Security and compliance measures for maintaining, processing and storing Personal Data (GDPR)

Workcation

Billetto takes customer and organiser data very seriously and follows industry standards and regulations to protect such information. Billetto handles customer orders for events and this includes some personal information such as e-mail address, IP address and full name.



Security Audits



To maintain the integrity and security of our systems, Billetto has hired external security auditors to audit our systems and provide feedback.

Databases & Encryption

Our databases to store the customer information are secured through industry standard encryption and hashing techniques. This adds additional layers of protection for sensitive information and making it not possible to view certain information such as passwords. Additionally to this security, access to this data is restricted with a number of security restraints and only accessible to essential Billetto personnel only and is logged and reviewed.

Website and connections


Billetto uses TLS and HTTPS for all requests between the customer, our servers or third party providers. This additional layer of security and data verification prevents personal information being monitored or accessed by unauthorised third parties

Payment Providers

Billetto contracts with QuickPay, Reepay and Stripe directly to securely store customers' payment information. Billetto does not collect or hold this data and information is transferred securely through TLS and HTTPS to our providers who are all PCI DSS compliant. For more information on each companies Security and PCI DSS see here

- Reepay
- Quickpay
- Stripe



Sub Processors

To provide Billetto’s functionality, we may transfer your personal information to countries other than the country in which you are resident. Our website servers are located in the EU. However, third-party service providers and partners operate in a number of countries, including the US. This means that when we collect your personal information, we may process it in any of these countries.
We implement appropriate safeguards to protect customer personal information in those countries in accordance with this Privacy Policy by securing, in our contracts with suppliers and others, that the level of protection is according to GDPR. We contract with third party companies that process your data and may send information to the United States. These third-party companies are required to follow the​ ​ Standard Contractual Clauses​ for data transfers between EU and non-EU countries issued by the European Commission.

To see a fill list of our integrations and partners see here: Legal Docs - Subprocessors

Patrick Borre CEO & DPO
Billetto
Billetto DK Billetto SE Billetto UK Billetto NO Billetto EU Billetto FR Billetto ES Billetto NL Billetto IT Billetto IE Billetto FI Billetto AT Billetto BE Billetto PT
App Store Google Play