Privacy Policy www.dăBilet.ro
Your personal data is processed by IA BILET SRL, with its registered office at Bd. Pierre de Coubertin no. 3-5, lot 3/1, Office Building, 5th floor, space E5-21, Sector 2, Bucharest, with unique registration code 30394071 and registration number at the Trade Register J40/7745/4.07.2012 (“dăBilet.ro”).
dăBilet.ro is committed to protecting your data privacy in accordance with applicable legislation. This personal data processing policy governs the collection, use, disclosure, retention, and protection of your personal information.
This Privacy Policy is part of the Terms and Conditions of use of the website www.dăbilet.ro (the "Website") and applies to personal data collected through the dăbilet.ro website and the associated mobile application, regardless of how they are accessed or used, including via mobile devices, as well as data collected from other sources in connection with dăBilet.ro's services (the "Services").
Whenever we change the personal data processing policy, you will be informed by publishing it on the Website, and you can choose at any time whether you want to continue using our Services. The new personal data processing policy will take effect on the date it is published on the Website.
To use the Services, you must be at least 18 years old. By using the Services, completing the account creation details, and/or accepting the Terms and Conditions, you guarantee that you are over 18 years old.
dăBilet.ro recommends that parents take an active role in supervising their children's online activities. If you believe we have collected personal data from a minor, please contact us at: [email protected].
1. What information we collect about you
Personal data refers to information related to an identified or identifiable natural person. An identifiable natural person is someone who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Information that has been anonymized or pseudonymized so that it can no longer be used to identify a particular natural person is not considered personal data.
We collect personal data from you when you use our Services.
You should know that there are several types of information we collect about dăBilet.ro users:
a) Identification and personal characteristics - information that can directly identify you and may include, for example, your name, surname, address, phone number, or email address.
b) Other data that may indirectly identify you - information that generally refers to the computer or mobile device you use to access dăBilet.ro services, the web pages you have visited, the services you have accessed, transaction history, IP address, information about your Internet connection, etc.
Ticket Purchase and dăBilet.ro User Account
To use the Services, the buyer will create a user account during the purchase flow or by following these steps on the website www.dăbilet.ro: "Register / Log in". When you create an account on dăBilet.ro, we ask for information such as your email address, first name, last name, and phone number. These details are provided directly by the user to create a valid account and are necessary for providing our Services.
We will also notify you of any changes, rescheduling, cancellation, or postponement of the event for which you have purchased a ticket.
In the created account, the user will be able to view their order history and manage their vouchers.
When making a purchase, each ticket buyer has the option to decide whether they want to receive commercial communications, such as the weekly newsletter with recommendations from dăBilet.ro.
All contact details are necessary for us to send you the ticket in electronic format and to identify you correctly. Situations where additional identification measures may be required could arise in the case of a refund request due to an event postponement or cancellation, in accordance with dăBilet.ro's Terms and Conditions. In such cases, we will also process your banking details (IBAN code) to make the necessary payments.
Card Payment
Payments on the Site can only be made with a card by clicking on the Choose button next to the Mastercard and Visa logos, and thus, you understand and agree that:
You will leave the dăBilet.ro interface and be redirected to the card payment processor's interface;
• Any data you enter in the processor's site/interface will be subject to the processor's Privacy Policy;
The data entered in the processor's site/interface will be stored by the processor within the European Community; • The processor will be responsible for processing the data you provide in its site/interface.
Sensitive Personal Information
dăBilet.ro does not collect sensitive personal data.
Use of Our Services / Marketing Messages from dăBilet.ro
dăBilet.ro may collect information about your use of our Services. We may also collect information about the marketing messages we send you and how you respond to them or the actions you take in relation to them.
Additionally, we may collect personal data from other sources, as detailed below.
2. How We Collect Information About You
We collect information about you in three ways:
a) Directly - when you register on the Website; when you subscribe to the newsletter; when you purchase tickets for events listed on the Website; when you contact us and request a response, or when you interact directly with us. It is crucial to remember that if other people use your computer or mobile device, you should log out after finishing your browsing session. Otherwise, anyone with access to your devices will automatically have access to the information you have provided or that we have provided to you (e.g., tickets and vouchers saved in your account).
b) Automatically - when you use dăBilet.ro services online, we collect information through cookies and by logging your activity. We primarily collect information about your device and connection, such as statistics regarding page views, traffic to and from websites, and transaction history. For more information about cookies, please consult the information on the Website (About cookies).
Additionally, if you have previously provided us with personal information, we can automatically associate that information with other data collected from your user account whenever you log in, allowing us to identify you across multiple devices and browsers and provide you with the same browsing experience regardless of the platform you use.
c) From third parties - we may also obtain information about you from third parties that process data through cookies, such as social media platforms, and market research companies.
Please note that you can request the deletion of your dăBilet.ro account at any time by sending an email to [email protected]. Once you make this request, you will no longer have access to your dăBilet.ro account or the information saved in it (e.g., information about tickets you have already purchased for past or future events).
3. How We Use Your Information
We primarily use your personal data to provide and improve our Services, to offer you a pleasant experience on our Website, to contact you regarding your account activity, and to provide support services.
To this end, we (and our service providers) may use your personal data for various purposes. For example, we may use this information:
to provide you with the Services and products you have requested;
to create a dăBilet.ro user account during the purchase flow and automatically generate an account on www.iabilet.ro if the buyer does not already have one;
to measure traffic and personalize the Services we offer; • To respond to your requests and comments;
to prevent and resolve disputes;
to inform you about delays, rescheduling, cancellations, or changes related to events for which you have purchased tickets;
to pay amounts owed to you by us or event organizers, if applicable;
to provide you with technical support related to the Services;
to send you announcements and administrative messages;
to send you newsletters and information about products, Services, and promotions related to us or other companies or organizations we work with. Note that you must subscribe (OPT-IN) when purchasing a ticket from the Website's homepage;
to recognize the devices you use when accessing dăBilet.ro and associate them with your profile;
to process payments and issue invoices;
to send your ticket (via email);
to display your name on access scanners when your ticket is scanned (for venues with table reservations to guide you to your table);
to enable you to share information on social media platforms;
to prevent, detect, combat, and investigate fraud, security breaches, or other potentially prohibited or illegal activities;
to enforce the Terms and Conditions of use of the Website.
Therefore, processing is necessary to perform a contract to which you are a party, to fulfill a legal obligation incumbent upon the operator, or to pursue legitimate interests pursued by the operator or a third party, unless your interests or fundamental rights and freedoms that require personal data protection prevail.
With your consent, we may use your personal data to send you commercial communications via email or SMS. You have the right to withdraw your consent at any time.
We process your personal data only for the purposes communicated to you. If we use it for other purposes, it will only be with your notification or consent, as applicable.
Your data is not public and cannot be viewed by other users of the Website.
4. How and With Whom We Share Your Information
We may disclose your personal data to third parties in accordance with applicable law. This disclosure may be necessary to provide you with access to our services, to enable you to benefit from the tickets/performances/leisure services you have purchased (e.g., to grant access to the event venue if tickets are nominal), to comply with legal obligations, to conduct or optimize marketing activities, or to prevent, detect, combat, and investigate fraudulent or illegal activities related to our services. We strive to minimize the amount of personal data disclosed to what is directly relevant and necessary to achieve the specified purpose.
Service providers: to perform certain functions related to dăBilet.ro's activities. For example, our service providers may offer services such as research, analysis, website hosting, transaction processing, database maintenance, the provision of technology services and platforms, deliveries, and payment processing. Typically, when we provide these companies with personal information, we take special care to share only the information necessary for them to perform their functions, explicitly agreeing that this information can only be used when required to carry out services on our behalf. Similarly, we take steps to require our service providers to protect the personal information shared with them.
For card payment processing, we use specialized services provided by authorized payment processors, such as Revolut Checkout. Payments are made directly on the processor's page; dăBilet.ro provides the transaction details but does not store card data, as the payment is processed exclusively by the processor, and your data is handled solely by them.
To ensure efficient communication, some email messages (e.g., newsletters) are sent using the specialized service Sendy. Messages are transmitted exclusively at the operator's request (dăBilet.ro) based on our instructions, and reports regarding delivery and interaction with these messages are retained in the operator's account.
Technical service providers, programming services, accounting, legal assistance, banks, and other business partners are involved when necessary to execute a contract or when there is a legitimate interest of our company, without affecting the rights of the data subjects and while respecting necessary security measures.
Third-party companies with separate data: We may share information about your use of dăBilet.ro services with third parties to whom you have separately provided your data (e.g., if you created an account with them). In such cases, we can complete their data using a shared identifier that may indirectly identify you.
Event venues, operators, and organizers: We may provide personal data (including identity information) to event organizers, operators, venues, and promoters to facilitate access to the venue or the event location, or to resolve issues related to your participation/reservation. For instance, for some performances, tickets are nominal, so your personal data will be disclosed to the organizers to carry out the access formalities for the event location. Please note that in all these cases, your personal data will be processed by the organizers as independent data controllers, and their privacy policies will apply fully.
Social media: You can interact with certain dăBilet.ro service features that may result in publishing your personal information (name, surname) on your social media accounts. Accordingly, certain personal data collected by dăBilet.ro may be combined with your social media information when you permit sharing. Remember that the dăBilet.ro Facebook page may collect information about you, even if you do not regularly access that page.
Opt-Ins: On certain dăBilet.ro pages, we may place opt-in options for receiving communications from partner companies. If you subscribe or agree to share your personal data with these companies, we may disclose information that identifies you.
Sale of our business or assets: If we sell our company or part of it/assets, or if we are involved in a merger or business transfer, we may share your personal data with third parties in line with our privacy standards, including for evaluating and implementing such an operation. In such a case, the acquiring entity will initially assume all obligations imposed by this Privacy Policy, and their privacy policy may later govern the continued processing of your data.
Disputes/Defending rights/Requests from authorities: We may use or disclose your personal data, wholly or partially, to cooperate with or support public authorities (including tax authorities, law enforcement agencies, and courts) in response to an official request. We will disclose information we consider relevant to the investigation or explicitly required by the authorities. We will also use or disclose your data when necessary to defend dăBilet.ro's rights in court, including in connection with or to prevent suspected or potential fraud. We may also disclose your data to third parties involved in judicial or administrative proceedings if they provide a court order or a decision from the competent administrative authority. For clarity, if we receive a request from competent state authorities requiring disclosure of personal data in compliance with legal obligations, we are required to comply.
5. Additional Information on How and with Whom We Share Your Information
We may collaborate with market research companies or data analytics service providers to better understand how our website is used and to improve the user experience. These third-party companies may use cookies or other similar technologies to collect anonymous information about interactions with our website. The use of these technologies by third-party companies is subject to their own privacy policies and is not covered by this privacy policy.
6. How We Protect Personal Data
dăBilet.ro has implemented appropriate technical and administrative security measures to reduce the risks associated with the processing of personal data.
We ensure that our procedures and technical/access standards for dăBilet.ro services are maintained at a high level to protect your personal data against loss, misuse, unauthorized access, disclosure, alteration, or destruction.
As part of our ongoing commitment to data security, dăBilet.ro will:
• Delete or destroy data in electronic or paper format when it is no longer needed.
• Conduct regular risk assessments for all IT systems.
• Inventory and manage IT systems throughout their lifecycle.
• Train staff on data security practices.
• Grant access rights based on job responsibilities.
• Ensure that service providers sign appropriate data confidentiality agreements with our company.
• Use security solutions to protect IT systems from malware or virus attacks.
• Maintain backup copies of critical information to avoid data loss.
• Apply regular security patches to protect systems from vulnerabilities.
• Respond to security incidents consistently and promptly.
• Monitor network traffic to identify harmful or suspicious activities and quickly respond to threats.
Some of the protection measures we use include firewalls, regular security patch application, physical access control to the data center, and controlled authorized access to information.
All dăBilet.ro servers run up-to-date versions of operating systems and applications.
Regarding the physical security of equipment, they are hosted at the Cyberfolks.ro data center (owned by CYBER_FOLKS S.R.L.).
Ensuring data against accidental loss involves storing it on redundant media, daily system backups, and continuous backups of databases.
Unfortunately, no data transmission is guaranteed to be 100% secure. Unauthorized third parties beyond our control may intercept or illegally access transmissions or private communications. Thus, you transmit personal identity information at your own risk. If you detect any irregularities and believe we can assist you, please contact us at [email protected].
Please remember to keep your dăBilet.ro password confidential.
If you believe your interaction with any dăBilet.ro service is no longer secure, please contact us immediately at [email protected].
Username and Passwords
It is crucial to protect and maintain account security; notify us immediately of any unauthorized use of your dăBilet.ro account. Do not share your password with others!
7. Data Transfers to Third Countries
The information we collect about you may be transferred to or stored in destinations outside the European Economic Area. There may also be situations where your data is processed by individuals (employees of service providers for dăBilet.ro) located outside the European Economic Area. By providing your personal data to dăBilet.ro, you agree to all the terms mentioned above in this paragraph.
Data transfers to third countries are conducted only with appropriate safeguards.
The use of services such as RollBar, Groove, Twilio, Typeform, Amazon Web Services, Facebook, Revolut Checkout, and Google for processing your personal data may involve transfers outside the EEA. In these cases, our company and the mentioned entities implement appropriate data protection mechanisms, including adherence to EU-approved standard contractual clauses. You can review these policies here:
RollBar – https://rollbar.com/compliance/gdpr/
Groove – https://www.groovehq.com/our/privacy#wearegdprready
Twilio – https://www.twilio.com/legal/data-protection-addendum
Typeform – https://admin.typeform.com/to/dwk6gt/
Amazon Web Services – https://aws.amazon.com/premiumsupport/knowledge-center/gdpr-compliance/
Facebook – https://www.facebook.com/business/gdpr
Revolut Checkout – https://www.revolut.com/legal/pay-with-revolut-checkout-privacy/
Google – https://policies.google.com/privacy?hl=en-RO&fg=1
8. Your Rights and Choices
Communication Preferences and Unsubscribe Options (OPT-OUT)
If you have subscribed to one or more newsletters and no longer wish to receive them, you can unsubscribe. Select the link at the bottom of any message to unsubscribe from marketing and promotional emails. However, please note that you cannot unsubscribe from essential messages related to your use of dăBilet.ro services.
Cookies and Similar Technologies
For more information about the use of cookies and similar technologies in our online services (including opt-out options), please refer to the cookies section on the Website.
Right to be Informed
You have the right to know what personal data we process about you. Data subjects have the right to be informed about the processing of their personal data. This privacy policy informs service users about the operator's identity and contact details, the purposes of personal data processing and the legal basis for processing, the categories of data recipients, transfers to third countries or international organizations, the data storage period, and their rights.
Right of Access
Users have the right to obtain from us confirmation as to whether or not we are processing personal data concerning them and, if so, access to that data along with relevant information.
Upon request, we can provide a copy of the personal data being processed. For additional copies, we may charge a reasonable fee based on administrative costs. Information will be provided in a commonly used electronic format. We reserve the right to refuse manifestly unfounded, excessive, or repetitive requests.
Right to Rectification
If your personal data is incorrect or incomplete, you have the right to update or request us to update it.
Users may request the rectification of inaccurate personal data and the completion of incomplete personal data, including by providing a supplementary statement.
Right to Object
You have the right to object to the processing of your personal data whenever we process it based on our legitimate interests.
Users can object at any time to the processing of their data on legitimate grounds relating to their particular situation, including profiling. If the objection is justified, processing can no longer involve the relevant data.
Right to Erasure ('Right to be Forgotten')
Users can request the deletion of their personal data if:
• the data is no longer necessary for the purposes for which it was collected or processed;
• the user withdraws the consent on which the processing is based, and no other legal ground exists;
• the user objects to processing based on legitimate interest;
• the data was unlawfully processed;
• the data must be erased to comply with a legal obligation.
According to legal provisions, the obligation to delete user data does not apply to the extent that processing is necessary:
• for the exercise of the right to freedom of expression and information;
• to comply with a legal obligation or perform a task carried out in the public interest;
• for reasons of public interest in public health;
• for archiving purposes in the public interest, scientific or historical research, or statistical purposes;
• for the establishment, exercise, or defense of legal claims.
The Right to Restrict Processing
• the user has the right to obtain the restriction of processing if one of the following situations applies:
• the user contests the accuracy of the data, for a period that allows us to verify the accuracy of the data;
• the processing is unlawful, and the user objects to the deletion of personal data, requesting instead the restriction of their use;
•we no longer need the personal data for processing purposes, but the user requests it for the establishment, exercise, or defense of a legal claim;
• the user has objected to the processing, for the period during which it is verified whether the legitimate grounds of the controller override those of the data subject.
Deleting your personal data or restricting the way we process it will result in the inability to use the Services.
The Right to Data Portability
The user has the right to receive the personal data concerning them, which they have provided to the controller, in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another controller without hindrance from the controller to which the personal data were provided, if:
he processing is based on consent or a contract, and
the processing is carried out by automated means.
When exercising their right to data portability, the user has the right to have their personal data transmitted directly from one controller to another, where technically feasible.
If you exercise this right, you will receive the requested data via email.
The Right Not to Be Subject to Automated Individual Decision-Making
Users have the right to request and obtain the withdrawal, cancellation, or reassessment of any decision that produces legal effects concerning them, adopted solely based on automated processing of personal data intended to evaluate certain aspects of their personality, such as professional competence, reliability, behavior, or other similar aspects.
The Right to Seek Legal Remedies
Without prejudice to the possibility of filing a complaint with the data protection supervisory authority, users have the right to take legal action to protect any rights guaranteed by law that have been violated.
If a user has suffered damage due to unlawful personal data processing, they may address the competent court to seek compensation.
For any request regarding the use of your personal data, you can contact us at:
Email: [email protected]
Address: Bd. Pierre de Coubertin nr. 3-5, lot 3/1, Office Building, 5th floor, space E5-21, Sector 2, Bucharest.
We encourage you to ensure that the personal data you provide to our company is complete and accurate. Our team will make every effort to respond to your requests as quickly as possible.
According to personal data protection regulations, the response time is 30 days. If, due to the complexity of the request, we cannot implement the requested measures within one month, this period may be extended, in accordance with applicable legislation, by up to 60 days. In this case, you will be informed within 30 days of submitting your request about the reasons for the delay.
However, we may refuse your requests in certain cases, to the extent that they are unfounded, in accordance with applicable legislation.
Data Retention and Deletion. Applicable Terms
We may retain your data for as long as you use the dăBilet.ro services and for a reasonable period afterward, as necessary to ensure compliance with legal obligations, optimal resolution of disputes, and the enforcement of our policies. Please note that some or all of the data you provide may be required for dăBilet.ro services to function correctly, and we may be legally obligated to retain certain information.
Once it is no longer necessary to retain your personal data, we will delete it securely, in accordance with our data retention and deletion policies. If you choose to close your account, and provided the data is no longer required for compliance with applicable legal requirements or for protecting dăBilet.ro's legal rights and interests, the data will be deleted or anonymized.
By way of exception, your personal data included in accounting records and supporting documents forming the basis of financial accounting entries will be retained in the company’s archives for 10 years, starting from the end of the financial year in which they were created.
Anonymized data will be used strictly for subsequent statistical analysis.
9. Consent for Processing and Transferring Your Information
The dăBilet.ro services are governed by and operated in accordance with the laws of Romania and the European Union.
If you are located outside Romania, please be aware that the information we collect, including personal data, may be transferred to, processed, stored, and used in Romania.
10. Links to Other Websites and Services
On our website, you may encounter links to other websites. These websites operate independently from our site and have their own privacy notices, statements, or policies regarding the processing of personal data. We recommend reviewing these policies to understand how your personal data may be processed in connection with those websites.
We are not responsible for the content, use, or privacy practices of websites that are not owned or operated by us.
11. Cloud
dăBilet.ro may store personal data in a cloud environment. This means that your personal data may be processed on our behalf by a cloud service provider and may be stored in various locations around the world. We will implement organizational and contractual measures to protect your personal data and will impose similar or stricter requirements on our cloud service providers, including provisions ensuring that personal data is processed exclusively for the purposes mentioned above.
12. Contact Us
For any questions regarding this Privacy Policy, please contact us at:
Email: [email protected]
Please refer to the Terms and Conditions of dăBilet.ro for more information.