Privacy Policy
Last updated: August 30, 2025
Introduction
This Privacy Policy describes how Ticketara ("we," "our," or "us") collects, uses, and protects your information when you use our mobile application and related services (the "Service"). By using our Service, you agree to the collection and use of information in accordance with this policy.
We are committed to protecting your privacy and ensuring you have a positive experience on our Service.
Information We Collect
Information You Provide
- Account Information: Email address when you create an account
- Scanned Data: QR codes and barcode data you scan through the app
- Usage Data: Statistics about your scanning activity and app usage
Information Automatically Collected
- Device Information: Device type, operating system, unique device identifiers
- App Analytics: App performance, crash reports, and usage statistics
- Camera Data: Camera access for QR code scanning (processed locally, not stored)
How We Use Your Information
We use the collected information for the following purposes:
- Service Provision: To provide and maintain the core functionality of the Ticketara app
- Data Synchronization: To sync your tickets and statistics across your devices
- App Improvement: To analyze usage patterns and improve our Service
- Customer Support: To provide technical support and respond to your inquiries
- Security: To detect, prevent, and address technical issues and security vulnerabilities
Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal information based on the following legal grounds under GDPR Article 6:
Contractual Necessity (Article 6(1)(b))
Processing necessary to provide the app's core scanning and ticket management functionality, account creation, and data synchronization services.
Legitimate Interests (Article 6(1)(f))
Processing for app analytics, performance monitoring, security measures, and service improvements. Our legitimate interests are balanced against your privacy rights and do not override your fundamental rights.
Consent (Article 6(1)(a))
Processing based on your explicit consent for optional features such as email communications, marketing materials, or advanced analytics. You may withdraw consent at any time.
Legal Obligation (Article 6(1)(c))
Processing required to comply with legal obligations, such as responding to lawful government requests or maintaining records as required by applicable laws.
Data Sharing and Disclosure
Third-Party Services
We use Firebase services provided by Google to operate our app. This includes:
- Firebase Authentication: For user account management
- Firebase Firestore: For data storage and synchronization
- Firebase Analytics: For app performance and usage analytics
- Firebase Crashlytics: For crash reporting and app stability
Important Third-Party Privacy Information:
By using our app, your data may be processed by Google through Firebase services. Please review their privacy policies for complete information:
- • Google Privacy Policy: https://policies.google.com/privacy
- • Firebase Privacy: https://firebase.google.com/support/privacy
- • Google Analytics: https://policies.google.com/privacy/partners
Legal Requirements
We may disclose your information if required to do so by law or in response to valid legal requests, such as a court order or government investigation.
Important Note on Data Sales:
We do not sell your personal information. We do not sell, trade, rent, or otherwise monetize your personal information to third parties for marketing purposes or any other commercial purpose.
No Data Brokers: We do not share your information with data brokers or advertising networks for commercial gain.
Service Providers Only: We only share data with service providers (like Firebase/Google) necessary to operate our app, not for their independent commercial use.
Data Security
We implement appropriate technical and organizational security measures to protect your personal information, including:
- Encryption: Data is encrypted in transit and at rest
- Access Controls: Limited access to personal data on a need-to-know basis
- Regular Security Audits: Periodic assessment of our security practices
- Secure Infrastructure: Use of Google's secure Firebase infrastructure
Data Retention
We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. Specifically:
- Account Data: Until you delete your account
- Scan History: Until you delete individual records or your account
- Analytics Data: Aggregated data may be retained for up to 2 years for service improvement
Your Rights and Controls
You have the following rights regarding your personal information:
- Access: Request a copy of your personal information
- Correction: Request correction of inaccurate personal information
- Deletion: Request deletion of your personal information
- Data Portability: Request your data in a portable format
- Opt-out: Opt out of certain data processing activities
Additional Rights for EU Residents (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under GDPR:
Right to Restrict Processing
Request that we limit how we process your personal information in certain circumstances, such as while we verify accuracy.
Right to Object
Object to processing based on legitimate interests or for direct marketing purposes (though we don't engage in direct marketing).
Right to Withdraw Consent
Where processing is based on consent, you can withdraw consent at any time without affecting prior lawful processing.
Right to Lodge Complaints
File complaints with your local data protection supervisory authority if you believe we've violated your privacy rights.
EU Data Protection Contact
For EU-specific privacy inquiries:
- • Email: support@ticketara.app (Subject: "GDPR Request")
- • Response Time: Within 30 days (may be extended to 60 days for complex requests)
- • Verification: We may request identity verification to protect your privacy
- • Free of Charge: Exercising your rights is generally free (excessive requests may incur reasonable fees)
International Transfers: Your data may be transferred to and processed in countries outside the EEA. We ensure adequate protection through Google's compliance with adequacy decisions and Standard Contractual Clauses where applicable.
How to Exercise Your Rights:
You can manage most of your data directly through the app settings. For other requests or questions about your rights, you can contact us using the information provided at the end of this policy.
Account Deletion: Upon your request, we can permanently delete your account and all associated data from our systems.
California Consumer Privacy Rights (CCPA)
If you are a California resident, you have additional privacy rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Right to Know
Request information about the personal information we collect, use, disclose, and sell about you during the past 12 months.
Right to Delete
Request deletion of your personal information that we collect or maintain, subject to certain exceptions.
Right to Opt-Out
Opt-out of the "sale" of your personal information. Note: We do not sell personal information.
Right to Non-Discrimination
We will not discriminate against you for exercising your CCPA rights by denying goods or services, charging different prices, or providing different quality of service.
Personal Information Categories We Collect
Under CCPA, we may collect the following categories of personal information:
- Identifiers: Email addresses, device identifiers, IP addresses
- Internet Activity: App usage patterns, scan history, interaction data
- Electronic Network Activity: Log files, analytics data
- Geolocation Data: General location (if enabled)
Retention: We retain this information as described in our Data Retention section.
How to Submit CCPA Requests: Contact us at support@ticketara.app with "CCPA Request" in the subject line. We will respond within 45 days and may request verification of your identity to process the request.
Children's Privacy
Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can delete such information.
International Data Transfers
Your information may be transferred to and processed in countries other than your own. We use Firebase services, which may store and process data in various countries. Google ensures appropriate safeguards are in place for international data transfers.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. For material changes that affect your rights or how we process your personal information, we will provide at least 30 days advance notice via email (where possible) or prominent in-app notification. For minor changes, we will update the "Last updated" date on this page.
You are advised to review this Privacy Policy periodically for any changes. Continued use of our Service after changes become effective constitutes acceptance of the updated policy.
Changes to this Privacy Policy are effective 30 days after posting for material changes, or immediately for minor updates.
Contact Us
If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have privacy-related concerns, please contact us:
Privacy Contact
- Email: support@ticketara.app
- Response Time: Within 30 days (GDPR) or 45 days (CCPA)
- App: Use the contact form within the Ticketara mobile app
General Contact
- Website: ticketara.app
- Subject Line: Include "Privacy Request" for faster processing
- Policy Updates: Check this page regularly for updates
For EU Residents: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.