Privacy Policy

Orgonize Privacy Notice

This Privacy Notice was last reviewed and updated in February 2025

1. OUR COMMITMENT

1.1 At Orgonize Media Limited trading as Orgonize (“Orgonize”, “we”, “us”, or “our”) we respect your privacy rights. The purpose of this privacy notice (the “Notice”) is to explain how we collect, use, store and transfer your personal data in the context of your use of our Platform (defined below).

1.2 We are committed to your privacy and ensuring that your personal data is:

1.2.1 processed lawfully, fairly and transparently;

1.2.2 processed for specific purposes only, and not in any manner incompatible with those purposes;

1.2.3 adequate, relevant and limited to what is necessary;

1.2.4 processed accurately;

1.2.5 not kept for longer than necessary;

1.2.6 kept confidential and secure; and

1.2.7 processed consistent with your rights. See Section 9 (Your Rights) below for additional information on your rights.

1.2.8 Orgonize is the “data controller” responsible for the personal data collected and processed as described in this Notice.

2. WHO THIS NOTICE APPLIES TO

2.1 This Notice applies to all users of our mobile application (“App”) and desktop functionalities (“Website”) (together, the “Platform”) and our connected services. Depending on the context, “you” might be an Organiser, General User or a Visitor.

2.1.1 When you use the Platform to post information about, or sell tickets for, events, or to post information about contests and special offers in the context of your business or trade (including if you do so on behalf of a company), we refer to you as an Organiser.

2.1.1 When you create an account on the Platform to buy tickets, enter competitions and view information about events, we refer to you as a General User.

2.1.3 When you interact with us without being logged in to an Orgonize account, you are a Visitor. For example, you are a Visitor when you visit our Website or App or send us a message asking for more information about the Platform.

3. WHAT INFORMATION WE COLLECT

3.1 We process your personal data including, but not limited to, the following types of personal data:

3.1.1 Your name and contact details

This includes information such as name and contact information such as phone number, email address.

3.1.2 Additional profile information

This includes information that you choose to upload to the Platform such as profile picture, home address, date of birth, gender, location, social media links and preferred language. If you’re an Organiser, we also collect information like business registration details (including, where applicable, your VAT number, company number or registered charity number), job role and payment account information to register you as an Organiser.

3.1.3 Identity information

This includes government-issued identity documents and, if applicable, a selfie, for biometric verification through a third-party called IDVerse (see further below at Section 4). If you use the IDVerse identification product then IDVerse will a separate data controller.

3.1.4 Your payment information

If you buy something on the Platform, we may collect your payment information. This includes information such as your credit/debit card number, security/CVV code, and expiration date.

3.1.5 Your communications and contact history with us

This includes information such as service call recordings, chat and instant messages, or communications with our social media channels.

3.1.6 Log data and device information

This includes information such as details about how you have used the App, Website, IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, location data and page/product views or clicks.

3.1.7 Geo-location information

This includes information such as IP address, browser information or mobile GPS information.

3.1.8 Event information

This includes information about the events you’ve booked tickets for, are interested in or going to, competitions you’ve entered, events you’ve attended which has been collected through Orgonize’s digital check-in system, events you’ve saved as “interested in”, special offers you’ve added to your wallet and/or redeemed, General Users and Organisers you follow.

3.1.9 Other information

This includes information such as forum posts, chat logs, survey responses, participation in promotions, likes and shares and other user-generated content.

3.2 If you provide us with personal data (which may include special categories of personal data) about other people, it is your responsibility to inform such individuals of their rights and to obtain, where necessary, their explicit consent to the processing (including transfers) of that personal data (including special categories of personal data) in compliance with applicable data protection laws, as set out in this Notice.

3.3 When collecting personal data which is mandatory (either under applicable law or in accordance with a contractual requirement), we will let you know at the time of collection of the personal data. The consequences of any failure to provide the mandatorily required personal data may include your inability to avail of certain benefits, such as attending an event or entering competitions or adding or redeeming special offers.

4. HOW WE USE YOUR PERSONAL DATA

We only use your personal data for the purposes outlined below, except as restricted or required by law. In doing so, Orgonize relies on a number of separate and overlapping legal bases to lawfully process your personal data.

WHY WE COLLECT IT

an account as an Organiser and General User PURPOSE.

PURPOSE

To verify your age

WHY WE COLLECT IT

If you are a General User and you buy a ticket to a 16+ event, you may be asked by an Organiser to submit a copy of your government-issued identity document to confirm you are old enough to attend. This service is provided through IDVerse. IDVerse will also ask for a selfie from you for biometric verification. Your age and surname are retained by Orgonize while you have an account as a General User.

LAWFUL BASIS FOR PROCESSING

Consent

PURPOSE

To allow Organiser to accept payment, fulfil orders, and provide refunds

WHY WE COLLECT IT

We use your name and contact details to fulfil our contract with you and deliver your order(s), and we use your payment information to enable a third party payments processor (Stripe) to process payments and comply with applicable law.

LAWFUL BASIS FOR PROCESSING

Performance of a contract

PURPOSE

To send you account information

PURPOSE

We need your name and contact details to deliver important account information to you, such as order confirmations and notices, changes to account settings, and notices about the App and Website, or the terms and policies that apply to them.

LAWFUL BASIS FOR PROCESSING

Performance of a contract

PURPOSE

To provide the services offered on the Platform to you

WHY WE COLLECT IT

We use your event information and other information to provide the Platform services to you. For example, if you use the chat function on the Platform to communicate with other users or Organisers, we’ll enable the contents of your messages to be sent to the intended recipient.

LAWFUL BASIS FOR PROCESSING

Legitimate interests (i.e. our commercial interests)

PURPOSE

To offer an improved user experience

WHY WE COLLECT IT

We use your communications and contact history with us, as well as other information such as additional profile information, and purchase history and event information to operate, protect, improve and optimise the App and Website, and to personalise and customise your experience. It is also used for internal analytics, platform security, and enforcing our Terms of Service.

LAWFUL BASIS FOR PROCESSING

Legitimate interests (i.e. our commercial interests)

PURPOSE

To improve and develop our services

WHY WE COLLECT IT

LAWFUL BASIS FOR PROCESSING

Legitimate interests (i.e. our commercial interests)

PURPOSE

Communication, marketing and advertising

WHY WE COLLECT IT

We use information you provide to us to deliver and personalise communications with you from us or from Organisers, or to administer, rewards, surveys, sweepstakes, contests or other promotional activities. It is also used for event confirmations, ticketing and responding to inquiries.

LAWFUL BASIS FOR PROCESSING

Consent

5. HOW WE SHARE YOUR PERSONAL DATA

5.1 Where necessary in order for us to perform our obligations to you or for purposes set forth in this Notice, your data will be shared with affiliates, public authorities and/or other third parties, for example:

5.1.1 Affiliate companies that are members of the Orgonize group.

5.1.2 Companies and individuals that help us deliver our products to you, such as suppliers, logistics professionals, and delivery and freight companies (if, for example, you win a prize offered through a competition run by an Organiser).

5.1.3 Professional service providers who help us run our business, such as marketing companies, accountants, lawyers, software vendors, consultants, and advertising partners.

5.1.4 If you are a General User and you follow an Organiser or are interested or going to an event or purchase a ticket or enter a competition or redeem a special offer on the Platform, we share your personal data with an Organiser to enable you to contact them and for them to download this data and contact you. This may include your contact details, additional profile information including, name, age, image, gender, ID verified indicator, location email, phone number, historical activity with that Organiser and events information.

5.1.5 Companies approved by you, such as social media sites (if you choose to link your account(s) to us).

5.1.6 Identity verification service providers. We use IDVerse for identity verification, as described under Section 4.1.

5.1.7 Payment processors if an Organiser chooses to use their service. We use Stripe for payments, analytics, and other business services. Stripe may collect personal data including via cookies and similar technologies. The personal data Stripe collects may include transactional data and identifying information about devices that connect to its services. Stripe uses this information to operate and improve the services it provides to us, including for fraud detection, loss prevention, authentication, and analytics related to the performance of its services. You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy.

5.1.8 Government and law enforcement agencies or public authorities to: (i) comply with a legal process, subpoena, order or other legal or regulatory requirement, or if we believe that it is necessary to comply with our legal obligations; (ii) enforce our Organiser Terms of Service, General User Terms of Use or other policies; or (iii) pursue available legal remedies or defend legal claims, or protect and defend our rights or property, or the rights or property of a third party, including our customers and employees.

5.1.9 If we sell or transfer all or part of our business to someone, in some cases we may give the new owner your information as part of that transaction if it’s allowed under the law.

5.2 When Orgonize does outsource the processing of personal data to third parties or provide personal data to third party service providers, we require those third parties to protect the personal data they are provided with appropriate security measures and prohibit or restrict them from using the personal data for their own purposes or from disclosing the personal data to others without our approval.

5.3 As we continue to develop our business, we may buy or sell assets. In such transactions, personal data is generally one of the transferred business assets. Accordingly, your personal data may also be disclosed, where permitted by applicable law, in connection with a corporate restructuring, sale, or assignment of assets, merger, divestiture, or other changes of control or financial status of Orgonize.

6. DATA SECURITY

6.1 Orgonize maintains appropriate technical and organisational measures to protect against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data (including special categories of personal data).

6.2 Orgonize shall ensure a level of security appropriate to the risks that are presented by the processing, having all due regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risk to you. These measures are aimed at ensuring the on-going integrity and confidentiality of personal data. We evaluate these measures on a regular basis to ensure the security of the processing.

7. DATA TRANSFERS

7.1 In some cases, we may need to transfer your information to recipients outside the European Economic Area (“EEA”) for the purposes described in this Notice. Where we transfer your information, we do so in accordance with EU data protection law. If you are based in the EEA, when your data is moved from your home country to a third country outside the EEA some of these countries may not have the same data protection safeguards as your home country. If you are located in the EEA or the United Kingdom, we employ one of the following data transfer mechanisms to ensure the transfer is lawful:

7.1.1 Transfers to countries deemed as having an “adequate” level of protection by the European Commission;

7.1.2 EU Standard Contractual Clauses (“SCCs”) approved by the European Commission and the UK International Data Transfer Addendum issued by the UK Secretary of State.

7.2 While transfers to countries that don’t have an adequacy decision typically take place on the basis of SCCs, in certain circumstances, transfers can also take place on the basis of exemptions provided under data protection law. For example, sharing with law enforcement or in emergency situations where we learn that a person’s life is at risk.

7.3 For a copy of these adequacy decisions or SCCs, please contact us via the details provided in the “How to Contact Us” section.

8. DATA RETENTION

8.1 Orgonize will retain your personal data only for as long as is necessary for the purposes set out in this Notice. We may also keep some of your information as required to meet legal or regulatory requirements, resolve disputes, prevent fraud or abuse, enforce our Terms, or for other legitimate business purposes (so long as keeping it for such purposes does not infringe upon your privacy rights).

8.2 Once our relationship with you has come to an end, we will retain your personal data for a period of time that enables us to:

8.2.1 Maintain business records for analysis and/or audit purposes;

8.2.2 Comply with record retention requirements under applicable law;

8.2.3 Defend or bring any existing or potential legal claims; and

8.2.4 Deal with any complaints regarding our services.

8.3 When we no longer have a need to keep your information for these purposes, we will either delete your personal data from our systems or anonymise it so that it no longer identifies you. If there is any personal data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the personal data.

8.4 If your personal data is processed by IDVerse for identity or age verification, they will delete your personal data three years after you verify your identity.

9. YOUR RIGHTS

9.1 You have several rights in relation to your personal data. You have a right to:

9.1.1 access a copy of your personal data held by us;

9.1.2 request rectification of your personal data if it is inaccurate or incomplete;

9.1.3 request erasure of your personal data in certain circumstances;

9.1.4 restrict our use of your personal data in certain circumstances;

9.1.5 move (or port) personal data which you have given us to process. You can choose to receive your personal data in a usable electronic format or request direct transmission to a third party, subject to that third party’s cooperation; and

9.1.6 object to the processing of your data where our legal basis for processing your data is our legitimate interests.

9.2 However, these rights may not be exercised in certain circumstances, such as when the processing of your data is necessary to comply with a legal obligation or for the exercise or defence of legal claims.

10. THIRD PARTY LINKS

10.1 We may provide links to third-party web sites that we do not own or control. We are not responsible for the information collection practices of these third-party websites and do not endorse such practices. We encourage you to review and understand the privacy practices of third-party websites before providing any information to or through them.

11. CHILDREN'S PRIVACY

11.1 You must be at least 16 years old to use the Platform. If you believe that there is a user who is below this minimum age, please contact us as described in the “How to Contact Us” section below. If you are under the age of 16, you are not permitted to create an account.

12. CHANGES TO THE NOTICE

12.1 We may change this Notice from time-to-time to reflect new ways that we process your information. If we make material changes that affect your information, we will provide you notice of such changes through the App, Website, by email, or some other means of contact. This notice will give you an opportunity to review the changes before we use your information in these different ways.

13. HOW TO CONTACT US

13.1 If you have any questions about this Notice, or if you require further information about our use of your personal data or you wish to avail of any of your rights set out herein, please contact us at dpo@orgonize.com.

13.2 If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights, you have the right to lodge a complaint with the Irish Data Protection Commission (if you’re based in Ireland) or the UK Information Commissioner’s Office (ICO) (if you’re based in the UK).Their contact details are below:

Data Protection Commission

Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Phone +353 (0)1 7650100 / 1800 437 737
You can contact the Data Protection Commissioner via the webforms on its website, https://dataprotection.ie.

Information Commissioner’s Office

Address: Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF, England
Phone: 0303 123 1113
You can contact the Information Commissioner’s Office via the webforms on its website, https://ico.org.uk/