Legal

Privacy policy

25.05.2018

When you use Fienta services, you entrust us with the personal data needed for the event organiser (henceforth Organiser). We take data privacy seriously and collect personal data only to the extent necessary to provide our services to you. We process personal data in compliance with the EU General Data Protection Regulation (GDPR, EU 2016/679) and the laws of the Republic of Estonia. Fienta does not process data that is defined by the GDPR as sensitive personal data.

Our privacy policy, which is part of the Fienta e-ticket shop terms of service explains how and why we collect and process personal data. We emphasise that Fienta is the data processor, while the organiser of each event is the data controller and is also responsible for the legality of requesting personal data. Fienta collects personal data as instructed by the organiser in order to make tickets available to the public.

What kinds of data do we collect?

To provide services, we collect data as asked by the Organiser in the following two ways:

Data that you provide to us

For example, when you purchase tickets, you provide different types of information about yourself:

  • E-mail address.

  • Phone number.

  • Types, prices and quantities of purchased tickets.

  • A discount code used when making the purchase.

  • Possible additional fields that have been added to the registration form by the organiser.

Data that we get from you as you use our services

For example, if you present your ticket to enter the event, we save information about its use. To make the service possible, we collect the following data:

  • Purchase status.

  • Time of purchase.

  • Purchase IP address and information about cookies (for more, see our cookies policy).

  • Language used to make the purchase.

  • Marketing channel that led to the purchase.

  • Type of browser used and the operating system.

  • Name of the payer.

  • Payment type and the name of the bank used for the purchase.

  • Payment status.

  • Time of using the ticket.

The organisers might ask you for additional personal data depending on the objectives and needs of their event.

Why do we collect and process personal data?

To purchase tickets for the Organisers’ events with the help of our service, we need to process your personal data. Without processing personal data, it is not possible to provide tickets to you and fulfil the related obligations. We use all information collected through service provision to offer, administer, protect, and improve our services, as well as develop new services.

We collect and process personal data at the request of the Organiser for the following purposes:

  • To issue a ticket.

  • To receive payment for the ticket.

  • To avoid repeat use of the ticket.

  • For business analysis and service improvement.

  • To offer user support.

  • To fulfil legal obligations.

Before using data for any purposes other than those outlined in our privacy policy, we will ask for your explicit consent.

To whom is your data disclosed?

We treat the data being processed as confidential and disclose it to persons or companies (or recipients) only to the extent necessary to provide the service.

We do not disclose data to companies, organisations or persons outside of Fienta, except in the following cases:

  • Within the service provision, the Organiser of the event as the data controller has the right to process, disclose or forward personal data collected through the Fienta website.

  • When paying for the ticket with a credit card or bank transfer, access to your bank card information and banking details is given only to Maksekeskus AS. The Maksekeskus privacy policy is available on their website at https://maksekeskus.ee.

  • Without a person’s consent, their personal data can only be forwarded to organisations or persons who have a direct legal right to access it, as stipulated in legal acts regulating data protection.

  • In case of mergers or acquisitions related to Fienta, personal data may be disclosed to third parties that are involved in the merger or acquisition.

  • If we use external service providers for services such as website services or hosting, marketing services, and IT support services, those subcontractors may have access to your personal data and/or may process the data while providing those services. We require our external service providers to apply and implement security measures that ensure the integrity and security of your data.

  • If you have given your clearly expressed consent to disclose personal data to a specific recipient.

Disclosing personal data outside the EU

We do not disclose personal data to recipients outside the European Union or the European Economic Area (EEA).

Data security

We work to protect your data from unauthorised access, unauthorised modification, publication, or damage.

To ensure data security, we do the following:

  • We handle all personal data as confidential.

  • We encrypt services, where possible, using SSL.

  • We restrict access to personal data by granting access only to those employees and contractual parties who need the data for processing purposes and who are subject to strict contractual confidentiality obligations. They can be penalised or have their contract terminated if they do not fulfil those obligations.

  • We store personal data mainly in digital form and not on paper, to ensure more secure monitoring of access.

  • The personal data storage technology is protected with the necessary IT technology and organisational protection measures.

Although we apply strict security rules for the personal data that has been submitted to our platform, it should be noted that the internet is never completely secure, and we cannot fully guarantee the secure forwarding of information you send to us. The secure sending of data is always at your own risk.

What are your rights and how can you exercise your rights?

If you have given consent to the collection, processing, and use of your data in a certain manner, you can always withdraw that consent at any time in the future.

In line with the applicable legal acts concerning data protection, you have the right to:

  • Apply for access to your personal data.

  • Apply for the correction of your personal data.

  • Apply for the erasure of your personal data.

  • Apply for the limitation of processing your personal data.

  • Apply for a transfer of your personal data.

  • Apply for a withdrawal of the consent you gave to processing personal data.

  • Express your opposition to the use of automated decisions (including profiling).

To exercise your rights and submit these applications, please contact the Organiser of the particular event, who is the data controller of your personal data. The application should make it possible to identify you unambiguously. Please note that you can request the erasure of your personal data, restrictions on processing, or similar measures only when this is in compliance with the applicable legal basis and the legal acts regulating data protection.

If you apply for the limitation of processing your personal data, ceasing or erasure, it may either partially or completely cease the services that we provide for you.

In case of complaints, you have the right to submit a complaint to the appropriate data protection authority. We cooperate with the respective regulatory authorities, including the local data protection authorities to solve any complaints related to personal data disclosure.

How long do we store your data?

Your personal data will be stored for as long as necessary to provide the services you requested and as required by applicable laws.

Non-personal data that has been collected will be stored indefinitely.

Privacy policy terms and changes

By using Fienta services, you confirm that you have familiarised yourself with and agreed to these principles and terms.

Our privacy policy may be updated from time to time. We do not reduce the rights arising from this privacy policy without your explicit consent. We will post a notification of any changes to the privacy policy and any other changes on this page, and in the case of more significant changes, we will send you a more detailed notification.

Contact us

If you have any questions or concerns about our privacy policy, please contact us at:

Fienta Ticketing OÜ
Hobujaama 4
Tallinn 10151 Estonia
+372 6700 070
[email protected]

If you have any questions or concerns related to data submitted on or requested by the event page, please contact the organiser of that particular event. Their contact details are available either on the event page or in the email sent to you when you purchased the tickets.