About Tickasit:
Tickasit is a South African online ticket marketplace where independent clients list tickets and similar inventory for customers.
Compliance:
Tickasit complies with South Africa's data protection laws, including the Protection of Personal Information Act (PoPI).
Purpose of Data Collection:
- Process ticket purchases
- Provide customer service
- Detect risk and fraud
- Fulfil ticketing obligations
- Notify customers of event changes
- Conduct outbound marketing (with permission)
Data Collection Practices:
- Personal data is mostly gathered directly from customers.
- It may also come from:
- Legacy systems (with customer consent)
- Clients needing Tickasit to fulfil their obligations
- Customer data is only used for:
- Service fulfilment
- Improved customer experience
- Customer support
- Customers can edit or delete their data at any time.
Sharing of Personal Data:
- With Clients: Shared only for fulfilling ticket obligations.
- With Third Parties: Shared only as required by law or with explicit customer consent.
- Marketing communications require explicit permission.
Third-Party Service Providers:
- Conducts risk assessments on service providers
- Shares only minimal data
- Requires strict security compliance
- Conducts annual reviews of third-party risk
PCI/DSS Compliance:
- Uses Payfast Payment Technologies, which is PCI Level 1 compliant
- Never stores customer card details
Data Security & Governance:
- Customer data is hosted on a cloud provider with encryption, VPNs, and multi-factor authentication
- Tickasit conducts regular security testing and uses malware protection
- Staff access is limited to roles that require data to fulfil their duties
- Staff sign confidentiality agreements and undergo regular data privacy training
Breach Notification:
If a data breach occurs under PoPI:
- Tickasit will notify affected clients and data subjects
- The Information Regulator will also be informed
When you use our online services, we may collect the following:
- Your name and address
- Your delivery address (if different)
- Website cookies
- Your contact telephone number
- Your credit or debit card number, expiry date, and security code
- Information from competitions, live chats, or message boards
- Details from support queries, problems, or comments
- Credentials used to access account features
