Privacy Policy
Last Updated:2025-07-09
ProTickets Privacy Commitment:
- This Privacy Policy describes how ProTickets ("we," "our," or "us") collects, uses, and discloses your personal information
- Effective Date: May 21, 2025 (Last Updated: May 21, 2025)
- This policy applies to information collected through our website, mobile application, and related services
- By using ProTickets, you consent to the practices described in this Privacy Policy
- We are committed to protecting your privacy in compliance with applicable laws in the United States and Canada
- If you do not agree with our policies, please do not use our services
We collect and process the following categories of information:
- Account Information: Email address, name, profile photo, password (encrypted), and account preferences
- Profile Information: Information you choose to add to your profile (optional biographical details, location)
- Event Tracking Data: Favorites, saved events, presale codes, event preferences, and search history
- Usage Information: How you interact with our services, features used, time spent, and actions taken
- Device Information: IP address, browser type, operating system, device identifiers, and mobile network information
- Location Information: General location based on IP address and precise location if you grant permission
- Payment Information: Credit card details (processed securely by Stripe, not stored on our servers)
- Communications: Customer support inquiries, feedback, and survey responses
- User-Generated Content: Presale codes you share, comments, and other contributions to our community
- Information from Third Parties: When you connect social media accounts or use third-party sign-in services
We collect information through:
- Direct Interactions: Information you provide when creating an account, using our services, or communicating with us
- Automated Technologies: Cookies, web beacons, pixels, and similar technologies that collect information automatically
- Third-Party Sources: Social media platforms, data analytics providers, and marketing partners
- Public Sources: Publicly available information about events and venues
- User Contributions: Information you share in public areas of our platform
- Mobile Devices: If you use our mobile application, we may collect additional information with your permission
- We do not use automated decision-making or profiling that has legal or similarly significant effects on you
We use your information to:
- Provide and improve our services: Delivering AI-powered event analysis, recommendations, and ticket reselling tools
- Process transactions: Managing subscriptions, payments, and related financial records
- Personalize your experience: Customizing content, recommendations, and features based on your preferences
- Communicate with you: Sending service-related notifications, updates, security alerts, and support messages
- Marketing and promotions: Sending marketing communications about our services (with your consent where required)
- Research and analytics: Understanding user behavior to improve our platform and develop new features
- Security and fraud prevention: Protecting our platform and users from unauthorized access and fraud
- Legal compliance: Fulfilling our legal obligations, including responding to legal requests
- We maintain your information only as long as necessary for the purposes identified or as required by law
- Legal basis for processing (where applicable): Contract performance, legitimate interests, consent, and legal obligations
We may share your information with:
- Other Users: When you publicly share presale codes or interact with the community features
- Service Providers: Third parties that help us deliver our services (payment processors, cloud hosting, analytics)
- Business Partners: Trusted partners who help us operate our business and serve you
- Legal Authorities: When required by law, legal process, or to protect our rights or the safety of users
- Corporate Transactions: In connection with a merger, acquisition, or sale of assets
- With Your Consent: When you have explicitly agreed to the sharing of your information
- We require third parties to respect the security of your data and treat it in accordance with applicable laws
- We do not sell your personal information to third parties for monetary consideration
- If we share data with affiliates or subsidiaries, they will follow practices at least as protective as this Privacy Policy
We protect your information through:
- Technical Safeguards: End-to-end encryption for sensitive data, secure HTTPS transmission, and firewalls
- Secure Infrastructure: Data hosted in secure cloud environments with industry-standard protections
- Access Controls: Strict employee access limitations based on job responsibilities
- Regular Security Audits: Ongoing monitoring and periodic testing of our security measures
- Incident Response: Procedures to address potential data breaches, including notification where legally required
- Payment Security: All payment information is processed through PCI-DSS compliant providers
- Employee Training: Regular privacy and security training for all staff members
- While we implement safeguards, no security system is impenetrable, and we cannot guarantee absolute security
- You are responsible for maintaining the security of your account credentials
Depending on your location, you may have the right to:
- Access: Request copies of your personal information that we hold
- Correction: Request that we correct incomplete or inaccurate information
- Deletion: Request that we delete your personal information in certain circumstances
- Restriction: Request that we restrict the processing of your information
- Portability: Request that we transfer your information to another organization or to you
- Withdraw Consent: Withdraw consent where we process data based on consent
- Opt-out: Opt-out of marketing communications and certain data sharing
- For US residents: Additional rights may apply under state laws (California, Virginia, Colorado, etc.)
- For Canadian residents: Rights under PIPEDA (federal) and provincial privacy laws
- To exercise these rights, contact info@protickets.ca or use the privacy controls in your account settings
- We will respond to all legitimate requests within the timeframes required by applicable law (typically 30 days)
For California residents:
- California Consumer Privacy Act (CCPA/CPRA) Rights: Right to know, delete, correct, and limit use of sensitive personal information
- Categories of personal information collected and disclosed are listed in Sections 2 and 5 of this policy
- We do not "sell" or "share" personal information as defined by California law
- We do not use or disclose sensitive personal information for purposes other than those specified in the CCPA
- You may designate an authorized agent to make requests on your behalf
- We will not discriminate against you for exercising your rights under the CCPA
- California Shine the Light Law: We do not share personal information with third parties for their direct marketing purposes
- To exercise your California privacy rights, contact us at info@protickets.ca with "California Privacy Rights" in the subject line
For Canadian residents:
- Personal Information Protection and Electronic Documents Act (PIPEDA) and provincial laws govern our practices
- We comply with all applicable Canadian privacy laws, including requirements for meaningful consent
- We provide appropriate notice before or at the time of collection, or as soon as reasonably practicable
- Canadian residents have the right to access and correct their personal information
- Quebec residents have additional rights under the Act respecting the protection of personal information in the private sector
- Office of the Privacy Commissioner of Canada: You have the right to file a complaint with the OPC
- Canadian Anti-Spam Legislation (CASL): We obtain appropriate consent for commercial electronic messages
- To exercise your Canadian privacy rights, contact us at info@protickets.ca with "Canadian Privacy Request" in the subject line
Our approach to children's data:
- Our services are not directed to children under 18 years of age
- We do not knowingly collect personal information from children under 18
- If we discover we have collected personal information from a child under 18, we will delete it promptly
- Parents or guardians who believe we may have collected information from a child under 18 should contact us immediately
- Children's Online Privacy Protection Act (COPPA): We comply with COPPA requirements
- For teen users (13-17): If permitted by applicable law to use our services, additional protections may apply
- We encourage parents to supervise their children's online activities and teach them about privacy
Cross-border data practices:
- Your information may be transferred to, stored, and processed in countries other than your country of residence
- Primary data storage is in the United States and Canada
- Data Transfer Mechanisms: We use standard contractual clauses, adequacy decisions, and other legal mechanisms
- For transfers from Canada: We ensure a comparable level of protection as required by Canadian privacy laws
- For transfers to or from the EU/EEA: We comply with GDPR requirements for international transfers
- By using our services, you consent to the transfer of information to countries that may have different data protection rules
- If you reside in Canada, your personal information may be accessible to U.S. authorities under applicable laws
- We implement appropriate safeguards to protect your information regardless of where it is processed
Our retention practices:
- We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy
- Account Information: Retained while your account is active and for a period after closure for legal and operational purposes
- Transaction Records: Retained according to financial and tax reporting requirements (typically 7 years)
- Marketing Preferences: Retained until you opt-out or withdraw consent
- Usage Data: May be retained in anonymized form for analytical purposes
- Retention Criteria: Legal obligations, business purposes, potential disputes, technical limitations
- When information is no longer needed, we will delete or anonymize it
- Anonymized or aggregated information that cannot identify you may be retained indefinitely
Policy updates:
- We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements
- Material Changes: We will provide notice of significant changes through our website, email, or in-app notification
- The "Last Updated" date at the top of this policy indicates when it was last revised
- Your continued use of our services after changes constitutes acceptance of the updated policy
- We encourage you to review this policy periodically
- For material changes to how we use personal information, we will seek your consent where required by law
- Prior versions of our Privacy Policy are available upon request
- If you do not agree with the changes, you may close your account