Header Image

PRIVACY NOTICE

1. Introduction

1.1. This Privacy Policy (the “Privacy Policy”) describes how GYT (“GYT”, “us”, “we”, “our”) collects, uses, processes, discloses, and safeguards personal data when users and/or event organisers (collectively referred to as “you”, “your”) interact with our ticketing platform through our website/software (the “GYT Platform”)().

1.2. GYT is committed to safeguarding your privacy and ensuring the confidentiality of your personal data while providing the GYT Services (as defined hereunder).

1.3. GYT processes personal information in compliance with Regulation (EU) 2016/679 and the Data Protection Act (Chapter 586, Laws of Malta) and all subsidiary legislation thereunder (the “GDPR”).

2. Definitions & Interpretation

2.1. Account – A unique account created for you to access our services. 
2.2. Affiliate – Any entity that controls, is controlled by, or is under common control with GYT. 
2.3. Cookies – Small files stored on your device to improve user experience. 
2.4. Data Controller – The entity responsible for determining the purposes and means of processing personal data (GYT Ltd.). 
2.5. Service Provider – Any third-party processing data on behalf of GYT. 
2.6. Usage Data – Data collected automatically, such as IP addresses, browser types, and session durations.

All terms used in this Privacy Policy, which are not defined herein, shall have the same meaning as in the GDPR.

3. GYT Services

3.1. GYT is an event ticketing platform that allows users (the “Users”) to purchase tickets for events organised by certain event organisers (the “Event Organisers”), process payments through third-party providers, and receive event updates, primarily through the use of its own proprietary websites, tools, software, platform and services (the “GYT Service/s”).

4. Data Controller

4.1. The Data Controller for the processing of personal data is Get Your Tickets Ltd registered under company registration number C 110442, with its registered office at St George’s Business Complex, 4th Floor, Triq Elija Zammit, San Giljan, STJ 3150, Malta. 

4.2. The designated GDPR contact person is Lorenzo Parigi, who is responsible for processing data on behalf of GYT.

4.3. Contact Details for GDPR Inquiries:

  • Email: info@getyourtickets.shop

5. Data We Collect

5.1. Identification information and User/Event Organiser account details: Full name, email address, phone number, age, date of birth, and account credentials.
5.2. Transaction data: Ticket purchases, payment status, payment history (processed via third-party providers; GYT does not collect or store payment details). 
5.3. Technical and usage data: IP address, browser type and version, device type, operating system, login timestamps, site usage activity. 
5.4. Event-related data: Event participation details, refund requests. 
5.5. Marketing Preferences: Opt-in/opt-out for promotional content. 
5.6. Cookies and tracking data: For analytics, security, and functionality purposes (see Cookies Policy section).

We do not collect sensitive data (e.g., religion, sexual orientation, health data) or payment details.

6. Purpose and Legal Grounds for Processing

6.1. Purpose of Data Processing:

  • To provide the GYT Services, including ticket purchases, event updates, and customer support. To maintain and improve the GYT Services and related functionalities and features of the GYT Services.
  • For account management, registration, authentication, and account security.
  • For marketing and promotional purposes, including special offers and event recommendations (only with user consent).
  • To comply with legal obligations, including tax and accounting regulations.
  • To improve platform functionality, conduct analytics, and enhance user experience.
  • For the purposes of defending any legal claims;
  • Verification of requests: to verify and process any requests sent by you as per your right to access indicated in this Privacy Policy;
  • Address any queries that you may have in relation to the GYT Services;

6.2. Legal Basis for Processing Data:

  • Performance of a contract (ticket purchase and service provision).
  • Legitimate interest (fraud prevention, security, service improvement).
  • User consent (for marketing communications and cookies).
  • Legal compliance (record-keeping).

7. Data Retention & Deletion

We will not keep your personal data for longer than it is necessary for the fulfilment of the purposes as set out in this Privacy Notice.

The typical retention period of GYT is as follows:

7.1. Account Data: Retained as long as the account is active. If an account remains inactive for 24 months, it may be automatically deleted unless required for compliance with financial or legal obligations.
7.2. Transaction Data: Stored for 7 years to comply with Maltese financial laws. 
7.3. Marketing Preferences: Retained until the user withdraws consent. 
7.4. Account Deletion Requests: Users may delete their account via Dashboard > Profile or by contacting info@getyourtickets.shop. Some data may be retained for compliance purposes.

7.5 In the event of a data breach that may impact user data, GYT will notify affected users and relevant authorities in accordance with GDPR Article 33 within 72 hours of detection.

Certain personal information may be found necessary to be kept for longer periods than the ones indicated hereabove in order to comply with legal/statutory obligations or to defend any legal claims, or to be able to respond to any enquiries and/or investigations from any government authorities and/or agencies or courts of law. In the latter cases, the information shall be kept for the time necessary until the said legal/statutory obligation ceases to apply, or the legal claims and/or investigations and/or enquiries are finally concluded up to the last instance, and/or until the risks thereof are finally mitigated or eliminated.

 

8.  Who do we share the data with

8.1. Internally: information may be shared internally to any employees of GYT;

8.2. Suppliers: we share information with certain suppliers used to facilitate the GYT Services, for example, our software developers who provide maintenance services and/or email, server, cloud providers;

8.3. Public authorities and any courts of law when necessary for the fulfilment of a legal obligation, and/or upon request from such public authorities and courts of law, and/or for the purposes of defending any legal claims;

8.4. Banks, payment providers and auditors: GYT may share certain information to the banks where GYT holds its bank accounts, to payment providers who facilitate the payments, as well as to the auditors in order to fulfil any statutory or internal audit obligations;

8.5. Advisors and service providers: GYT may share your information to its accountants, service providers and any other legal, tax or other advisors/consultants engaged by GYT to perform certain services as necessary.8.6. Event Organisers: We share your data with Event Organisers for the purpose of the Event Organisers to be able to provide you access to the event and to provide their service in relation to the specific event you have acquired tickets for.

Personal data may be shared by GYT with entities that are located within the European Economic Area (EEA), which are subject to European Union legislations. GYT does not share any personal information with entities that are located outside the EEA. Should there be any instances whereby GYT shall be required to share information with entities located outside the EEA, GYT shall inform you prior to sharing such information, where and if allowed by law.

9. Rights Under GDPR

9.1. Right to access – You have the right to know what personal data we hold on you. You can request a copy of their personal data when technically possible and when it does not have any negative impact on other data subjects. .
9.2. Right to rectification – You have the right to correct, or request that inaccurate data is corrected. 
9.3. Right to erasure – You can request deletion of their data and we will be able to comply with your request, unless we have reasons of necessity or any obligations to continue holding your data for longer periods. In the latter events, GYT shall duly notify you when possible and subject to restrictions set out at law, in reply to your request for deletion of personal data. 
9.4. Right to restrict processing – You can request limitations on data processing. 
9.5. Right to object – You can opt out of certain types of processing. 
9.6. Right to data ortability – You can request transfer of data to another provider when processing of your personal data is based on consent or contract and when this is technically feasible. 
9.7. Right to withdraw consent – You can withdraw your consent at any time if the only legal ground for processing personal data is conent. 
9.8. Right to lodge a complaint – You can contact the Maltese Data Protection Authority in order to lodge a complaint.

9.10. Right to information – you have the right to be informed on, amongst others, who, how, why, where, when and for how long your personal data is being processed. 

10. Cookie Policy & Tracking

10.1. GYT uses cookies for platform functionality and analytics. 
10.2. A cookie consent banner is provided for users to manage cookie preferences. 
10.3. Types of Cookies Used:

  • Essential cookies – Required for platform operation.
  • Performance cookies – Track usage and improve site functionality.
  • Functional cookies – Store user preferences.
  • Advertising cookies – Personalize marketing efforts.

10.4. Our cookies help us to:

  • Make our software work as per your expectations;
  • Save you from having to log in every time you visit the website;
  • Remember your settings during and between visits;
  • Improve the speed and security of the website;
  • Continuously improve our website/app for the benefit of our users;
  • Make our marketing more efficient (ultimately helping us to offer the best and most suitable service for you).

11. Event Organisers & Data Processing Responsibilities[BH2] 

11.1. Event Organisers using GYT’s platform are bound by this Privacy Notice and must comply with GDPR obligations when processing User data received through the GYT Platform. 
11.2. By using GYT’s Services, Event Organisers acknowledge and agree to these terms, including the lawful processing, protection, and security of user data. 
11.3. Event Organisers may only use User data for event-related purposes and are prohibited from sharing, selling, or otherwise misusing such data. 
11.4. Any breach of these obligations may result in suspension or termination of access to the GYT’s platform.

Final Notes

  • Last updated: 14/04/2025
  • GDPR Contact Email: info@getyourtickets.shop

By using our GYT Platform, you agree to this Privacy Notice


LOADING...