Introduction

EventsCabin is an online ticket and events marketplace where independent businesses and clients can list their events and tickets and or similar inventory to customers.

Personal information

As a company that processes and stores personal information of customers, we follow best practice to ensure data is used and stored in compliance with all relevant laws. EventsCabin is an online ticket marketplace where independent businesses and clients can list their tickets and or similar inventory to customers. To deliver this service, EventsCabin collects information from customers in order to perform the following:

1. Processing of tickets purchase
2. Deliver good customer service experience.
3. Risk and Fraud detection
4. Fulfilment of service provided by the ticket.
5. Communicating with customers when circumstance of ticket fulfilment has changed.
6. Outbound marketing to EventsCabin customers.

EventsCabin only collects personal information directly from the customer, except as otherwise as outlined below:

1. Onboarding of customer data by a new Client from a legacy ticketing system where customer has provided consent.
2. Collection of the information from a new Client that allows EventsCabin to fulfil its responsibilities which does not prejudice a legitimate interest of the customer.

EventsCabin collects a range of personal data for the purpose of executing on its mandated service to the client. Again, EventsCabin makes the customer aware that the data collected will only be used for the purposes of fulfilling its mandate.

EventsCabin allows the customer to edit their customer data and provides for the customer to delete their information from EventsCabin when they so wish.

Sharing of Personal Data.

EventsCabin is a ticket marketplace and therefore hosts many independent clients selling ticket on their behalf. EventsCabin shares personal data of customers that purchase tickets hosted by the client on EventsCabin. EventsCabin shares the relevant customer data that is required for the fulfilment and execution of the ticket obligations. The customer data collected and shared is governed by the relevant regulations and laws in which the client operates. Sharing of data is permission based. Confidential information is not shared unless explicit permission from the customer has been received.

EventsCabin will not share personal data with 3rd parties unless compelled by law or a court action.

Use of Personal Data

Communication with Customers

EventsCabin will only communicate with customers regarding the fulfilment of their ticket obligation and legal mandate. Should the ticket conditions and obligation change (such as cancellation of event, change in time or venue etc.) since the customer purchased the ticket, EventsCabin will communicate directly with the customer to outline the changes.

Marketing services

EventsCabin shall only send marketing communications to customers that have explicitly provided permission for EventsCabin to contact them. Moreover, customers can decide any time to change permissions on how EventsCabin is allowed to communicate with them. Clients based marketing is also permission based. Clients will be permitted to send marketing-based communications to customers only after explicit consent.

Use of 3rd Party Service providers

EventsCabin will use the services of independent service providers who may use personal customer data. EventsCabin will employ the following principles when engaging service providers.

1. EventsCabin performs a due diligence on service provider to understand the risk and data security measure undertaken by the service provider.
2. EventsCabin can request service provider to complete a risk assessment and questionnaire to assess security of data and risks.
3. Only bare minimum of data is shared with service provider.
4. No confidential or sensitive information is shared without the permission of customer.
5. Annual evaluation to assess changes in risks, if any.

In some cases, a 3rd-party may handle the in-store registrations acting on our behalf and governed by this Privacy Policy in terms of capturing your personal information.

PCI/DSS Compliance

EventsCabin, through their payment service providers subscribes to and is PCI/DSS compliant.

EventsCabin use payment partners who are PCI level 1 certified for the services of payment gateway/platform, internet & ecommerce services and clearing and settlement.

EventsCabin does not store card details.

Security Governance and Management

EventsCabin store and secure data making use of cloud-based infrastructure hosting by a 3rd party service provider. Access to cloud infrastructure is largely via VPN or Multi-Factor Authentication. All sensitive data is encrypted and EventsCabin staff only have data allowing them to perform the functions of ticket fulfilment and customer support.

All sensitive data will be encrypted and not visible by any EventsCabin staff or 3rd parties.

Warrantees and Guarantees

EventsCabin will use its best efforts to ensure it is compliant with all applicable regulations. Should any breach of data occur as envisaged by the data protection regulations, EventsCabin will immediately notify the relevant Clients and data subjects of such a breach and where the relevant Regulator needs to be informed.