Terms & Privacy Policy

Welcome to OOVAL. We are massively exited to welcome you to the future of Live-Entertainment. Enjoy!

This privacy policy applies to visiting the website and using the ticketing system of OOVAL ("OOVAL", "we"). In accordance with the provisions of the General Data Protection Regulation (GDPR), it provides information about what personal data we collect, what we use it for, and what rights you have. OOVAL enables the secure purchase and (re)sale of tickets by generating Digitable Collectibles or NFTs (Non-Fungible Tokens), which are unique digital assets stored in a cryptographic wallet that uniquely identifies the ticket owner and are individually attributable via purchase history. The transparent, forgery-proof recording on the blockchain enables the authenticity of the tickets to be verified and thus prevents dubious ticket scalping.

1. What data is collected?

1.1 When you visit our website, the server records, among other things, the domain name, the IP address of your computer, the pages visited, browser type and version, operating system used, host name, the client's file request (file name and URL), the http response code and the source from which you visit us (server log files). The purpose of the logged data is to use it for data security, for example, to ensure the functionality and security of the website or to ward off attacks on our servers (Art. 6 para. 1 f) DSGVO). An evaluation of the behavior of the website visitors or for profiling does not take place.

1.2 If you use our contact form, the following data will be collected: email address, username, number of tickets per event. In addition, we collect data that you provide to us voluntarily. The legal basis for this processing is your consent (Art. 6 para.1 a) DSGVO). The collected data is used to be able to set up a user account (Art. 6 para.1 b) DSGVO).

1.3 By logging in via the social media services (Social LogIn), the user-name and email address of these applications are collected in order to gain access to the ticketing system (Art. 6 (1) b) DSGVO). By clicking on the respective icon of the social media service, the social media plugin is activated. The use of the social media plugin only takes place when the user clicks on it a second time. Only then is the user data transferred to the social media provider (two-click solution).

1.4 After registration has been completed, the data required for the respective contractual service is recorded on the user page (OOVAL Dashboard) (Art. 6 para. 1 b) DSGVO): For the purchase of tickets and the processing of tickets, we use the payment processing services of Stripe. The ticket generated in the form of a Digital Collectible or NFT can only be used by the respective owner through private access data assigned only to him. These and the NFT ticket are kept in a wallet created with ticket generation, which is assigned to the respective owner. OOVAL has no access to the wallet itself or its contents, but acts as a custodian.

1.4.1 In the user account of the organizer, the name of the organizer, address, email address, the event and the bank data such as credit institution, IBAN and name of the account holder, as well as credit card number are recorded for the processing of the ticketing.

1.4.2 In the user account of the fan the following data are processed: Name, email address, age, bank data such as credit institution, IBAN, name of the account holder, as well as credit card number, and relevant countries.

1.5 Processing by third parties - If service providers (e.g. web hosting, service providers, payment processors) are involved who act on our behalf and according to instructions in the course of providing services, they may come into contact with personal data ("processors", Art. 28 DSGVO).

2. Cookies

In the event of a legal obligation as well as in the context of legal prosecution, authorities (e.g. social insurance carriers, financial authorities, supervisory authorities, employers' liability insurance associations) may request or check recipients of your data, we will comply with the request only if we are legally obliged to do so.

3. Who is responsible?

OOVAL is the service provider for each event organizer, acting only as an intermediary between event organizer and ticket buyer. Email: contact@ooval.io.

4. What rights do you have?

4.1 Right to information, correction, blocking, deletion (Art. 15 DSGVO) You have the right to information about your stored personal data, the purpose of storage and the planned storage period.

4.2 Right to rectification (Art. 16 DSGVO) You have the right to rectification and, if necessary, to supplement inaccurate or incomplete data.

4.3 Right to deletion (Art. 17, 18 DSGVO) If the data is no longer necessary for the intended purpose or if you have revoked your consent or declared an objection, you have the right to request the deletion of your data. If deletion is not possible, you have the right to restriction

4.4 Right to data portability (Art. 20 DSGVO) You have the right to receive your data provided to us in a common machine-readable format and, if necessary, to transfer it to others.

4.5 Right to object (Art. 21 para. 1 DSGVO) You have the right to object to data processing that is to be carried out on the basis of a legitimate interest, for reasons arising from your particular situation.

4.6 Right to complain You have the right to complain to the competent supervisory authority. The competent supervisory authority is the Bavarian State Office for Data Protection Supervision (BayLDA).