Loading...
Loading...
Loading...
Introduction
At CONCERT PLAZA S.A.S (hereinafter, the Controller), identified with Tax ID No. 901872264-7, domiciled in Medellín, Antioquia, we are a Colombian company that through this website and the Concert Plaza App provides ticket sales services (and ticket consultation) for access to public artistic and cultural events, through electronic authentication kiosks on the Internet. Our Personal Data Processing Policy (also known as the Privacy Policy) applies to any person registered on our digital platform (users). Information about public artistic and cultural events is available to people who are not users of our platform.
Services
This Privacy Policy, which includes our Cookie Policy, applies to the use and services offered by our website https://concertplaza.tv/es and the Concert Plaza App.
I. Glossary
Data Subject: A natural person whose personal data are subject to Processing;
Third Party: A natural or legal person, national or foreign, different from the Data Subject or CONCERT PLAZA.
User: A natural person registered on our website https://concertplaza.tv/es to carry out ticket purchases and/or ticket activities, who may consult them through the App https://concertplaza.tv/es.
Information/Personal Data: Refers to any information processed by the Controller or a third party designated by it that identifies a person, or that can reasonably be used to identify a person, either directly or indirectly, alone or combined with other data. This includes, among others, the following types of information: a. Identification data b. Contact data c. Financial and/or credit data.
Sensitive Personal Data: Refers to personal data that, if misused, could cause discrimination of the data subject; this data includes information revealing racial or ethnic origin, political orientation, religious or philosophical beliefs, union membership, health, sexual life, or biometric data, among others.
Processor: A natural or legal person, public or private, who by itself or jointly with others, processes personal data on behalf of the Controller.
Controller: A natural or legal person, public or private, who by itself or jointly with others, decides on the database and/or the processing of the data.
SIC: Refers to the Colombian Superintendence of Industry and Commerce.
Privacy Notice: Refers to the text made available to Data Subjects to easily disclose this Privacy Policy.
Authorization: Prior, express, and informed consent of the Data Subject to carry out the processing of their personal data.
Database: An organized set of personal data that is subject to processing by the Controller or a third party designated by it.
Information Systems: The information systems of CONCERT PLAZA S.A.S for the development of its corporate purpose.
CONCERT PLAZA Website: https://concertplaza.tv/es.
Transfer: An activity that occurs when the Controller and/or Processor sends information or personal data to a third party who will act as Controller and may be located inside or outside the country.
Transmission: Processing of personal data that involves communication thereof inside or outside the territory of the Republic of Colombia, for the purpose of having it processed by a Processor on behalf of the Controller.
Processing: Any operation or set of operations on personal data, such as collection, storage, use, circulation, deletion, transmission, and transfer.
II. Identification of the Controller
The company CONCERT PLAZA S.A.S, identified with Tax ID No. 901872264-7, domiciled in Medellín, Antioquia, physical address Carrera 22 47 97, Office 403, phone number +57 3026022650, email concertplaza@gmail.com, website https://concertplaza.tv/es and Concert Plaza App, is the Controller of the personal data of users and, for purposes of this policy, will hereinafter be referred to as the Controller.
III. Purpose and scope
This Policy establishes the terms, conditions, and procedures for the processing of users’ personal data, in strict compliance with Law 1581 of 2012, Decree 1377 of 2013, and Law 1266 of 2008.
IV. Processing to which data will be subject and purposes
The Personal Data provided by Data Subjects directly or through their legal representatives/agents or heirs will be subject to collection, storage, use, circulation, deletion, transmission, and transfer to third countries according to the purposes described below. Financial data will be limited exclusively to collection, transmission, and use for payments, banking authorizations, validations, and mandatory reporting to credit bureaus (positively or negatively), in accordance with Law 1266 of 2008, without prolonged storage or additional circulation except as strictly necessary to process transactions with authorized providers under confidentiality agreements:
A. Main Purposes (Mandatory):
1. Manage the contractual relationship derived from the purchase of tickets and/or passes, including processing identification and contact of the buyer; transaction, invoicing, issuance, and delivery of tickets.
2. Manage payment and the Data Subject’s commercial and financial relationship, including the use of payment platforms and, if applicable, reporting of credit, commercial, and service information under the framework of Law 1266 of 2008.
3. Transfer and/or transmit information to Event Partners (Promoters, Venues, and Sponsors) for event logistics management, seat assignment, access control, venue security, and notification of changes, cancellations, or crucial information about the related show in purchased tickets and/or passes.
4. Perform transactional security analysis, fraud prevention, illegal resale, and misuse of intellectual property, based on the legitimate interest of the Controller and compliance with legal obligations.
5. Handle and process inquiries and complaints submitted by the Data Subject.
6. Comply with the company’s legal, accounting, and contractual obligations, including, but not limited to, invoicing and management of contractual relationships.
7. Transfer and/or transmit Personal Data (except financial data, which may only be transmitted to processors) to parent companies, subsidiaries, business partners, and technology providers located outside Colombia, for hosting services, payment processing, and global technical support.
B. Ancillary Purposes (Optional):
1. Sending promotional information, personalized advertising, satisfaction surveys, market studies, and communication of offers about future events that may be of interest to the Data Subject.
2. Audience profiling and personalization of the website and application experience, based on purchase and browsing history.
V. Rights of Data Subjects
The Data Subject or their heirs have the right to exercise habeas data at all times as follows:
1. To know, update, and rectify their Personal Data.
2. To request proof of the Authorization granted, except when exempted by law.
3. To be informed regarding the use given to their data.
4. To submit inquiries about the personal information held in our database.
5. To submit complaints when they consider that the information in our database should be corrected, updated, or deleted, or when they notice an alleged breach of any duties contained in the law.
6. To file complaints with the Superintendence of Industry and Commerce (SIC) for violations of the Law.
7. To revoke the Processing Authorization at any time, provided there is no legal or contractual duty preventing such revocation.
VI. International transfer and transmission of data
Data Subjects, their legal representatives/agents, or heirs hereby grant prior, express, and unequivocal authorization for the transfer and/or transmission of their Personal Data (except financial data, which may only be transmitted to processors) to the Controller’s parent companies, affiliates, or subsidiaries, as well as to third-party technology service providers and payment platforms located abroad. The Controller guarantees that international recipients are contractually obligated to comply with Colombian personal data protection standards.
VII. Procedure for inquiries and complaints
The Controller will be responsible for handling inquiries and/or complaints made by the Data Subject or their legal representatives/agents or heirs. Data Subjects may exercise their rights through the email channel concertplaza@gmail.com
• Inquiry (Knowledge, Access): Will be addressed within a maximum period of ten (10) business days from the date of receipt, in accordance with applicable law.
• Complaint (Rectification, Update, Deletion, Revocation, Complaints): Will be addressed within a maximum period of fifteen (15) business days from the day following its receipt, in accordance with applicable law.
VIII. Security
In compliance with our legal duty and in accordance with Law 1581 of 2012 and Decree 1377 of 2013, we adopt rigorous technical, human, and administrative measures to protect your personal data against unauthorized access, use, modification, or disclosure. We use industry-standard security tools, such as HTTPS encryption, to protect data transmission, and we conduct periodic audits and controls to identify and mitigate potential vulnerabilities in our systems. Although we implement the most reasonable and appropriate security measures, you should be aware that no data transmission or storage system is completely infallible. Therefore, we cannot guarantee the absolute security of the information you share with us. In the event of a security incident compromising your personal data, we commit to informing you in a timely manner and in accordance with the guidelines established by the Superintendence of Industry and Commerce (SIC).
IX. Use of cookies, web beacons, and similar technologies
The Controller uses cookies and similar technologies primarily for identity authentication, allowing your session to remain active securely while you browse. These tools allow us to recognize you when you return to our platform, record your selected preferences (such as city or geographic area), process your shopping cart, and facilitate secure payment processing (without directly storing sensitive financial data in cookies), and allow access to your purchase history and private profile on both the website and the Concert Plaza App. In addition to authentication functionalities, the Controller and its advertising partners may use cookies, web beacons, and similar tracking technologies for analytical and advertising purposes. These tools allow us to recognize and analyze whether you are a new or returning visitor, measure traffic flow, and better understand user interests on our website and app; conduct behavioral advertising by collecting information about your browsing history and behavior (both on our site and on external sites) to show you personalized advertising content relevant to your interests; and manage and control cookies. You may control or reject cookies directly from your browser settings. However, it is important to note the distinction between types of cookies: if you choose to block the authentication cookies described above, critical site functionalities, such as account access and ticket purchasing, will cease to function. Only the rejection of cookies, web beacons, and similar tracking technologies for analytical and advertising purposes will not affect site functionality.
X. Responsibility regarding the use of financial information
The Controller may use the financial information provided by users to verify compliance with the requirements of Colombian financial institutions, to carry out sales and other transactions related to ticket purchases on the website efficiently, to deliver goods and services requested, to enroll users in discount, refund, and other programs they choose to participate in, and to conduct quality assurance. In some cases, we may use and consequently provide financial information to service providers to help us perform some of these tasks. In such cases, we require service providers to enter into confidentiality agreements with us that provide at least the same level of protection as that provided by the Controller. We may also provide financial information to credit card issuers, financial institutions, or credit card processors to process transactions exclusively for banking authorizations and validations. Likewise, we may provide financial information to event organizers primarily to facilitate ticket delivery, resolve disputes, and provide customer service at the event venue and date, and to merchants providing goods, services, or reservations you purchased or ordered, or administering program offers you joined through this site. Your information may also be consulted at any time and reported to credit bureaus positively or negatively, as applicable. We may disclose specific financial information when we determine such disclosure may be useful to comply with the law or when required by a competent authority, to cooperate with or seek assistance from public safety authorities, to protect the interests or safety of the Controller or other visitors to the CONCERT PLAZA website or users of services or products provided by us, or to jointly participate with other entities in anti-fraud activities. CONCERT PLAZA is not responsible or otherwise legally liable for any use or disclosure of your financial information by a third party with whom CONCERT PLAZA is permitted to disclose such information under this privacy notice.
XI. Means and procedure for policy updates
This Policy will serve as the means for notifying changes or updates and will be published at https://concertplaza.tv/es.
XII. Personal data of children and adolescents
The Controller does not collect information from users under 18 years of age; however, when personal data of children or adolescents is obtained, authorization will be obtained from the parents, legal representative, or guardian of the minor.
XIII. Intellectual property
Databases and the different types of electronic repositories are intellectual creations subject to copyright protection. The Controller is the owner of the databases it uses and fully complies with personal data protection and habeas data regulations contained in Law 1581 of 2012 and Decree 1377 of 2013 and, only insofar as applicable, Law 1266 of 2008 and its regulatory decrees. Consequently, as the holder of rights over the databases, the Controller is the only party authorized to permit their use, reproduction, or disposition to third parties.
XIV. Validity
The Controller reserves the right to modify this Personal Data Processing and Protection Policy at any time; therefore, we invite you to consult our website https://concertplaza.tv/es and the Concert Plaza App regularly or periodically, where the latest version of this Policy will be made available. However, pursuant to Article 5 of Decree 1377 of 2013, when substantial changes are made to the PTDP regarding the identification of the Controller and the purpose of Processing that affect the content of the authorization, such changes must be communicated to the Data Subject and the Controller will obtain new authorization from the Data Subject. The data provided will be used for the time necessary to fulfill the purposes described in this Policy and in the Platform’s Terms and Conditions. This Personal Data Processing and Protection Policy enters into force as of its last update, on January 22, 2025.
☑️ I authorize CONCERT PLAZA S.A.S. to process my data to send me promotional information, newsletters, and personalized offers about future events in accordance with its personal data processing policy.
☑️ I authorize the processing of my personal data in accordance with the Personal Data Processing Policy and the Terms and Conditions of Use, which I state I know and have read. The above is for the purposes mentioned at the following link: Purposes.
I. Identification of the Data Controller: The company CONCERT PLAZA S.A.S., identified with Tax ID No. 901872264-7, with main domicile in Medellín, Antioquia, phone number +57 3026022650, email address concertplaza@gmail.com and website https://concertplaza.tv/es and Concert Plaza App, is the Controller of users’ personal data, who for the purposes of this policy shall hereinafter be referred to as the Controller.
II. Purposes
A. Main (Mandatory) Purposes:
III. Data Subject Rights and Policy: Learn everything about the processing of your data, your rights, and the procedures for inquiries and complaints at the following link: Personal Data Processing Policy.
