GDPR compliance
A high-level overview of how AvisTickets supports GDPR-aware handling of event and buyer data.
Data protection approach
AvisTickets is designed to limit access to personal data based on user role and event context, with separate access paths for buyers, organizers, scanner staff, and platform administration.
We aim to collect only the information needed for event delivery, communication, payment confirmation, and attendance operations.
Rights and controls
- Users may request access, correction, or deletion where legally appropriate.
- Organizers should use attendee data only for legitimate event operations and compliant communications.
- Mailbox integrations rely on delegated OAuth consent rather than storing personal mailbox passwords.
Processors and safeguards
Hosting, database, storage, payment, messaging, and mapping providers may process data on our behalf under their own contractual and technical safeguards.