Everything you need to know about GDPR and Ticketmaster’s approach to privacy

June 28, 2018

Everything you need to know about GDPR and Ticketmaster’s approach to privacy

The GDPR (General Data Protection Regulation) comes into effect on Friday 25 May 2018. It enhances existing data protection laws across Europe, creating a single framework and approach for how personal data should be managed.

This includes updated rules around collection, use, storage and how we share the personal data of fans, clients and employees. Building on existing data protection laws, it gives all of us increased rights around how our data is used and handled.

At its heart, it brings data protection into the 21st Century, as existing laws were introduced well before the likes of social media or online marketing. At Ticketmaster, we welcome the dawn of this new Privacy era. 

Ticketmaster’s Approach to Privacy

At Ticketmaster, our clients and fans are at the heart of everything we do. Our goal is to maintain trust and confidence by handling personal information with respect and by putting fans in control.

Known as a trusted brand of choice, our approach to Privacy plays an integral part in our success. This guide is intended to provide a summary of Ticketmaster’s Global Privacy Program.

Introduction

Privacy, as a concept, has been enshrined in law since the 1980s. But the rise of the internet and the way data now flows across international borders has really brought Privacy into focus.

At its core, Privacy is about trust. Recognising this, Ticketmaster has a dedicated Global Privacy Office and operates under a global privacy control framework. 

Ticketmaster’s new Privacy Hub

In support of our commitment to Privacy, we will be launching a brand-new Privacy Hub across all of the Ticketmaster International websites. This Hub is designed with the consumer in mind, explaining in basic terms what information we collect, why we collect it and what rights and choices our fans have. 

The Privacy Hub will be available on all International sites from 25 May and will include our Privacy Promise video which you can view now by clicking on the image below.

Our Privacy Commitment

We take Privacy seriously. 

Committing to Privacy means that, globally, irrespective of where our fans or clients are, we make the following promises about how we handle personal information:

  1. Collection.  We will only collect personal information that is needed and will do so in a lawful, fair and transparent manner.
  2. Notice and Processing. We will explain clearly what personal data we collect from fans, how the personal data we collect is used, including how long we will keep it for, what we will do with that data
  3. Choice. We will let fans choose whether to receive ongoing communications from us and how.  
  4. Data Quality. We will ensure that personal data is up to date and provide our fans with options to update their personal data.
  5. Security and Confidentiality. We will protect and secure data shared with us from unauthorised access and use.  
  6. Data Sharing. We will ensure that fans are aware of who we share personal data with and that we only share their data with trusted parties who will manage data with the same high standards we have at Ticketmaster.
  7. Openness and Data Access. We will provide fans with a copy of the data we hold about them, if requested.
  8. International Transfer. Because of the international nature of our business, we want to ensure that wherever personal information flows within our Group, irrespective of territory or origin, it is treated with the same European standard of protection. This is why we have sought the gold standard of approval from European regulators, known as Binding Corporate Rules.
  9. Responsibility. We are the custodians of the personal data that is shared with us, because of this, we always handle this data responsibly and treat it with respect.
  10. Accountability. We will ensure that we are responsible and can demonstrate our accountability to our fans and clients as well as any global Data Protection Regulators about how we use and share personal data.

Enhanced Marketing Opt-In for Clients

Under GDPR, when fans opt-in to receive marketing communications they will need to make a ‘clear affirmative action’. This means that pre-ticked boxes will be removed and fans will have to actively give their consent to receive marketing. The law requires us to name the event partners that we are collecting marketing consent on behalf of. 

From the 25 May, the following wording will be presented at checkout:

Event Partner Marketing

snipimage_006.jpg

Just a few handy tips to note in relation to Event Partner marketing opt-ins:

  • As a default, the ‘contracted party’ will be the only Event Partners listed. In most cases, this is the entity who is responsible for putting on the show or event.
  • If you, as the contracted party, want other partners to be named e.g. a venue or promoter, you will need to provide instruction on the event set up form. 
  • We are limited to listing a maximum of four Event Partners on any event and cannot add any additional opt-in questions or buttons.
  • The contracted party will appear as the first Event Partner in the list above, unfortunately this order cannot be amended.
  • We will not include links to Event Partners’ Privacy Policies at this stage but will be looking to develop this feature in the future.
  • There is no impact on how we share information with our Event Partners so that they can run the event and for other reasons described in their Privacy Policies. 
  • If an Event Partner is not included at the point of the event going on sale but added at a later date, they will only have rights to the opted-in data from the date and time at which their name was listed. 
  • The wording above will be used for all transactions, we cannot provide bespoke wording.

Ticketmaster’s new process for handling Fan Privacy enquiries

We respect and acknowledge that our fans have rights relating to how we use their personal data. We have designed a handy form to make it easier for fans to exercise their rights and allow us to gather all the necessary information we need to deal with their requests. The ‘Data Subject Rights’ form will be available as a link in all our privacy notices available on all Ticketmaster websites in the local language.

A copy of the form can be found here.

Updated Contractual Terms

For you, our clients, we have prepared a Data Privacy addendum to ensure the contract between us includes the enhanced responsibilities and obligations for both of us under the GDPR.  These are being rolled out by your Client Account Managers. 

It is important you read this document and return it to us, so we can ensure the data sharing between Ticketmaster and your business remains compliant under the GDPR. Should you have any questions about the addendum at any time, you can contact either your Client Account Manager, or our dedicated Privacy Team at [email protected].

Ticketmaster’s Binding Corporate Rules (BCRs)

Finally, we are proud to announce that the Ticketmaster family has formally applied for both Controller and Processor Binding Corporate Rules (BCRs). BCRs are considered the gold standard of compliance under the GDPR and ensure that, no matter where personal information is handled or stored within the Ticketmaster family, we are accountable to European standards which are currently considered the highest threshold of compliance, globally. With the UK’s Information Commissioner’s Office (ICO) acting as lead authority, and both the Irish and Spanish Data Protection Authorities acting as secondary reviewers, our BCR application is a public declaration of our commitment to privacy.

Once approved, Ticketmaster will be the only ticket agent globally able to offer its clients this level of privacy care and protection.

Got Questions?

Contact our dedicated Privacy team at any time: [email protected].

Related News

  • 28 Mar 2024
    The Great Escape Conference 2024 : What To Expect

    Ticketmaster is excited to continue to work closely with The Great Escape. TGE has announced the line-up for the 2024 Conference, which will take place from Wednesday 15th to Saturday 18th May at the Leonardo Royal Waterfront Hotel in Brighton. The Conference:  The TGE Conference is the programme of events presented especially for the 4000 […]

  • 29 Feb 2024
    Ticketmaster welcomes Danny Hannaford as Senior Director of Client Product Solutions

    Ticketmaster is excited to announce the appointment of Danny Hannaford as the Senior Director of Client Product Solutions for our UK operations. Danny has a wealth of experience across various ticketing platforms. In his previous roles, Danny served as the UK General Manager at Ticketek, where he played a key role in overseeing operations. Prior […]

  • 10 Jan 2024
    Ticketmaster announced as Headline Sponsor for The Heavy Music Awards 2024

    The eighth edition of the UK’s leading awards for rock and metal will see the event return to the O2 Forum Kentish Town on Thursday 22 August 2024. Ticketmaster is proud to announce its headline sponsorship of the Heavy Music Awards 2024 (HMA24). Building on its longstanding partnership with the HMAs at the category level, […]