Privacy Policy of Center for Italian Modern Art

This Website collects some Personal Data from its Users.

Personal Data collected for the following purposes and using the following services:

    • Access to third-party accounts

      • Facebook account access

        Permissions: Access Page CTA

    • Advertising

      • Facebook Audience Network

        Personal Data: Cookies; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); Usage Data

    • Analytics

      • AWStats, Google Analytics, Google Analytics with anonymized IP and Facebook Ads conversion tracking (Facebook pixel)

        Personal Data: Cookies; Usage Data

      • Facebook Analytics for Apps

        Personal Data: Usage Data; various types of Data as specified in the privacy policy of the service

    • Backup saving and management

      • Amazon Glacier

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Contacting the User

      • Mailing list or newsletter

        Personal Data: address; city; company name; country; email address; first name; last name; phone number; state; Usage Data; ZIP/Postal code

    • Content performance and features testing (A/B testing)

      • Google Optimize and Google Optimize 360

        Personal Data: Cookies; Usage Data

    • Data transfer outside the EU

      • Data transfer abroad based on consent, Data transfer abroad based on standard contractual clauses, Data transfer to countries that guarantee European standards and Other legal basis for Data transfer abroad

        Personal Data: various types of Data

    • Displaying content from external platforms

      • Font Awesome

        Personal Data: Usage Data

      • Google Maps widget and Vimeo video

        Personal Data: Cookies; Usage Data

      • Google Fonts

        Personal Data: Usage Data; various types of Data as specified in the privacy policy of the service

    • Hosting and backend infrastructure

      • iubenda Consent Solution

        Personal Data: Data communicated while using the service

      • Amazon Web Services (AWS)

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Interaction with data collection platforms and other third parties

      • Mailchimp widget

        Personal Data: email address; first name; last name

    • Interaction with external social networks and platforms

      • Facebook Like button and social widgets, AddToAny and Twitter Tweet button and social widgets

        Personal Data: Cookies; Usage Data

      • Eventbrite Data Shield Policy, Blackbaud eTapestry Privacy Policy and Blackbaud eTapestry Privacy Shield Certification

    • Managing contacts and sending messages

      • Mailchimp

        Personal Data: email address; first name; last name

    • Remarketing and behavioral targeting

      • Facebook Remarketing

        Personal Data: Cookies; Usage Data

      • Facebook Custom Audience

        Personal Data: Cookies; email address

    • SPAM protection

      • Google reCAPTCHA

        Personal Data: Cookies; Usage Data

    • Tag Management

      • Google Tag Manager

        Personal Data: Usage Data

Further information about Personal Data

    • CIMA Terms of Privacy Policy

      The Center for Italian Modern Art (“Company,” “us” or “we”) is concerned about privacy issues and wants you to be familiar with how we collect, use and disclose information. This Privacy Policy (“Privacy Policy”) describes our practices in connection with information that we collect through our website, currently located at https://www.italianmodernart.org/ (together with any materials and services available therein, and successor site(s) thereto, the “Site”). By accessing or using the Site, or providing information to us in connection with the Site, you acknowledge that we may use and disclose such information in accordance with this Privacy Policy. If you object or do not consent to our use and disclosure of such information in accordance with this Privacy Policy, please do not provide such information on or through the Site (which may mean that you will be unable to use the Site).

      We may change this Privacy Policy at any time. Please take a look at the “LAST UPDATED” legend at the top of this page to see when this Privacy Policy was last revised. Any changes to this Privacy Policy will become effective when we make the revised Privacy Policy available on or through the Site. Your use of the Site or the submission of any information through the Site following such changes means that you accept the revised Privacy Policy.

       

      JURISDICTIONAL ISSUES

      The Site is controlled by us from the United States; accordingly, this Privacy Policy, and our collection, use and disclosure of your information, is governed by U.S. law, and not by the laws of any country, territory or jurisdiction other than the United States. We do not represent or warrant that the Site, or any functionality or feature thereof, is appropriate or available for use in any particular jurisdiction. Those who choose to download, access or use the Site do so on their own initiative and at their own risk, and are responsible for complying with all local laws, rules and regulations. By downloading, accessing, using or submitting any information to the Site, users from outside the United States acknowledge that the Site is subject to U.S. law, and consent to the transfer of their information to the United States and any other jurisdiction, which may provide a different level of data security than in their country of residence, and waive any claims that may arise under the laws of any country other than the United States.

      Certain Personal Information is voluntary and not required to access or use the Site; other Personal Information may be mandatory and required to access or use the Site or certain portions of the Site.
      If you submit any personal information of or relating to a third party to us or our third-party service providers or business partners in connection with the site, you represent that you have the authority to do so and to permit us to use and disclosure such information in accordance with this privacy policy.

       

      HOW WE MAY USE PERSONAL INFORMATION

      We and our third-party service providers may use Personal Information:

      To respond to your inquiries and event notifications to you, complete your commercial transactions and otherwise operate the Site.

      To send administrative information to you, including information regarding the Site and changes to our terms, conditions and policies.

      To allow you to send and receive invitations and messages (including files, video and text messages) to and from other individuals, through or in connection with the Site, and to send and receive such invitations and messages on your behalf.

      To help us improve the customer experience, including by learning more about your preferences to help personalize your experience with us.

      To send marketing-related communications regarding Company-related events, offerings and opportunities to you that we believe may be of interest to you, unless you opt-out in accordance with the “CHOICES AND ACCESS” section below.

      For our business purposes, such as quality assessment, data analysis, audits, developing new products and services, improving the Site, identifying usage trends and determining the effectiveness of our promotional campaigns.

      To protect the security or integrity of our businesses and online properties, including the Site.
      As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public or government authorities, including public or government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, or that of our affiliates, service providers, members, you or others, including through credit-fraud protection and risk reduction; (g) at our discretion under emergency circumstances, to notify emergency services or your family members, personal representative or other individuals involved in your care of your location and condition; or (h) to allow us to pursue available remedies or limit the damages that we may sustain.

       

      HOW PERSONAL INFORMATION MAY BE DISCLOSED

      To our third-party service providers that may provide services such as hosting of the Site, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing, information and identity verification, background checks, credit checks, payment processing and other similar services.
      To identify you to anyone to whom you send invitations or messages (including files, video and text messages) through or in connection with the Site, including invitations and messages that we may send on your behalf.

      By you, through messages (including files, video and text messages), chats, message boards, forums, public profile pages, user directories and blogs and other functionality with which you are able to share or post information and materials. Please note that any information and materials that you post or disclose using such functionality will become public information, and may be available for other users of the Site and the general public to record, access, use, alter, manipulate or disclose to other individuals or social networking sites such as Facebook or YouTube. We are not responsible for such recording, access, use, alteration, manipulation or disclosure. We urge you to be very careful when deciding to disclose your Personal Information, or any other information, in connection with the Site.

      To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceeding).

      As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public or government authorities, including public or government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, or that of our affiliates, service providers, members, you or others, including through credit-fraud protection and risk reduction; (g) at our discretion under emergency circumstances, to notify emergency services or your family members, personal representative or other individuals involved in your care of your location and condition; or (h) to allow us to pursue available remedies or limit the damages that we may sustain.

       

      USE OF THE SITE BY MINORS

      The Site is not directed to individuals under the age of thirteen (13), nor are such individuals permitted to use the Site; accordingly, we request that such individuals do not provide Personal Information in connection with the Site. If you are the parent or guardian of such an individual who has disclosed Personal Information to us in connection with the Site, please contact us in accordance with the “CONTACTING US” section below, and we will exercise commercially reasonable efforts to remove such information from our databases and storage systems; we are not liable, however, for any consequences of such information, including any delay or failure to remove such information.

       

      INFORMATION YOU PROVIDE

      You may voluntarily provide us with other information, such as your areas of interest, your preferred email format, your preferred means of communication, or other information that does not personally identify you. In particular, we may collect demographic information such as, for example, your age, occupation and family status, as well as other information when you voluntarily provide such information to us. We may also collect such information about you from third parties. Unless combined with Personal Information, this information does not personally identify you or any other user of the Platform.

       

      RETENTION PERIOD

      We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law.

    • Eventbrite Privacy Policy

      Last Updated: December 16, 2019

      We participate in and comply with the EU-U.S. and Swiss-U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Data (defined in Section 2.1) transferred from European Economic Area ("EEA") member countries, Switzerland and the United Kingdom (UK) to the United States. You can find out more about our commitment to the EU-U.S. and Swiss-U.S. Privacy Shield Framework in our Privacy Shield Notice.


      1-2
      1. Who We Are.

      1.1 Eventbrite Services.

      Welcome to Eventbrite! We are a ticketing and registration platform dedicated to bringing the world together through live experiences. Through our platform, mobile apps and services, we enable people all over the world to create, discover, share and register for events.

      Eventbrite's products, features and offerings are available (a) online through various Eventbrite properties including without limitation, Eventbrite, Eventbrite Communities, Eventbrite Music, Eventbrite Venue, Lanyrd, Rally, Ticketea, Ticketfly, nvite ("Site(s)"); (b) off platform, including without limitation, RFID, entry management, sponsorship and marketing or distribution services; and (c) through mobile applications, webpages, application programming interfaces, and subdomains ("Applications"). (a), (b), and (c) are collectively referred to as "Eventbrite Properties" or our "Services".

      1.2 Who's Who.

      When this Privacy Policy uses the term "Organizer" we mean event creators using the Services to create events for consumers using our Services (a) to consume information about, or attend, events ("Consumers"), or (b) for any other reason. Organizers, Consumers and third parties using our Services are all referred to in these Terms collectively as "Users", "you" or "your".

      Eventbrite, Inc. is a Delaware corporation with its principal place of business at 155 5th Street, Floor 7, San Francisco, CA 94103, Reg. No. 4742147 ("Eventbrite," "us," "we" or "our"). If you are resident in the EEA or Switzerland, Eventbrite, Inc. is the responsible party with respect to Personal Data (defined below) collected through the Services. Eventbrite's representative for European data protection law purposes is Eventbrite NL B.V. with its principal place of business at Silodam 402, 1013AW, Amsterdam, The Netherlands.

      If you have any questions or concerns at any time, please do not hesitate to contact us at the address above or by contacting us at privacy@eventbrite.com.

      2. Our Privacy Statement.

      2.1 Application.

      This Privacy Policy sets forth our policy with respect to information that can be associated with or which relates to a person and/or could be used to identify a person ("Personal Data") that is collected from Users on or through the Services. We take the privacy of your Personal Data seriously. Because of that, we have created this Privacy Policy. Please read this Privacy Policy as it includes important information regarding your Personal Data and other information.

      "Non-Personal Data" as used in this Privacy Policy is therefore any information that does not relate to a person and/or cannot be used to identify a person. When you interact with the Services, we may collect Non-Personal Data. The limitations and requirements in this Privacy Policy on our collection, use, disclosure, transfer and storage/retention of Personal Data do not apply to Non-Personal Data.

      3-4
      3. Personal Data That We Collect.

      When you use or interact with us through the Services, we may collect Personal Data. Sometimes this will be on our own behalf and other times this will be on behalf of an Organizer using our Services to run an event. This is an important distinction for purposes of certain data protection laws and is explained in more detail below.

      3.1 Information Collected From All Users.

      Information you provide to us: For all Users we collect Personal Data when you voluntarily provide such information to the Services, such as when you register for access to the Services, contact us with inquiries, respond to one of our surveys or browse or use certain parts of the Services. The Personal Data we may collect includes without limitation your name, address, email address and any other information that you choose to provide and/or that enables Users to be personally identified.

      Information we automatically collect: We also automatically collect certain technical data that is sent to us from the computer, mobile device and/or browser through which you access the Services ("Automatic Data"). Automatic Data, includes without limitation, a unique identifier associated with your access device and/or browser (including, for example, your Internet Protocol (IP) address) characteristics about your access device and/or browser, statistics on your activities on the Services, information about how you came to the Services and data collected through Cookies, Pixel Tags, Local Shared Objects, Web Storage and other similar technologies. You can find out more information about how we use Cookies and other similar tracking technologies in our Cookie Statement.

      When you register for the Services or otherwise submit Personal Data to us, we may associate other Non-Personal Data (including Non-Personal Data we collect from third parties) with your Personal Data. At such instance, we will treat any such combined data as your Personal Data until such time as it can no longer be associated with you or used to identify you.

      3.2 Information Collected From Organizers.

      If you are an Organizer we will collect additional Personal Data from you.

      Information you provide to us: In some cases, we may collect your credit card information (e.g., your credit card number and expiration date, billing address, etc.), some of which may constitute Personal Data, to secure certain payments. In addition, if you use our payment processing services, we will collect financial information from you (e.g., your bank account information or an address to send checks) as necessary to facilitate payments and information required for tax purposes (e.g., your taxpayer identification number).

      Information we obtain from other sources: We may also collect or receive Personal Data including your name, email address and other contact information from third party sources, such as third party websites and marketing partners, your bank, our payment processing partners and credit reporting agencies.

      3.3 Information Collected From Consumers.

      If you are a Consumer we will collect additional Personal Data from you, sometimes for our own purposes and other times on behalf of an Organizer (see Section 16 below for more information).

      Information you provide via Eventbrite Properties or Applications: If you register for a paid event, you will provide financial information (e.g., your credit card number and expiration date, billing address, etc.) some of which may constitute Personal Data. In addition, Organizers can set up event registration pages to collect virtually any information from Consumers in connection with registration for an Organizer's event listed on the Services. Eventbrite does not control an Organizer's registration process nor the Personal Data that they collect. When you register for, or otherwise provide information to Eventbrite in conjunction with an Organizer event or activity, whether that information is yours or a third party’s, in connection with a purchase, registration, or transfer, that Organizer will receive and may use the information you provide. Please see Section 5.5 below, titled “How We Disclose and Transfer Your Personal Data: Organizers” for more information about an Organizer’s receipt and use of your Personal Data.

      Information we obtain from other sources: We may also collect or receive Personal Data from third party sources, such as Organizers, other Consumers, social media or other third party integrations, your credit card issuing bank, our payment processing partners or other third parties.

      4. How We Use Your Personal Data.

      We collect and use the Personal Data we collect in a manner that is consistent with this Privacy Policy, and applicable privacy laws. We may use the Personal Data as follows:

      4.1 Specific Reason.

      If you provide Personal Data for a certain purpose, we may use the Personal Data in connection with the purpose for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem and will respond to the email address from which the contact came.

      4.2 Access and Use.

      If you provide Personal Data in order to obtain access to or use of the Services or any functionality thereof, we will use your Personal Data to provide you with access to or use of the Services or functionality and to analyze your use of such Services or functionality. For instance, if you supply Personal Data relating to your identity or qualifications to use certain portions of the Services, we will use that information to make a decision as to granting you access to use such Services and to assess your ongoing qualification to use such Services.

      4.3 Internal Business Purposes.

      We may use your Personal Data for internal business purposes, including without limitation, to help us improve the content and functionality of the Services, to better understand our Users, to improve the Services, to protect against, identify or address wrongdoing, to enforce our Terms of Service, to manage your account and provide you with customer service, and to generally manage the Services and our business.

      4.4 Eventbrite Marketing.

      We may use your Personal Data for our marketing and advertising purposes, including (without limitation) by email, SMS marketing, display media, and targeting other devices (such as tablets, mobile devices and televisions). We do this in order to inform you about services or events we believe might be of interest to you, develop promotional or marketing materials and display Eventbrite or event-related content and advertising on or off the Services that we believe might be of interest to you. We may also do this on behalf of an Organizer, for example where your prior interactions with an Organizer suggest you may be interested in a particular type of event. See "Opt Out from Electronic Communications" below on how to opt out of various Eventbrite marketing communications.

      You may see advertisements for our Services (or our Organizer’s events) on third party websites, including on social media platforms. Where you see an advertisement on a third party website or social media platform, this may be because we engaged the third party or social media platform to show this advertisement to our Users, or to others who have similar attributes to our Users. In some cases, this involves sharing your email address or other contact details with the third party or social media platform so that they can identify you as one of our Users, or identify other individuals with similar attributes to you in order to show them advertisements for our Services (or for our Organizer’s events). If you no longer want your Personal Data to be used for these purposes please contact us at privacy@eventbrite.com. For more information about how we market on, and interact with social media sites, please refer to section 5.6.

      4.5 Organizer Emails.

      We allow Organizers to use our email tools to contact Consumers for their current and past events, so you may receive emails from our system that originate with such Organizers and that we send on their behalf. If you registered for an event on the Services, your email address is available to that Organizer. However, Organizers may also import the email addresses they have from external sources and send communications through the Services to those email addresses, and we will deliver those communications to those email addresses on the Organizer's behalf. The Organizer and not Eventbrite is responsible for sending these emails. See "Opt Out from Electronic Communications" below on how to opt out of Organizer-initiated communications.

      4.6 Use of Interest-Based Data

      We sometimes make inferences about the type of events or activities you may be interested in. We may use these inferences to help target advertising or customize recommendations to you, including on behalf of Organizers. We may do this on an aggregated or generalized basis. For instance, we may determine that our users who attend many comedy events also often attend or show interest in endurance-related events or content. We may direct (or assist in directing) content or recommendations related to both comedy and endurance to those Users.

      4.7 Other Purposes.

      If we intend to use any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time the Personal Data is collected or we will obtain your consent subsequent to such collection but prior to such use.

      4.8 Aggregated Personal Data.

      In an ongoing effort to understand and serve our Users better, we often conduct research on our customer demographics, interests and behavior based on Personal Data and other information that we have collected. This research is typically conducted on an aggregate basis only that does not identify you. Once Personal Data is in an aggregated form, for purposes of this Privacy Policy, it becomes Non-Personal Data.

      5-6
      5. How We Disclose And Transfer Your Personal Data.

      5.1 Background.

      We are not in the business of selling your Personal Data. We consider this information to be a vital part of our relationship with you. Therefore, we will not sell your Personal Data to third parties, including third party advertisers. There are certain circumstances in which we may disclose, transfer or share your Personal Data with certain third parties without further notice to you, as set forth in this Privacy Policy.

      5.2 Business Transfers.

      As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets. We may also disclose your Personal Data in the course of due diligence for such an event. You acknowledge and agree that any successor to or acquirer of Eventbrite (or its assets) will continue to have the right to use your Personal Data and other information in accordance with the terms of this Privacy Policy.

      5.3 Parent Companies, Subsidiaries and Affiliates.

      We may also share your Personal Data with our parent companies, subsidiaries and/or affiliates for purposes consistent with this Privacy Policy. Our parent companies, subsidiaries and affiliates will be bound to maintain that Personal Data in accordance with this Privacy Policy.

      5.4 Agents, Consultants and Service Providers.

      We may share your Personal Data with our contractors and service providers who process Personal Data on behalf of Eventbrite to perform certain business-related functions. These companies include our marketing agencies, online advertising providers, data enhancement and data services providers, database service providers, backup and disaster recovery service providers, email service providers, payment processing partners, customer support, tech support, hosting companies and others. When we engage another company to perform such functions, we may provide them with information, including Personal Data, in connection with their performance of such functions.

      5.5 Organizers.

      In addition, when you register for an event, sign up for communications, enter a contest, or otherwise input your Personal Data (such as through a web form) to communicate with an Organizer or participate in an Organizer event, that Organizer will receive that information. For instance, if you input your name and email address into a web form for an Organizer offer, activity or event, the Organizer will receive that information. The Organizer may then send you marketing or other communications, which may be subject to its own, separate privacy policy. Likewise, if you provide your mobile phone number, you may receive information messages related to the service, event, activity or information in which you’ve expressed interest.

      When you purchase tickets to, register for or donate to an event, transfer an event ticket or registration to another person, enter a contest, or otherwise input your Personal Data (such as through a web form), or otherwise communicate with an Organizer, or participate in or express interest in an Organizer or Organizer event or activity, that Organizer will receive the information you provide, including your Personal Data, and where a ticket or registration is transferred, the Personal Data of the transferee as well. Other third parties that are involved in or on whose behalf an event or activity is promoted, may receive that Personal Data as well.

      For example, as to fundraising pages, we may provide your Personal Data both to the Organizer charity of the fundraising page and the Organizer of the event to which the fundraising page is linked. In some instances, an Organizer may appoint a third party, which may or may not be affiliated with the Organizer, to create an event or fundraising page on its behalf (we call these third parties ("Third Party Organizers"). For example, and without limitation, a concert venue (the Organizer, in this case) may allow third party promoters or production companies (the Third Party Organizers) to create events that will be hosted at the Organizer's venue using its Eventbrite account. In that case, we may provide your Personal Data to the Third Party Organizers on behalf of the Organizers. The same is true for contests and sweepstakes: we may provide your Personal Data to both the Organizer promoting the contest or sweepstakes, and any legal sponsor of the contest or sweepstakes (such as a brand sponsor).

      We are not responsible for the actions of these Organizers, or their Third Party Organizers (or other downstream recipients of your Personal Data), with respect to your Personal Data. It is important that you review the applicable policies of the Organizers, and if applicable and available, their appointed Third Party Organizers, of an event (and the related fundraising page, if applicable) before providing Personal Data or other information in connection with that event or related fundraising page.

      Similarly, if you are a member of an Organizer's organization within Eventbrite, your Personal Data will be available to the Organizer and shared with those Third Party Organizers granted permission by the Organizer to view all members of the Organizer's organization.

      5.6 Facebook, Social Media and Other Third Party Connections.

      a. Connecting Your Eventbrite Account to Social Media Services. You can connect your Eventbrite account to your accounts on third party services like Facebook, in which case we may collect, use, disclose, transfer and store/retain information relating to your account with such third party services in accordance with this Privacy Policy. For example, if you connect with Facebook, we store your Facebook id, first name, last name, email, location, friends list and profile picture and use them to connect with your Facebook account to provide certain functionality on the Services, like recommending events that your Facebook friends are interested in and sharing the events you are interested in, or attending, with certain groups of people like your Facebook friends.

      b. “Liking” or “Following” Eventbrite on Social Media. In addition, when you “like” or “follow” us on Facebook, Instagram, Twitter or other social media sites (to the extent we provide that capability), we may collect some information from you including your name, email address, and any comments or content you post relevant to us. We likewise may collect your information if you sign up for one of our promotions or submit information to us through social media sites.

      c. Facebook Plug-Ins and Links on Our Pages. Eventbrite’s own website may contain links to Facebook as well, such as through the Facebook “Like” or “Share” button or other social plug-ins. When you interact with these features and links, your browser will establish a direct link with the Facebook servers, and Facebook will receive information about your browser and activity, and may link it to your Facebook user account. For more information about how Facebook uses data, please see Facebook’s own policies.

      d. Additional Facebook Marketing and Connectivity. In addition, if you are a member of Facebook (or another social media platform), and you provide Personal Data to an Organizer (such as in the ways described in Section 5.5), the Organizer may use that Personal Data to send you advertising and offers through Facebook (or another social media) platform, including when you are on Facebook or another social media platform. The Organizer may work with us and with third parties to enable this data integration and advertising. Facebook and other social media platforms may provide a way to opt out of this type of advertising. Please review their user settings and support pages to learn more about how they help you to manage privacy and marketing choices.

      e. Third party services and integrations. Eventbrite may provide you with opportunities to contract directly with third parties, and/or to integrate with third party services or applications, through our platform. In such instances, we will disclose your Personal Data to other entities in order to fulfill a request by you, or to provide services you have requested.

      5.7 Legal Requirements.

      We may disclose your Personal Data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency (including in response to public authorities to meet national security or law enforcement requirements), or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect or defend our rights, interests or property or that of third parties, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) act in urgent circumstances to protect the personal safety of Users of the Services or the public, or (e) protect against legal liability.

      6. How We Store Your Personal Data.

      We may store Personal Data itself or such information may be stored by third parties to whom we have transferred it in accordance with this Privacy Policy. We take what we believe to be reasonable steps to protect the Personal Data collected via the Services from loss, misuse, unauthorized use, access, inadvertent disclosure, alteration and destruction. However, no network, server, database or Internet or email transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us electronically. Please keep this in mind when disclosing any Personal Data.

      7-8
      7. How You Can Access, Update, Correct or Delete Your Personal Data.

      You can access or delete your Personal Data stored by us. If you are a registered User, you can do this by logging in and visiting the Account Settings page to download a copy of your Personal Data in machine readable form and/or delete your Personal Data. You can also edit some of your Personal Data directly through your account. In certain cases, you can ask us to correct and update any inaccurate Personal Data using the contact information below, and we will consider your request in accordance with applicable laws.

      If a Consumer initiates a data deletion request, Eventbrite is authorized to delete or anonymize Personal Data of the requesting Consumer from the Services even if that means removing its availability to the Organizer through the Services. However, if you are a Consumer, you understand that even if Eventbrite deletes or anonymizes your Personal Data upon your request or pursuant to this Policy, your Personal Data may still be available in the Organizer's own databases if transmitted to the Organizer prior to Eventbrite receiving or taking action on any deletion or anonymization activity.

      Unregistered Users may also access, update, correct or delete Personal Data and exercise these rights using the contact information below. We will consider and respond to all requests in accordance with applicable law.

      8. How Long We Retain Your Personal Data.

      We may retain your Personal Data as long as you are registered to use the Services. You may delete your account by visiting the Account Settings page. However, we may retain Personal Data for an additional period as is permitted or required under applicable laws. Even if we delete your Personal Data it may persist on backup or archival media for an additional period of time for legal, tax or regulatory reasons or for legitimate and lawful business purposes.

      9-10
      9. Cookies, Pixels Tags, Local Shared Objects, Web Storage And Similar Technologies.

      Please refer to our Cookie Statement for more information about our use of cookies and other similar tracking technologies.

      10. Your Choices.

      You have several choices available when it comes to your Personal Data:

      10.1 Limit the Personal Data You Provide.

      You can browse the Services without providing any Personal Data (other than Automatic Data to the extent it is considered Personal Data under applicable laws) or with limiting the Personal Data you provide. If you choose not to provide any Personal Data or limit the Personal Data you provide, you may not be able to use certain functionality of the Services. For instance, in order to buy tickets as a Consumer, your name and email address will be required by the Organizer.

      10.2 Opt Out from Electronic Communications.

      (a) Eventbrite Marketing Communications.

      Where it is in accordance with your marketing preferences, Eventbrite may send you electronic communications marketing or advertising the Services themselves or events on the Services, to the extent you have registered for the Services or purchased a ticket and/or registration to an event listed on the Services. You can also "opt out" of receiving these electronic communications by clicking on the "Unsubscribe" link at the bottom of any such electronic communication. In addition, you may also manage your email preferences at any time by logging in (or signing up and then logging in), clicking on "Account" and then "Email Preferences."

      (b) Organizer-initiated Communications.

      Organizers may use our email tools to send electronic communications to those on their email subscription lists, including Consumers who have registered for their events on the Services in the past. Although these electronic communications are sent through our system, Eventbrite does not determine the content or the recipients of these electronic communications. Organizers are required to use our email tools only in accordance with all applicable laws. Eventbrite provides an "Unsubscribe" link on each of these emails, which allows recipients to "opt out" of electronic communications from the particular Organizer.

      (c) Social Notifications.

      If you connect your Facebook account or sign up for other social media integrations whose product features include social notifications (i.e., updates on what your friends are doing on the Services), you will receive these social notifications. You can manage these social notifications by toggling your social settings to private or disconnecting such integration.

      (d) Transactional or Responsive Communications.

      Certain electronic communications from Eventbrite are responsive to your requests. For instance, if you are a Consumer, we must email you your ticket or registration on behalf of the Organizer when you purchase such ticket or registration. As a further example, if you email our customer support department, we will return your email. Notwithstanding any unsubscribe election that you have made, you will still receive these transactional or responsive emails. You can stop receiving these types of emails only by contacting us. By electing to stop receiving all electronic communications from us or through our system, you will no longer receive any updates on events you have created (including payout issues) or on events you are registered to attend (including emails with your tickets). We do not recommend that you do this unless you plan to no longer use the Services, are not currently registered for an event, are not currently organizing an event, and will have no need to receive further communications from us or through our system.

      (e) Retention.

      It may take up to forty-eight (48) hours for us to process an unsubscribe request. Even after you opt out of all electronic communications, we will retain your Personal Data in accordance with this Privacy Policy, however, we will no longer use it to contact you. However, Organizers who have received your Personal Data in accordance with this Privacy Policy may still use that Personal Data to contact you in accordance with their own privacy policies, but they may not use our system to do so.

      10.3 Do Not Track.

      We currently do not participate in any "Do Not Track" frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your Personal Data.

      11-12
      11. Exclusions.

      11.1 Personal Data Provided to Others.

      This Privacy Policy does not apply to any Personal Data that you provide to another User or visitor through the Services or through any other means, including to Organizers on event pages or information posted by you to any public areas of the Services.

      11.2 Third Party Links.

      This Privacy Policy applies only to the Services. The Services may contain links to other websites not operated or controlled by us (the "Third Party Sites"). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Services do not imply that we endorse or have reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies.

      12. Children - Children's Online Privacy Protection Act.

      We do not knowingly collect Personal Data from children under the age of thirteen (13). If you are under the age of thirteen (13), please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data through the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to us through the Services, please contact us and we will endeavor to delete that information from our databases.

      13-14
      13. International Privacy Laws.

      If you are visiting the Services from outside the United States, please be aware that you are sending information (including Personal Data) to the United States where our servers are located. That information may then be transferred within the United States or back out of the United States to other countries outside of your country of residence, depending on the type of information and how it is stored by us. These countries (including the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, our collection, storage and use of your Personal Data will at all times continue to be governed by this Privacy Policy.

      14. Changes To This Privacy Policy.

      The Services and our business may change from time to time. As a result, at times it may be necessary for us to make changes to this Privacy Policy. We reserve the right, in our sole discretion, to update or modify this Privacy Policy at any time (collectively, "Modifications"). Modifications to this Privacy Policy will be posted to the Site with a change to the "Updated" date at the top of this Privacy Policy. In certain circumstances Eventbrite may, but need not, provide you with additional notice of such Modifications, such as via email or with in-Service notifications. Modifications will be effective thirty (30) days following the "Updated" date or such other date as communicated in any other notice to you.

      Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was updated on the date indicated above. Your continued use of the Services following the effectiveness of any Modifications to this Privacy Policy constitutes acceptance of those Modifications. If any Modification to this Privacy Policy is not acceptable to you, you should cease accessing, browsing and otherwise using the Services.

      15-16
      15. Dispute Resolution.

      If you have a complaint about Eventbrite's privacy practices you should write to us at:

      Eventbrite, Inc., Attn: Privacy Officer, 155 5th Street, Floor 7, San Francisco, CA 94103, USA, or by email. We will take reasonable steps to work with you to attempt to resolve your complaint.

      Residents of the EEA, Switzerland or the UK who believe that their information has not been processed in compliance with the Privacy Shield Principles may raise their complaints in a number of ways. For further information, please see our Privacy Shield Notice.

      16. EEA, SWITZERLAND AND UK ONLY

      The EU General Data Protection Regulation (GDPR)

      In May 2018, a new data privacy law known as the EU General Data Protection Regulation (or the "GDPR") went into effect. The GDPR requires Eventbrite and Organizers using the Service to provide Users with more information about the processing of their Personal Data.

      Here is what you need to know:

      Legal grounds for processing your Personal Data

      The GDPR requires us to tell you about the legal ground we're relying on to process any Personal Data about you. The legal grounds for us processing your Personal Data for the purposes set out in Section 4 above will typically be because:

      • you provided your consent;
      • it is necessary for our contractual relationship;
      • the processing is necessary for us to comply with our legal or regulatory obligations; and/or
      • the processing is in our legitimate interest as an event organizing and ticketing platform (for example, to protect the security and integrity of our systems and to provide you with customer service, etc.).

      Transfers of Personal Data

      As Eventbrite is a global company, we may need to transfer your Personal Data outside of the country from which it was originally provided. This may be intra-group or to third parties that we work with who may be located in jurisdictions outside the EEA, Switzerland and the UK which have no data protection laws or laws that are less strict compared with those in Europe.

      Whenever we transfer Personal Data outside of the EEA, Switzerland or the UK, we take legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data. For Personal Data we receive from the EEA, Switzerland and the UK, Eventbrite, Inc has certified its compliance to the EU-U.S. and Swiss-U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from those countries. We have certified that we adhere to the Privacy Shield principles of Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity & Purpose Limitation, Access and Recourse, Enforcement & Liability when processing Personal Data from the EEA, Switzerland or the UK in the United States. You can find out more about our commitment to the EU-U.S. and Swiss-U.S. Privacy Shield Framework in our Privacy Shield Notice.

      Feel free to contact us as set forth in Section 15 for more information about the safeguards we have put in place to protect your Personal Data and privacy rights in these circumstances.

      Personal Data retention

      We retain your Personal Data for as long as necessary to provide you with our Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements.

      If you have an account with us, we will typically retain your Personal Data for a period of ninety (90) days after you have requested that your account is closed or if it's been inactive for seven (7) years.

      Your rights.

      Data protection law provides you with rights in respect of Personal Data that we hold about you, including the right to request a copy of the Personal Data, request that we rectify, restrict or delete your Personal Data, object to profiling and unsubscribe from marketing communications.

      For the most part, you can exercise these rights by logging in and visiting the My Account page or changing the "cookie settings" in your browser (see our Cookie Statement for more information). If you can't find what you're looking for in the My Account page, please contact us using the contact information set out in Section 15 above. Please note that requests to exercise data protection rights will be assessed by us on a case-by-case basis. There may be circumstances where we are not legally required to comply with your request because of the laws in your jurisdiction or because of exemptions provided for in data protection legislation.

      If you have a complaint about how we handle your Personal Data, please get in touch with us as set forth in Section 15 to explain. If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.

      Eventbrite as a data controller and a data processor

      EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as "data controllers") and organizations that process personal data on behalf of other organizations (known as "data processors"). If you have a question or complaint about how your Personal Data is handled, these should always be directed to the relevant data controller since they are the ones with primary responsibility for your Personal Data.

      Eventbrite may act as either a data controller or a data processor in respect of your Personal Data, depending on the circumstances.

      For example, if you create an account with us to organize your events, Eventbrite will be a data controller in respect of the Personal Data that you provide as part of your account. We will also be a data controller of the Personal Data that we have obtained about the use of the Applications or Eventbrite Properties, which could relate to Organizers or Consumers. We use this to conduct research and analysis to help better understand and serve Users of the Services as well as to improve our platform and provide you with more targeted recommendations about events we think may be of interest to you.

      However, if you register for an event as a Consumer, we will process your Personal Data to help administer that event on behalf of the Organizer (for example, sending confirmation, promotional and feedback emails, processing payments, etc.) and to help the Organizer target, and understand the success of, their event and event planning (for example, providing event reports, using analytics to gain insights into the effectiveness of various sales channels, etc.). In these circumstances, Eventbrite merely provides the tools for Organizers; Eventbrite does not decide what Personal Data to request on registration forms, nor is it responsible for the continued accuracy any Personal Data provided. Any questions that you may have relating to your Personal Data and your rights under data protection law should therefore be directed to the Organizer as the data controller, not to Eventbrite.

      17-18
      17. CALIFORNIA RESIDENTS ONLY.

      If you are a California resident, we provide additional information about our information practices and you may have certain rights with respect to your information. For more information, please see the State-Specific Supplemental Privacy Notices here.

      18. NEVADA RESIDENTS ONLY.

      If you are a Nevada resident, you may have certain rights with respect to your information. For more information, please see the State-Specific Supplemental Privacy Notices here.

    • Eventbrite Supplemental Privacy Notice for California Residents

      Last Updated: July 1, 2020


      This Supplemental Privacy Notice supplements the information in our Privacy Policy, and applies solely to California residents. It applies to Personal Data we collect as a business; it does not apply to Personal Data we collect or otherwise process as a service provider.


      Eventbrite as a “Business” and a “Service Provider”


      California law makes a distinction between organizations that process Personal Data for their own purposes (known as "businesses") and organizations that process Personal Data on behalf of other organizations (known as "service providers"). Depending on the circumstances, Eventbrite may act as either a business or service provider with respect to your Personal Data. If you have a question or a complaint about how your Personal Data is handled, these should always be directed to the relevant business since they are the ones with primary responsibility for your Personal Data.

      For example, if you create an account with us to organize your events, Eventbrite will be a business with respect to the Personal Data that you provide as part of your account. We will also be a business as to the Personal Data that we have obtained about the use of the Applications or Eventbrite Properties, which could relate to Organizers or Consumers. We use this to conduct research and analysis to help better understand and serve Users of the Services as well as to improve our platform and provide you with more relevant recommendations about events we think may be of interest to you.

      However, if you register for an event as a Consumer, we will process your Personal Data to help administer that event on behalf of the Organizer (for example, sending confirmation, promotional and feedback emails, processing payments, etc.) and to help the Organizer target, and understand the success of, their event and event planning (for example, providing event reports, using analytics to gain insights into the effectiveness of various sales channels, etc.). In these circumstances, Eventbrite merely provides the tools for Organizers; Eventbrite does not decide what Personal Data to request on registration forms, nor is it responsible for the continued accuracy of any Personal Data provided. Any questions that you may have relating to your Personal Data and your rights under California law should therefore be directed to the Organizer as the business, not to Eventbrite.


      Summary of Information We Collect


      If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).

      Throughout our Privacy Policy, we describe the specific pieces of personal information we collect, the sources of that information, and how we share it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, and email address); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address); geolocation information (general location); inference data about you; physical characteristics or description (such as when you voluntarily submit a photo); and other information that identifies or can be reasonably associated with you.

      We collect the above categories of personal information from the following sources: (1) directly from you; (2) through your use of the Services; (3) agents/service providers; (4) affiliates; (5) third parties such as social networks, marketing partners, and credit reporting agencies; (6) organizers; and (7) consumers.
      We or our service providers may collect the above categories of information for the following business or commercial purposes:

      • Our or our service provider’s operational purposes;

      • Auditing consumer interactions on our site (e.g., measuring ad impressions);

      • Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;

      • Bug detection and error reporting;

      • Customizing content that we or our service providers display on the Services (e.g., contextual ads);

      • Providing the Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Services);

      • Improving our existing Services and developing new services (e.g., by conducting research to develop new products or features) ;

      • Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;

      • Other uses about which we notify you.

      We may also use the above categories of Personal Data for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.

      We describe our information sharing practices in our Privacy Policy. We may share certain categories of personal information with third parties for business purposes. For example, we may share any of the categories described above with our parent companies, subsidiaries, or affiliates. We may also share identifiers, commercial information, and general location with organizers. If you connect your Eventbrite account with social media services, interact with social media plugins or links on the Services, or contract or integrate with third parties, we may share identifiers, commercial information, internet or other network or device activity, or general location with those social media services and third parties.


      Rights

      If you are a California resident, you may have certain rights. California law may permit you to request that we:

      • Provide you the categories of Personal Data we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your Personal Data; and the categories of third parties with whom we shared Personal Data.

      • Provide access to and/or a copy of certain information we hold about you.

      • Delete certain information we have about you.

      You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you. If you ask us to delete it, you may no longer be able to access or use the Services.

      You can download a copy of your personal information or delete your personal information by deleting your account on the Account Settings page. You may also exercise your California consumer rights by email. You will be required to verify your identity before we fulfill your request. To do so, you will need to log in or provide us with certain account information, such as the full name and email address you used to create your account and your most recent event or ticket purchase. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization for the agent to act on your behalf. You will still need to verify your identity directly with us.

      The CCPA sets forth certain obligations for businesses that “sell” Personal Data. Based on the definition of “sell” under the CCPA and under current regulatory guidance, we do not believe we engage in such activity. We do share certain information as set forth in Section 5 of the Privacy Policy and allow third parties to collect certain information about your activity, for example through cookies, as explained in our Cookie Statement. For more information on how you can control or opt out of these cookies, please see the Cookie Statement.


      California Shine the Light

      We do not share personal information with third parties for their direct marketing purposes.

    • Eventbrite EU-U.S. Privacy Shield Framework

      Last Updated: March 11, 2019

      EU-US and Swiss-US Privacy Shield Framework


      We, Eventbrite, Inc. are committed to protecting your privacy. This Notice sets out the privacy principals we follow with respect to transfers of personal data from the European Economic Area ("EEA"), the United Kingdom (UK) and Switzerland to the United States, including personal data we receive from individuals residing in the EEA, the UK or Switzerland who visit our web and mobile sites or apps and/or who use any of our services or otherwise interact with us ("you").

      We adhere to the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework (together the “Privacy Shield”) as set forth by the European Commission and the US Department of Commerce regarding the collection, use and retention of personal data from EEA member countries, the UK and Switzerland. Eventbrite, Inc. has certified that it adheres to and will abide by the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability.

      For purposes of enforcing compliance with the Privacy Shield, Eventbrite, Inc. is subject to the investigatory and enforcement authority of the US Federal Trade Commission.

      For more information about the Privacy Shield, see the US Department of Commerce’s Privacy Shield website located at: https://www.privacyshield.gov. To review our certification on the Privacy Shield list, see the US Department of Commerce’s Privacy Shield self-certification list located at: https://www.privacyshield.gov/list.


      Types of personal data we collect and use


      Our online privacy policy describes the categories of personal data we may receive in the United States, as well as the purposes for which we use that personal data. We will only process personal data in ways that are compatible with the purpose we collected it for, or for the purposes you later authorize. Before we use your personal data for a purpose that is materially different than the purpose we collected it for or that you later authorized, we will provide you with the opportunity to opt-out. We maintain reasonable procedures to help ensure that personal data we collect and use is reliable for its intended use, accurate, complete, and current.



      Data transfers to third parties


      Agents, consultants and service providers: We may share your personal data with our contractors and service providers who process personal data on behalf of Eventbrite to perform certain business-related functions. These companies include our marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others. When we engage another company to perform such functions, we may provide them with information, including personal data, in connection with their performance of such functions.

      If we have received your personal data in the United States and subsequently transfer that information to a third party agent or service provider for processing, we remain responsible for ensuring that such third party agent or service provider processes your personal data to the standard required by our Privacy Shield commitments.

      Eventbrite Group Companies: We may also share your personal data with our parent companies, subsidiaries and/or affiliates for purposes consistent with this Notice.

      Business Partners: We also provide information to our channel partners, such as distributors and resellers, to fulfill product and information requests, and to provide customers and prospective customers with information about Eventbrite and its products and services.

      Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, personal data may be part of the transferred assets.

      Disclosures for National Security or Law Enforcement: Under certain circumstances, we may be required to disclose your personal data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

      Organizers: When you purchase tickets to, register for or donate to an event or related fundraising page on or through our services, we provide the personal data entered on the applicable event or related fundraising page to the Organizers of such event and related fundraising page.

      Facebook and Other Third Party Connections: You can connect your Eventbrite account to your accounts on third party services like Facebook, in which case we may collect, use, disclose, transfer and store/retain information relating to your account with such third party services in accordance with this Notice.

      Legal Requirements: We may disclose your personal data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency, or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect or defend our rights, interests or property or that of third parties, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) act in urgent circumstances to protect the personal safety of Users of the Services or the public, or (e) protect against legal liability.

      We try to minimize disclosures of personal data as reasonably practical because we are mindful of our responsibility and potential liability in cases of onward transfers to third parties.

      For further information about how we disclose your personal data, please see our online privacy policy.


      Security

      We maintain reasonable and appropriate security measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the Privacy Shield.


      Access rights

      You may have the right to access personal data that we hold about you and request that we correct, amend, delete it if it is inaccurate or processed in violation of Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. If you would like to request access to, or a correction, amendment, or deletion of your personal data, you can submit a written request to the contact information provided below. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information.



      Your choices

      You may choose to change personal data or cancel an account by contacting Eventbrite Support. You can also unsubscribe from our marketing communications by following the instructions or unsubscribe mechanism in the e-mail message, or by updating your email preferences located with such subject’s Account Settings.



      Questions or complaints

      You can direct any questions or complaints about the use or disclosure of your personal data to us at privacy@eventbrite.com. We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of personal data within 45 days of receiving your complaint. We have further committed to cooperate and comply with the panel of European data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner respectively in the resolution of any Privacy Shield complaints we do not otherwise satisfactorily address with you directly. Your DPA contact details can be found here. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.


      How to contact us:

      If you have any questions regarding this Notice or if you need to request access to or update, change or remove personal data that we control, you can do so by contacting privacy@eventbrite.com or by regular mail addressed to:

      Eventbrite, Inc.
      Attn: Legal Department
      155 5th St.
      7th Floor
      San Francisco, CA 94103
      United States

      Changes to this Notice
      We reserve the right to amend this Notice from time to time consistent with the Privacy Shield's, requirements.

    • CCPA: Collection of personal information about consumers aged 13 to 16

      We collect personal information of consumers between the age of 13 and 16 and won't sell their data unless those consumers have opted-in.

    • CCPA: Collection of personal information about consumers below the age of 13

      We collect personal information of consumers below the age of 13 and won't sell their data unless their parents or guardians have opted-in on behalf of those minors.

    • CCPA: Collection of personal information about minors

      We do not knowingly collect personal information of consumers who are below the age of 16.

    • Rights for registered California Users under the age of 18

      California's "Online Eraser" law, part of California's Business and Professions Code Sections 22580-22582, requires operators of certain websites and online services targeting minors to allow registered Users who are under the age of 18 and residents of California to request removal of content they post.

      If a registered User fits that description and posted content on this Website, they may request removal of such content by contacting the Owner or its privacy policy coordinator at the contact details provided in this document.

      In response to this request, the Owner may make content posted by the registered User invisible to other registered Users and the public (rather than deleting it entirely), in which case the content may remain on the Owner's servers. It may also be publicly available elsewhere if a third party copied and reposted this content.

    • The Service is intended for adults

      Users declare themselves to be adult according to their applicable legislation. Minors may not use this Website.

    • Transfer of personal information outside of Brazil to countries that guarantee the same protection standards as LGPD

      We can transfer your personal information outside of the Brazilian territory, if the destination country, or the international organization which receives the personal information, provides an adequate level of protection of the personal information according to the ANPD.
      The ANPD authorizes such transfers whenever it considers that country to possess and provide personal information protection standards comparable to those set forth by the LGPD, having taken into account the following:

      • the general and sectoral rules of the legislation in force in the country of destination or in the international organization;
      • the nature of the personal information subject to the transfer;
      • the compliance with the general principles on the protection of the personal information and on the rights of the individuals as set forth in the LGPD;
      • the adoption of suitable security measures;
      • the existence of judicial and institutional guarantees for the respect of personal information protection rights; and
      • any other pertinent circumstance related to the relevant transfer.
    • Transfer of personal information outside of Brazil based on contracts and other legal means

      We can transfer your personal information outside of the Brazilian territory provided that we are able to ensure that any further processing of your personal information will be in compliance with the principles and the rules established by the LGPD, and your rights are safeguarded.

      To do so, we may use one of the following legal means:

      • specific contractual clauses for each given transfer. This means that we will enter into an agreement with the recipient of your personal information to make sure that such transfers meet the requirements explained above. Such an agreement shall be subject to the ANPD’s prior verification;
      • standard contractual clauses. These clauses set terms and conditions for the transfer of personal information and are adopted by the ANPD;
      • global corporate clauses. These clauses set terms and conditions for the transfer of personal information within an organisation and, before they come into force, are subject to the ANPD’s prior verification;
      • seals of approval, certificates and codes of conduct regularly issued by the ANPD. These legal instruments allow us to transfer your personal information provided that we abide by their rules. They are subject to the previous approval of the ANPD.
    • Transfer of personal information outside of Brazil based on your consent

      We can transfer your personal information outside of the Brazilian territory if you consent to such transfer.
      When we ask for your consent, we’ll make sure to provide all the information that you need to make an educated decision and to understand the implications and consequences of providing or denying your consent.
      Such information will be given in clear and plain language and in such a way that you’ll be able to clearly distinguish these requests from other consent requests that we may possibly ask.
      You may withdraw your consent at any time.

Contact information

    • Owner and Data Controller

      Center for Italian Modern Art
      421 Broome Street, 4th Floor
      New York, NY 10013

      Owner contact email: info@italianmodernart.org