Pursuant to the provisions of Article 23 of the Law on Personal Data Protection ("Official Gazette of the RS", No. 87/2018, hereinafter: the "Law") and pursuant to the General Regulation on Data Protection no. 2016/679, hereinafter: (“GDPR”) Operator Efinitix d.o.o. Belgrade, registration number: 21587621, PIB: 111997236, whose legal representative is Ksenija Morić-Tripić, director, (hereinafter: "Operator"), issues the following:
PERSONAL DATA PROCESSING NOTICE ("Notice")
The purpose of this Notice is for the Operator to ensure the exercise and protection of the right to privacy of persons who purchased tickets for various events at the Operator further (users), as well as to inform them of their rights regarding the processing of personal data.
Personality data being processed
Name, surname, delivery address, telephone number and your e-mail address.
Purpose of the intended data processing and legal basis for data processing
Data are processed for the purpose of concluding and executing contracts for the sale of tickets for various events, as well as for the purpose of sending notifications about these events (eg change of dates, cancellations, etc.). The legal basis for processing is: processing is necessary for the execution of a contract concluded with the data subject or for taking action, at the request of the data subject, before concluding the contract. Providing personal data as a contractual obligation and a necessary condition for concluding a contract. The data in question is a necessary condition for concluding a contract for the purchase of tickets for a particular event.
Data retention period and criteria for its determination
Data are stored for a maximum of 10 years.
The rights of persons whose personal data are processed
The person has the right of access, the right to correct, supplement, delete, limit and transfer data, as well as the right to object and automated decision-making. The person has the right to revoke the consent at any time, provided that the revocation of consent does not affect the admissibility of processing prior to revocation. In case of revocation of consent, the Operator will not process the data of the Person to whom the revocation refers, unless the Operator has the legal authority to process. The above requests are submitted by e-mail to the e-mail address office@efinity.rs. The controller will respond to each request as soon as possible, and in any case no later than 30 days from the receipt of the request in accordance with Article 21 of the Law and Article 12 of the GDPR. A person may file a complaint regarding the processing of his / her personal data before the Commissioner for Information of Public Importance and Personal Data Protection. Providing personal data as a contractual obligation and a necessary condition for concluding a contract.
Technical and organizational measures to protect personal data
The controller and processor have implemented technical and organizational protection measures for the security and integrity of personal data, protection of data from unauthorized access, malicious actions, loss or disclosure of data to unauthorized third parties. By accepting this Notice, the Person is aware and agrees that his personal data specified in this Notice are processed by the Handler and Processor, as well as that these data can be accessed by employees and employees of the Handler and Processor. Persons accessing personal data are obliged to keep the data confidential and secure, and they are required to use personal data only for the above-mentioned purposes.
Operator
Privacy policy
Efinitix d.o.o.
Industry and activity code: 7990, Other reservation service and related activities
Company ID: 21587621
VAT no: 111997236
Web address: tickets.efinity.rs
Email: office@efinity.rs
CALL CENTER: +381 11 44 33 070
Working hours: Monday - Saturday from 9 am to 5 pm, Sunday - non-working day.
Email: office@efinity.rs
Encrypted orders
All your personal data will be transferred by SSL (Secure Socket Layer) method in 128-bit encryption (RSA with 1024 bits) and therefore cannot be used by third parties. This is currently the latest standard of security on the Internet.
Certificate
Efinitix d.o.o. is certified by AlphaSSL (https://www.alphassl.com/). An authorized certificate certifier guarantees the secure transfer of your data and the authenticity of our server.
Cookies
Cookies are alphanumeric packets of information with variable content sent by a web server that are stored on the user's computer and stored for a predetermined period of validity. The use of cookies allows us to examine some data of website visitors and to monitor their use on the Internet. Cookies help to keep track of user interests, internet usage patterns and website history to ensure that the customer shopping experience is optimal. Because cookies are used as a type of bookmark that allows a website to recognize a visitor who returns to the page, they can also be used to store a valid username and password for that website. If the browser sends a previously saved cookie, the service provider that processes the cookie has the ability to connect current visits by users with previous ones, but only in relation to their own content. The information that cookies send makes it easier to identify web browsers, so users can receive relevant and "personalized" content. Cookies make browsing more convenient, including online data security needs and relevant advertising. With the help of cookies, the service provider can also create anonymous statistics about the habits of page viewers, so that it can better customize the look and content of the page. The service provider's website uses two types of cookies: - Temporary cookies - session-id cookies necessary for the use of the website. Their use is essential for the navigation and functioning of the website. Without them, the site or parts of it will not be displayed, browsing becomes obstructed, tickets are not included in the cart, or bank payments cannot be made properly. - Persistent cookies - which will remain on the device, depending on the settings of the web browser, for a long time or until the user deletes them. Inside there are internal and external cookies. Internal cookies are created if the service provider's server installs a cookie and the data is forwarded to its own database. If the cookie is installed by the service provider's server, but the data is forwarded to an external provider, an external cookie is used. Third-party cookies placed by a third party in the user's browser (Google Analytics, Facebook Pixel) are external cookies. They are placed in a search engine if the visited website uses services provided by a third party. The purpose of persistent cookies is to ensure that the website operates at the highest level in order to increase the user experience. When visiting the website, the User may give his consent to the storage of persistent cookies stored on his computer which can be accessed by the service provider by clicking on the cookie warning button on the login page. The user can configure and prevent cookie-related activities using a browser program. By using cookie management, the user can usually use cookies or the cookie tracking option in the Privacy / History / Custom settings menu in the Tools / Settings menu. However, keep in mind that without the use of cookies, the user may not be able to use every service offered by the website, especially payment options. Purpose of data processing: performing payment transactions with the payment service provider, identifying and distinguishing users, identifying the user's current session, storing data created during the session, preventing data loss, identifying and tracking users, web analytics. Scope of processed data: identification number, date, time and previously visited website. Data processing period: Temporary cookies are stored until all websites of the same type are closed. Persistent cookies are stored on the user's computer for a year or until the user deletes them. Possible consequences of failure to provide data: unavailability of certain website services, failed payment transactions, inaccuracies in analytics.
Efinitix d.o.o. uses your e-mail address only for the process of ordering tickets, as well as delivering important notifications about the events for which you bought a ticket (such as changing dates, canceling events, etc.). Efinitix d.o.o. will provide you with information on important improvements to our website / webshop / purchase process only with your prior consent. Efinitix d.o.o. will deliver advertising messages only with your prior consent.
Contract
Our online service involves the agreed use and storage of your data. All changes in our business related to data security and confidentiality will be published on our website.
Protection of personal data Registration, collection and use of information
During the purchase process, we collect information such as name, surname, delivery address, telephone number and your e-mail address. We will use your data only for the purpose of performing our service and payment.
Purpose of the intended data processing
The purpose of data processing is to fulfill contractual obligations related to the purchase of tickets for various events.
Legal basis of data processing
The legal basis for processing is: processing is necessary for the execution of a contract concluded with the data subject or for taking action, at the request of the data subject, before concluding the contract. Providing personal data as a contractual obligation and a necessary condition for concluding a contract. The data in question is a necessary condition for concluding a contract for the purchase of tickets for a particular event.
Data retention period
Data are stored for 10 years.
Orders
You must enter contact information (such as your name, email address, phone number) and payment information (such as payment card number, due date, and payment card name). Efinitix d.o.o. there is no insight into the data related to the payment card, but the process of entering this data is performed on the platform of the payment provider.
Customer relations
The personal information you enter will help us get in touch with you, answer your questions, provide the services you have chosen and manage your account. If necessary, we will contact you by e-mail or phone.
Profile
We collect information that we receive through cookies and log files, but we do not create any "profile" of your preferences. We will associate your personal information with your purchases, but we will not share it with third parties.
Renunciation
We reserve the right to disclose your personal information if required by law and if we believe that disclosure is necessary to protect our rights and / or to comply with a court investigation, court order or legal process.
Logout / shutdown
Upon requesting the entry of your personal data, you also have the option to "refuse" the use of this information for certain purposes.
Log files
In accordance with the rules of most websites, we automatically collect certain information and store it in log files. This information includes Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP) of the pages from which you accessed the site and the page accessed from our system, the date and time of access, and the flow of data per click. This information, which does not identify individual users, is used to analyze trends, administer the site, track user movements and collect demographic data about our users in general. We do not associate this data with personal data.
Security
The security of your personal information is important to us. All your personal data will be transferred by SSL (Secure Socket Layer) method in 128-bit encryption (RSA with 1024 bits) and therefore cannot be used by third parties. This is currently the latest standard of security on the Internet. Efinitix d.o.o. is certified by AlphaSSL (https://www.alphassl.com/). An authorized certificate certifier guarantees the secure transfer of your data and the authenticity of our server. To protect your personal data, we use industry-accepted standards, both during the transfer and when it reaches us. However, no way of sending data over the Internet or electronic storage is 100% secure. Therefore, despite the use of generally accepted standards and methods of protection of your personal data, we cannot guarantee their absolute security. To find out more about security on our site, you can send us an e-mail at office@efinity.rs.
Changes to the Privacy Statement
If we decide to change our privacy policy, we will post these changes on our website and on other sites we deem appropriate. This will help you know how data is collected and used, as well as the circumstances under which it can be discovered. We reserve the right to change this Privacy Statement so that you check it regularly. You will be notified here of changes to our privacy policy, either by email or by notification on our website.
Rights of persons whose data are processed
The person has the right of access, the right to correct, supplement, delete, limit and transfer data, as well as the right to object and automated decision-making. The person has the right to revoke the consent at any time, provided that the revocation of consent does not affect the admissibility of processing prior to revocation. In case of revocation of consent, the Operator will not process the data of the Person to whom the revocation refers, unless the Operator has the legal authority to process. The above requests are submitted by e-mail to the e-mail address office@efinity.rs. The controller will respond to each request as soon as possible, and in any case no later than 30 days from the receipt of the request in accordance with Article 21 of the Law and Article 12 of the GDPR. A person may file a complaint regarding the processing of his / her personal data before the Commissioner for Information of Public Importance and Personal Data Protection.
Contact us
If you have questions or suggestions regarding our privacy policy, you can send us an e-mail at office@efinity.rs.