Privacy policy

1.- Who are we?

Owner: ENTRADAS EVENTIM, S.A. (en adelante, “Eventim”)
Registered office: Calle Serrano Anguita 8,  28004 – Madrid
Tax Identification NumberA81933772
Registration details: Registro Mercantil de Madrid, tomo 12997, folio 140, sección 8ª, hoja M-209584, inscripción 1ª.
E-mail: dpo@entradas.com

2.- Information and consent

By means of this Privacy Policy, the user is hereby informed of the processing by Eventim of the personal data that he/she provides through the contact channels provided, as well as of such data as may be obtained by Eventim for the fulfilment of the aforementioned purposes, deriving from the existing pre-contractual relationship or related to his/her browsing and/or which may be provided or obtained in the future.

The user must carefully read this Privacy Policy, which has been drafted in a clear and simple manner in order to facilitate its understanding, and the user may freely and voluntarily determine whether he/she wishes to provide Eventim with his/her personal data.

3.- Compulsory nature of providing the data

The data requested by Eventim through any of the channels provided are, in general, compulsory (unless otherwise specified in the required field) in order to comply with the purposes for which they are being collected.

Therefore, if they are not provided or are not provided correctly, they cannot be fulfilled, notwithstanding the fact that you may freely view the contents of the Web Site.

4.- For what purpose will Eventim process the user’s data and on the basis of what legitimacy?

To answer the questions posed in the contact forms

In cases in which the user makes a contact request, his or her data shall be processed in order to manage, process and reply to the same.

The basis of legitimacy of this treatment will be the execution of the request made by the user by virtue of the existing relationship between the parties.

Negotiation of the contracting of Eventim’s services and analysis of the risks arising therefrom.

In the event that a pre-contractual relationship is entered into between Eventim and the user, Eventim may carry out the following processing:

  • Preparation of the corresponding offers;
  • Processing and monitoring of the contracting process of the aforementioned services;
  • Contacting the user for the management of any procedure aimed at finalising the contracting of the services;

The aforementioned processing will be based on the fulfilment of the pre-contractual relationship.

Likewise, within the pre-contractual relationship maintained, Eventim may carry out an analysis of the risks arising from the contracting of Eventim’s services by the user (or the company or organisation to which the user belongs), by processing the data provided by the user in order to carry out the contracting of Eventim’s services and the consultation of third-party files.

Fulfilment of this purpose may involve profiling, for which, among other data of the contracting company itself, the data of its administrators and representatives that, if applicable, are provided by the user shall be processed. This will make it possible to obtain a result on the risks derived from the contracting and, therefore, on the suitability of the product whose contracting has been requested. This result will be obtained on the basis of objective criteria that make it possible to infer the capacity to assume financial obligations. Under no circumstances shall the conclusions reached imply the assessment of behaviour, lifestyles, habits and customs, etc. by Eventim, and therefore no conclusions of any kind shall be drawn in this regard.

The basis of legitimacy for processing the personal data of persons related to the contracting company for the analysis of the risks arising from the contracting of Eventim’s services is the legitimate interest of verifying the solvency of the natural or legal person contracting our services and avoiding payment defaults, in line with the legitimate interest recognised to the data controller by the regulations.

Said legitimate interest shall consist of minimising the financial risks assumed by Eventim in the provision of its services.

5.- What data will Eventim process?

Eventim shall process the following categories of data for the fulfilment of each of the respective purposes:

Answering the questions posed in the contact forms.

  • Identification data.
  • Contact data.
  • Employment data.

Negotiation of the contracting of Eventim’s services and analysis of the risks arising therefrom.

  • Identification data.
  • Contact details.
  • Employment data.
  • Economic, financial and corporate data.

In the event that the user provides data of third parties, he/she declares that he/she has their consent and undertakes to transfer the information contained in the Privacy Policy to them, exempting Eventim from any liability in this regard. However, Eventim may carry out periodic verifications to ascertain this fact, adopting the corresponding due diligence measures in accordance with the data protection regulations.

In any case, data protection regulations legitimise Eventim to process the personal data necessary to contact a professional or the legal entity in which the affected party provides its services, for the purpose of maintaining professional and/or business relations, related to this condition, of any nature whatsoever.

6.- With which recipients will the user’s data be shared?

The user’s data may be communicated to:

  • Public Administrations in the cases provided for by law.
  • The companies of the business group to which Eventim belongs, based on the legitimate interest conferred by the data protection regulations, for the administrative purposes of managing the business group.

Likewise, the data processed by Eventim may be accessed by those service providers that need to access the same for the performance of the corresponding services contracted by Eventim. In any case, Eventim shall enter into the corresponding agreements with these providers to guarantee the protection of the users’ data.

7.- International data transfers

Eventim has servers for housing the personal data processed in the European Union.

Likewise, in those cases in which it is necessary to carry out an international transfer of data for the fulfilment of the aforementioned purposes, Eventim guarantees that, in those cases in which there is no adequacy decision in force, the aforementioned international transfer of data shall be carried out in compliance with the applicable data protection regulations and, in any case, by means of the granting of the appropriate guarantees. Specifically, by means of the execution of the standard contractual clauses approved by the European Commission.

8.- Retention of data
The user’s data will be kept for the period necessary to process and reply to the request and/or to develop and conclude the negotiations initiated and, once this period has expired, for the period of limitation of the legal actions derived from the aforementioned request, initially estimated at 5 years.

9.- User Responsibility

The user:

  • Guarantees that he/she is over eighteen (18) years of age and that the data provided by Eventim are true, accurate, complete and updated. For these purposes, the user is responsible for the truthfulness of all the data he/she communicates and shall keep the information provided suitably updated, in such a way that it corresponds to his/her real situation.
  • He/she guarantees that he/she has informed the third parties from whom he/she provides his/her data, if he/she does so, of the aspects contained in this document. Likewise, you guarantee that you have obtained their authorisation to provide their data to Eventim for the purposes indicated.
  • You shall be liable for any false or inaccurate information that you provide to Eventim and for any direct or indirect damages that this may cause to Eventim or to third parties.

10.- Exercise of rights

The user may exercise the rights recognised in current legislation on data protection (access, rectification, suppression, opposition, limitation to processing and portability, as applicable) by sending a written communication to the Data Controller to the postal address at calle Serrano Anguita 8; 28004 de Madrid, as well as through the form available at: dpo@entradas.com. The interested user must enclose a copy of his/her national identity card, passport or other valid document that identifies him/her.

Likewise, the user may file a complaint with the Spanish Data Protection Agency: https://www.aepd.es/agencia/contacto.html, if he/she considers that Eventim has infringed the rights recognised by the applicable data protection regulations

11.- Security measures

Eventim shall treat the user’s data at all times in an absolutely confidential manner and shall keep the mandatory duty of secrecy with regard to the same, in accordance with the provisions of the applicable regulations, adopting for this purpose the necessary technical and organisational measures that guarantee the security of your data and prevent their alteration, loss, unauthorised processing or access, taking into account the state of the technology, the nature of the data stored and the risks to which they are exposed.

12.- Changes

Eventim reserves the right to revise its Privacy Policy at any time it deems appropriate, in which case users shall be notified thereof. For this reason, please check this privacy statement regularly to read the most recent version of Eventim’s Privacy Policy.