16.1 Updating Personal Information

We encourage users to promptly update their personal information whenever necessary. Users are responsible for keeping their personal information current to ensure we can maintain the accuracy of the information we hold.

16.2 Responsible Usage

Users are expected to use our services responsibly, respecting the privacy and rights of others. Any misuse of personal data accessed through our services may result in termination of access to our services.

17. Intellectual Property

17.1 Copyright

All content on our platform, including text, graphics, logos, icons, and images, is the exclusive property of Ticketshop Management Ltd or its licensors and is protected by copyright laws. Unauthorized use of this content may violate copyright, trademark, and other laws.

17.2 Trademarks

The trademarks, logos, and service marks displayed on our platform are registered and unregistered trademarks of Ticketshop Management Ltd or its licensors. Nothing on this platform should be construed as granting, by implication, estoppel, or otherwise, any license or right to use any trademark without our written permission.

18. Governing Law and Jurisdiction

18.1 Applicable Law

This privacy policy shall be governed by and construed in accordance with the laws of Malta, without regard to its conflict of law principles.

18.2 Jurisdiction

Any disputes arising out of or relating to this privacy policy shall be resolved in the competent courts of Malta, which shall have exclusive jurisdiction over such disputes.

19. Severability

19.1 Severance

If any provision of this privacy policy is found to be invalid, unlawful, or unenforceable to any extent, the parties shall endeavor in good faith to agree to such amendments that will preserve, as far as possible, the intentions expressed in this policy.

19.2 Continuation in Effect

If any provision of this privacy policy is so found to be invalid or unenforceable but would be valid or enforceable if some part of the provision were deleted, the provision in question shall apply with such modification(s) as may be necessary to make it valid.

20. Miscellaneous

20.1 Entire Agreement

This privacy policy, along with our terms and conditions and cookie policy, constitutes the entire agreement between you and Ticketshop Management Ltd regarding the use of our services and supersedes all previous agreements, understandings, and arrangements between us, whether in writing or oral.

20.2 Waiver

No failure or delay by Ticketshop Management Ltd in exercising any right, power, or privilege under this privacy policy shall operate as a waiver thereof, nor shall any single or partial exercise thereof preclude any other or further exercise thereof or the exercise of any other right, power, or privilege.

21. Contact Us

For any inquiries, concerns, or clarifications regarding our privacy policy, or if you wish to exercise any of your data protection rights, you are welcome to reach out to us through the following channels:

21.1 Mailing Address

Ticketshop Management Ltd Northlink Business Centre, Level 2, Triq Burmarrad, Naxxar, NXR6345, Malta

21.2 Email Support

For a swift response to any of your queries or concerns, please write to us at: [email protected]. Our team is committed to assisting you in a timely manner.

21.3 WhatsApp Support

For real-time assistance, we are available on WhatsApp. You can reach out to us at: +447563796604. We endeavor to respond to your messages promptly.

21.4 Data Protection Officer

If you have specific queries related to data protection or if you wish to exercise your data protection rights, you can reach out to our Data Protection Officer at the above address or email.

We are dedicated to ensuring the privacy and protection of your data. We encourage you to communicate with us for any assistance or information you may need regarding our privacy practices.