Skip to content

Privacy Policy Tactile

Who are we

We are Tactile, a private company with limited liability registered as Tactile B.V. at Kinkerstraat 58D, 1053 DZ, Amsterdam, The Netherlands.

Our platform provides a ticketing system, a (cashless) payment system, access control and other types of interactions at events and venues.

Why we collect and process personal data

The nature of the services we provide requires us to collect and process personal data. Your personal data is all data that is somehow relatable to you. This privacy policy explains what personal data we collect, why we collect that data and when we will erase that data. Furthermore this document discusses what security measures are taken to protect your data and with whom the personal data may be shared.

Depending on your relation with Tactile we may be either a processor of your personal data, a controller or both. The terms processor and controller are in accordance with the General Data Protection Regulation (European Regulation 2016/679), but we’ll explain what they mean for you below. For the following sections, we will make a distinction in the following relationships you can have with us:

  1. If you are a visitor of an event or venue that uses our platform, we will only act as a processor of your data. Our client, for example an event organiser, fully determines the reasons for collecting and types of personal data we collect. Therefore our client is the controller of your personal data collection.
  2. If you are a client of us, a (potential) employee or another type of a collaborative partner, we may also gather personal data of you for purposes of Tactile. In that case, we will act as a controller.

system, access control and other types of interactions at events and venues.

What personal data we collect and why

For visitors of events or venues that use our platform

If you are a visitor of an event or venue that uses the tactile platform, there are several data that we collect about you. What data we collect and process, for what reason, if we share it with others, and when we delete the data can be viewed in the following table:

FieldCategoryReason for gathering / usageWill be shared with organiserMay be shared with other visitors?May be shared with third parties?Retention Period
NamePersonalia- Identification for access to events
- Identification for security (for payments)
- Communication (email header etc.)
- Possibility to share with third parties (after consent)
- For interaction activities with other visitors of the event
YesYes, e.g. group members if decided by organiserOnly when requested by userPartnership agreement period
EmailPersonalia- Communication
- Possibility to share with third parties (after consent)
YesYes, e.g. group members if decided by organiserOnly when requested by userPartnership agreement period
Mobile NumberPersonalia- Communication
- Possibility to share with third parties (after consent)
YesYes, e.g. group members if decided by organiserOnly when requested by userPartnership agreement period
Date of birthPersonalia- Identification for security (for payments)
- Age validation for bars
- For interaction activities with other visitors of the event
YesNoOnly when requested by user- Partnership agreement period
- Afterwards converted to age (part of anonymization)
IBAN or other payment detailsPayment- In case of direct debit IBAN is necessary for the payment systemOnly when needed for Direct DebitNoNoPartnership agreement period
Profile PicturePersonalia- Identification for access to events
- Identification for security (for payments)
- For interaction activities with other visitors of the event
YesYesOnly when requested by userPartnership agreement period
Preferred LanguagePersonalia- Correct communicationYesYesOnly when requested by userPartnership agreement period
Specific Event related questions (e.g. dietary preferences, requested workshops)Organiser- Necessary for organiserYesYesOnly when requested by userPartnership agreement period
Transaction logsPayment- Improving this and coming events
- Insights in turnover
- Speeding up payments
Only metadata such as the amount of products that was bought at a certain location or event (will never be relatable to an individual)YesOnly when requested by userPartnership agreement period
Checkin/checkoutInteraction- Improving this and coming events
- Security of visitors
- Convenience for visitors
Yes, for emergencies it is necessary to check how many and which people are still insideYesOnly when requested by userPartnership agreement period
Tag to share contact detailsInteraction- Convenience for visitors
- Possible sponsor deal
NoOnly when requested by userOnly when requested by userPartnership agreement period
Photo tagInteraction- GDPR Compliance
- Convenience for visitors
- Entertainment
YesYesOnly when requested by userPartnership agreement period
Vote for musicInteraction- EntertainmentNoYesOnly metadata (the count of people voted)Partnership agreement period
Tactile Party MeetupInteraction- EntertainmentNoOnly when requested by userNoPartnership agreement period

For clients and other collaborative partners

If you are a collaborative partner of us, such as a client, an ambassador or an employee, we will likely collect and process some personal data of you. What data we might collect, for what reason and how long we keep it is listed below:

FieldCategoryReason for gathering / usageMay be shared with third parties?Retention Period
NamePersonaliaFor clients:
– For communication
For collaborative partners:
– For communication
– For records of agreements
Only with explicit consent2 years or longer if we are legally required to.
EmailPersonaliaFor clients:
– For communication
For collaborative partners:
– For communication
Only with explicit consent2 years or longer if we are legally required to.
Mobile NumberPersonaliaFor clients:
– For communication
For collaborative partners:
– For communication
Only with explicit consent2 years or longer if we are legally required to.
Date of birthPersonaliaFor collaborative partners:
– Legal obligation (e.g. employee contract)
NoTill two years after ending of the collaboration.
Payment details + tax detailsPaymentFor clients:
– Corrections for invoices
For collaborative partners:
– For payment of fees such as salaries etc.
NoTill two years after ending of the collaboration.
CVPersonaliaFor collaborative partners:
– For job applicants
Only with explicit consentTill two years after ending of the collaboration.
Personnel file (such as data in employee contract)PersonaliaFor collaborative partners (specifically employees):
– Necessary for personnel administration
NoTill two years after ending of the collaboration.

What we do to protect your data

Tactile is a technology focused company and we try hard to keep up with advancements in cyber security to make sure that we are resilient to possible attacks that may be a risk for the protection of your personal data. Specifically, we take the following measures to enforce the protection of your data:

  • We will only send your data over secured connections;
  • data will be stored on secured servers that are only accessible through multi factor authorization;
  • direct communication with our servers are only possible via SSH;
  • Tactile domains are only accessible via HTTPS;
  • we collaborate with (former) students of the Master program System Engineering at the University of Amsterdam to prepare red teaming attacks to identify possible vulnerabilities of the Tactile platform.

Where we store your data

Most of our servers are located in Amsterdam. We will not store your personal data on servers outside of the European Union.

Contact

We try our best to make legal documents such as our privacy policy as readable as possible. However, the privacy matter is quite complex and we would understand if you still have questions after reading this document. If that is the case, please contact us via: privacy@tactile.events.