Privacy Policy
Privacy Policy
Last updated: July 6, 2026
This policy explains how PasseTonBillet collects, uses, stores and protects your personal data when you use passetonbillet.fr, your account, ticket purchase and resale services, alerts, customer support and related tools.
Summary
- Data controller: NITO, a simplified joint-stock company publishing PasseTonBillet, 6 rue d'Armaillé, 75017 Paris, France, Paris Trade and Companies Register No. 513 007 880.
- Personal data contact: support@passetonbillet.fr or the customer support chat.
- Data processed: account data, contact details, ticket data, transaction data, data required for identity and payment checks, support data, technical data, cookies and alert preferences.
- Main purposes: creating and managing your account, enabling ticket purchase and resale, managing alerts and waiting lists, securing transactions, preventing fraud, processing payments, responding to support requests, complying with legal obligations and improving the service.
- Legal bases: performance of a contract, legal obligations, PasseTonBillet's legitimate interest and, where required, your consent.
- Payments: Stripe processes certain data required for payments, payouts, refunds and transaction-related checks.
- Recipients: authorized PasseTonBillet teams, technical providers, payment providers, organizers or ticketing providers where necessary, authorities or advisers where required by law or where rights need to be defended.
- Your rights: access, rectification, erasure, objection, restriction, portability, withdrawal of consent and instructions regarding what happens to your data after your death.
- Response time: one (1) month from receipt of your request, extendable by two (2) months in the event of a complex or numerous request, after you are informed within the initial period.
- Complaint: you may contact the CNIL: https://www.cnil.fr.
1. Who is responsible for processing your data?
The data controller is NITO, the simplified joint-stock company that publishes PasseTonBillet.
Address: 6 rue d'Armaillé, 75017 Paris, France
Trade and Companies Register: Paris 513 007 880
Personal data contact: support@passetonbillet.fr
PasseTonBillet acts as data controller for processing operations required to operate its service: account management, ticket purchase and resale, payment, payout, refund, support, security, fraud prevention, dispute management, alerts and service-related communications.
For certain official ticket exchanges, an organizer may also process data for its own purposes, for example event management, access control, attendee relationship management or legal obligations. Where PasseTonBillet processes data on behalf of an organizer, such processing is governed by the organizer's instructions and the applicable agreements.
2. What data is collected?
PasseTonBillet only collects data that is necessary for the operation of the service, transaction security and compliance with its legal obligations.
The main categories of data concerned are:
- identification data: last name, first name, date of birth, country of residence, postal address where necessary, identity document where required for verification;
- contact data: e-mail address, phone number, exchanges with customer support;
- account data: login credentials, preferences, activity history, settings and consents;
- ticket data: event, date, venue, category, fare, price, uploaded file, information visible on the ticket, ticket status;
- transaction data: purchase, sale, payout, refund, dispute, evidence and supporting documents relating to a transaction;
- payment data: information required to process a payment, refund or payout, including information sent to the payment provider;
- alerts and waiting list data: followed event, search criteria, notification preferences, registration date and alert status;
- technical and security data: IP address, browser, device, connection logs, security logs, sensitive actions performed on the account;
- cookies and trackers: data required for website operation, audience measurement, security or certain services subject to consent.
PasseTonBillet does not ask you to provide sensitive data that is not necessary to use the service. If a ticket, supporting document or message contains specific information, it is processed only to the extent necessary for the transaction, support, security or compliance with a legal obligation.
PasseTonBillet does not store full bank card numbers. Payments are processed by Stripe in accordance with Stripe's own security rules and privacy policy: https://stripe.com/fr/privacy.
3. Why is your data used?
Purpose | Examples of data concerned | Main legal basis | Indicative retention period |
|---|---|---|---|
Creating and managing your account | Identity, e-mail, phone, preferences, account history | Performance of the contract | Duration of account use, then limited archiving |
Ticket purchase, resale and follow-up | Ticket data, transaction, status, supporting documents | Performance of the contract | Time required to monitor the transaction, then legal or evidentiary archiving |
Alerts and waiting lists | Followed event, criteria, notification preferences | Performance of the contract or consent depending on the case | Until deletion of the alert, expiry of the event or unsubscribe |
Payments, payouts and refunds | Transaction, payment, payout and refund data | Performance of the contract and legal obligations | Applicable accounting, tax and regulatory periods |
Identity, payment and security checks | Identity, verification document, payment information, logs | Legal obligations and legitimate interest | Time required for checks and applicable obligations |
Fraud prevention and dispute management | Ticket, transaction, evidence, logs, support exchanges | Legitimate interest | Time required to handle the case, then evidentiary archiving |
Customer support and request follow-up | Messages, attachments, contact history | Performance of the contract and legitimate interest | Time required to process the request, then limited archiving |
Service-related communications | E-mail, phone, account, relevant event | Performance of the contract | Duration of the relationship with you |
PasseTonBillet commercial communications | E-mail, preferences, consent, useful history | Consent or legitimate interest depending on the case | Until withdrawal of consent or expiry of the applicable period |
Security, maintenance and website improvement | Logs, technical data, errors, browsing path | Legitimate interest | Limited period depending on the nature of the data |
Compliance with legal obligations | Invoicing, accounting, authority requests | Legal obligation | Period required by applicable regulations |
These periods may be adjusted where the law requires a longer period, where retention is necessary to establish, exercise or defend a right, or where a fraud, dispute or security case is ongoing.
4. Who may receive your data?
Your data may be disclosed only where necessary and proportionate:
- to authorized PasseTonBillet teams;
- to other users, only where certain information is necessary for a transaction or to resolve a dispute;
- to Stripe and payment providers, to process payments, payouts, refunds, checks and regulatory obligations;
- to PasseTonBillet's technical providers: hosting, security, customer support, e-mailing, internal tools, technical analysis and audience measurement;
- to organizers, producers, venues, rights holders or ticketing providers, where necessary to manage an official ticket exchange, event security, access control, ticket issuance or cancellation, cancellation or postponement management, or compliance with the rules applicable to the event;
- to tools or providers used by an organizer, for example a ticketing, access control or customer relationship management tool, where such transfer is necessary and governed;
- to advisers, insurers, administrative or judicial authorities, where required by law or where a right must be defended.
Data sent to an organizer or ticketing provider may include your last name, first name, e-mail address, phone number where necessary, ticket information, transaction history relating to the event, ticket status and preferences or consents useful for event management.
Where an organizer uses your data for its own purposes, it acts under its own responsibilities and its own information documentation. PasseTonBillet limits transfers to data necessary for the operation of the ticket exchange, event security and compliance with applicable obligations.
PasseTonBillet requires its providers to process data with appropriate confidentiality and security guarantees.
5. Is data transferred outside the European Union?
Certain providers may process or make data accessible from a country outside the European Union, in particular for payment, security, customer support, hosting or certain technical tools.
Where this occurs, PasseTonBillet ensures that the transfer is based on a safeguard recognized by applicable regulations, for example an adequacy decision, standard contractual clauses approved by the European Commission or any other authorized mechanism.
6. How long is your data kept?
PasseTonBillet keeps your data only for the period necessary for the purposes described in this policy, then deletes, anonymizes or archives it where required by law.
As an indication:
Data category | Indicative period |
|---|---|
Account data | During account use, then up to 3 years after the last activity or account closure, unless otherwise required |
Transaction data | Time required to monitor the transaction, then up to 5 years for evidentiary purposes, unless a different legal period applies |
Invoicing and accounting data | Up to 10 years where accounting or tax regulations require it |
Payment and regulatory verification data | Time required for processing, then periods imposed on the payment provider or by applicable regulations |
Support data | Time required to process your request, then limited archiving |
Dispute, fraud or security data | Time required to handle the case, then appropriate evidentiary archiving |
Alert and waiting list data | Until deletion of the alert, expiry of the event, unsubscribe or account closure |
Technical and security logs | Short period adapted to security needs, which may be extended in the event of an incident, fraud or dispute |
Cookies and trackers | Limited period depending on the tracker concerned and the choices expressed in the consent module |
Certain data may be kept longer where necessary for a legal obligation, an authority request, a dispute, a fraud investigation or the defense of PasseTonBillet's rights.
7. What are your rights?
You have the following rights over your personal data:
- right of access;
- right to rectification;
- right to erasure;
- right to object;
- right to restriction of processing;
- right to data portability;
- right to withdraw your consent where processing is based on consent;
- right to define instructions regarding what happens to your data after your death.
You can exercise your rights by writing to support@passetonbillet.fr or via the customer support chat.
PasseTonBillet may ask you for additional information or proof of identity where necessary to confirm your identity. You will receive a response within one (1) month. This period may be extended by two (2) months if the request is complex or if the number of requests justifies it, provided that you are informed within the initial one (1) month period.
If you believe that your rights are not respected, you may lodge a complaint with the CNIL: https://www.cnil.fr.
8. How is your data protected?
PasseTonBillet implements technical and organizational measures designed to protect personal data against unauthorized access, loss, alteration or unauthorized disclosure.
These measures include in particular:
- limiting access to authorized persons only;
- application and hosting security measures;
- encryption of exchanges where necessary;
- monitoring of sensitive operations;
- selection of providers offering appropriate security guarantees;
- procedures for handling incidents, disputes, fraud and user requests.
In the event of a data breach likely to create a risk to your rights and freedoms, PasseTonBillet applies the obligations provided for by applicable regulations, including notification to the CNIL within seventy-two (72) hours where required. Where the breach is likely to create a high risk to your rights and freedoms, PasseTonBillet informs you under the conditions provided by applicable regulations.
9. Cookies and trackers
PasseTonBillet uses cookies and trackers that are necessary for the website to operate, for example to maintain your session, secure your connection, remember your preferences, enable ticket purchase or prevent fraud. These cookies are necessary for the service and do not always require your consent.
Other trackers may be used to measure audience, improve the service, analyze website operation or provide certain features. Where consent is required, a banner or management module allows you to accept, refuse or change your choices.
You can change your cookie preferences at any time from the consent module available on the website where it is displayed. You may also configure your browser to limit certain trackers, but blocking necessary cookies may degrade or prevent the use of certain services.
10. Minors
Payment, sale and identity verification services may be reserved for persons with legal capacity or subject to specific conditions.
If you are a minor, you must use PasseTonBillet with the consent of your legal representative and contact customer support before any sale or identity verification. PasseTonBillet may request additional information where necessary to verify the situation and secure the transaction.
11. Updates to this policy
This policy may be updated to reflect changes to the service, our providers, regulations or internal practices. The update date shown at the top of the page identifies the applicable version.
In the event of a substantial change, PasseTonBillet may inform you by e-mail, website notification, message in your account or any other appropriate means.
Updated on: 06/07/2026
Thank you!
