We, at Ticketseller.gr, take the protection of our customers’ personal data very serious. That’s why we take the appropriate steps to protect the personal data we process to ensure that it is always processed in accordance with the obligations laid down by the legal framework, both by the company itself and by third parties that personally process data on behalf of the company.
1.1 General Data Protection Regulation
The company must collect Personal Data for the effective execution of everyday business functions and services and, in some cases, to comply with the requirements of the legislation and / or regulations it applies.
• Inform persons about the Personal Data we collect and process, for what purpose, how and for how long.
• Ensure that persons are aware of their rights and our duty of accountability and security.
• Provides an easy and clear means of ensuring your consent as a legal basis for the processing of Personal Data, and at the same time enables you to withdraw this consent whenever you want.
2. What Personal Data we are processed
When you call us, visit our website, cooperate with us, ask questions or ask for our cooperation, we may ask you for information (ie: name, address, email, telephone, etc.) depending on the type of relationship between us. In addition, you may choose to voluntarily disclose additional Personal Data (as in the case of sending a CV) or additional information (such as tax or commercial information, as part of your information or collaborative investigation).
We collect information, directly or indirectly, in the following ways:
• Information you send us or give us, when you contact us or visit our website, by electronic or other means.
• Information we receive from your use of our services or our partners’ services.
• We use various technologies for collecting and storing information and may include the use of technologies such as cookies (see also section 7).
• We may use information from our advertising networks, our customers or third parties to let you know about specific services that may be of interest to you.
For more information about how to access, manage, modify, or delete information, see sections 5 & 6 below.
3. How we use Personal Data
We use the information we collect (as described above) and consistent with the consents you have given us to:
• We process your request for service on our behalf
• We can provide you with personalised and up-to-date services
• We communicate with you to let you know about new services or products that may be of interest to you
• We are processing your payment
• We answer any possible questions you have asked us
When you contact us, we keep a file with our communications messages so we can resolve any issues you are having.
We do not allow unauthorised entities, and without your consent, to access your information. For all the above prerequisite is your consent (see sections 5 & 8 below)
4. With whom do we share your own Personal Data
We do not disclose or share Personal Data with companies, organisations, and individuals outside of our company unless one of the following situations applies:
• By your own consent: We share personal information with companies, organisations, and individuals when we have your explicit consent (see sections 5 & 8 below).
• For legitimate purposes: We share personal information with competent public services when this is reasonably necessary and in order to comply with laws, regulations, legal procedures or governmental requests.
5. Your rights and our obligations
5.1 Your rights
- Right of access
- Right of rectification
- Right to delete
- Right to limit processing
- Right to oppose processing
- Right of portability
- Right to withdraw consent
5.2 Our obligations
Our duties include:
• The principle of accountability with regard to the 6 principles governing the processing of Personal Data (legitimacy, objectivity and transparency, purpose limitation, minimisation of Personal Data, accuracy of Personal Data, storage period limitation, security, integrity, and confidentiality).
• Any processing of Personal Data is legal only if one of the following 6 conditions is true:
– the data subject has consented to the processing of the Personal Data
– processing of Personal Data is necessary for the performance of a contract where the subject is a party
– processing is necessary to comply with a legal obligation of the controller
– processing is necessary to safeguard the vital interest of the individual
-processing is necessary for the performance of a task in the public interest or in the exercise of public authority assigned to the controller
-processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party unless the interest or fundamental rights and freedoms of the natural person prevail.
In addition, we implement the appropriate technical and organisational measures to protect our company and our partners from unauthorised access or alteration, violation or destruction of the Personal Data we have in our possession. Specifically:
• We encrypt many of our services.
• We control data collection, storage and processing practices, including physical security measures, to protect against unauthorised access to systems and processes.
• Access to personal information is limited and controlled, and these individuals are subject to strict contractual obligations of confidentiality.
• If outside partners (for maintenance or support purposes) have potentially access to Personal Data, relevant appendices to existing cooperation contracts meet the requirements of the Regulation.
Throughout the entire Personal Data process cycle (from collection to the destruction of Personal Data) we take the appropriate technical and organisational measures to ensure the confidentiality, integrity and availability of Personal Data. Similar steps are required by third parties handling or processing Personal Data.
Our website is not intended for children under the age of 16. We are not processing Personal Data for children under 16 years old. When our services and products will be used by a child under the age of 16, the parent’s explicit consent is required to process the juvenile’s Personal Data.
6. Access to your own Personal Data
In the context of the rights granted to you by the Regulation, you may request an update of your own Personal Data or request a correction or limitation of processing or deletion of Personal Data.
You can exercise your rights by sending an e-mail to firstname.lastname@example.org by requesting the SAR, Subject Access Request, completing it and sending it to us. We are required to respond within one month of receipt of your request.
The exercise of the person’s rights can always be done under existing legislation (such as tax or labor law).
Whenever you use our services, our goal is to provide you with access to your own Personal Data. If these items are incorrect, we are working to provide you with ways to quickly update or delete them – unless we need to keep this information as required by relevant legislation or for legitimate purposes.
7. Update for cookies
Cookies are file information stored on your computer and improve website performance on your convenience.
Google Analytics (GA): We use the information provided by Google Analytics to collect information about how our visitors use our site, as well as compiling reports and improving our site. Although GA records data such as your geographic location, your device, your web browser, and your operating system, none of this information makes you personally familiar to us. GA also records the IP address of your computer, but it does not give us access to it. We believe that Google is a third data processor that is compliant with the requirements of European legislation.
8. Your consent and its removal
Our company under:
• Compliance with the Regulation on the Protection of Personal Data (EU 679/2016) and relevant national legislation
• Respect for protecting the privacy and security of Personal Data
Your consent is given for distinct purposes and may be revoked (by purpose and overall) at any time you wish.
The company will collect and process Personal Data only where it can legally do so, such as
(a) Requirement of relevant legislation,
(b) Processing necessary for the performance of a contract of which the natural person is a contracting party
(c) Process necessary to comply with a legal obligation of the controller,
(d) Processing necessary to safeguard the vital interest of the person
9. General information and communication
For any question about this policy, please contact us at the following address: