ქარ

Privacy Policy

Rune Georgia LLC (business code: 405761153), (hereinafter - the Company) is a legal entity registered in accordance with the legislation of Georgia, which sells electronic tickets for various events to users through the www.rune.ge platform and which, for the purposes of this policy, is the person responsible for the processing of users' personal data.

General information

We take utmost care to protect your personal data and process them in accordance with the Georgian Law "On Personal Data Protection". Please read this Policy carefully to understand how we collect, process, store and/or share your personal data. The Company respects the confidentiality of your personal data and ensures the secure processing of your data in accordance with the current legislation of Georgia for the protection of personal data.

Personal data is information that allows us to identify a person. This can be — name, surname, e-mail, phone number, IP address, etc.

Type of personal data we process

The company processes only the data that is necessary to provide our services. Namely the following may be processed:

  • Contact information (email, phone number)
  • Identification details
  • Residential address (as needed)
  • Payment information (e.g. bank account number, card type, expiration date, etc.) that is necessary to make a payment
  • Transaction history
  • IP address and device data
  • Information obtained through cookies
  • Information obtained from public sources
  • Data obtained during communication, which may be data obtained via email, telephone, social media or other communication channel

Information about your personal data is obtained only with your consent, based on information provided by you, and in the following cases:

  • When you become our customer and register on our platform, you acquire our services accordingly;
  • When you use company products;
  • When you purchase electronic tickets for an event posted on the Platform;
  • When you send us messages via the platform's online chat, email, or other communication channel;
  • When you submit a claim
  • We also collect your data from organizations such as public registries, payment service providers, financial institutions and/or other public organizations.

Purposes of processing personal data

Personal data is processed in accordance with Georgian legislation and for various purposes, which may include:

  • Ticket sales and service delivery
  • User identification and authorization
  • Reporting and payment processing
  • Communication with the user (by email, phone or other channels)
  • Fulfilment of legal obligations
  • Obtaining analytical information for the purpose of website security and improvement;
  • Providing the company's services;
  • Improving the service;
  • Data security;
  • Preventing misuse of the company's systems and platform
  • For the detection and investigation of various types of crimes
  • For direct marketing purposes, which means, with your consent, the company periodically offers various products/services, developing/planning marketing activities;
  • To establish appropriate communication with the user if necessary and to receive appropriate feedback (using email and/or other communication channels)
  • We inform you that the processing of personal data of minors is possible only in cases strictly defined by law. The Company does not process personal data of minors under standard conditions. Given that the purchase of the service requires the provision of identification data and if the purchase of this service is made for a minor, the Company declares that personal data will be processed in the best interests of the minor, in accordance with the legislation of Georgia.

In addition, we would like to inform you that minors under 18 are prohibited from using the platform. The Company guarantees that in case if a minor uses the platform and is identified, his/her personal data will not be stored. Considering all of the above, by registering on the platform, you confirm that you are at least 18 years old. The Company guarantees that in such a case, each data will be processed only to the extent necessary to achieve the above-mentioned purpose(s).

Legal basis for data processing

The processing of personal data is based on the following legal grounds:

  • User consent to the processing of personal data;
  • Compliance with a legal obligation
  • Performance of a contract
  • Our legitimate interest, which does not violate the rights of the data subject/user. The Company has a legitimate interest based on the improvement of the service, system security and protection of legitimate business interests. The Company’s legitimate interest may be based on fraud prevention and security, for example: verifying the user’s identity in case of suspicious activity; as well as improving customer service, optimizing the website and services, protecting the Company’s legal interests, for example: preserving evidence necessary in the event of disputes, claims or legal proceedings, protecting the Company’s systems and property from improper use;
  • Public access to user data;
  • Other cases provided for by Georgian legislation

Personal data provision by the user is a mandatory prerequisite for the full provision of the service. In case of refusal to provide data, the company will not be able to provide the relevant service or fulfil its legal obligations. Data provision is necessary:

  • To enter into or perform a contract;
  • To fulfil obligations under the applicable legislation of Georgia;
  • To provide the service securely and transparently;

If the user does not provide us with the personal data specified in this policy, the company will not be able to:

  • sell and deliver the ticket,
  • process the transaction,
  • Fulfil the necessary legal obligations (e.g., accounting or reporting)

Processing of user personal data for direct marketing purposes

By agreeing to this Policy, you consent to the processing of your personal data for direct marketing purposes. Within the framework of direct marketing, the Company has the right to send you various offers of new products or services via short text messages and e-mails (which you have shared during registration and/or financial transactions carried out without registration on the Platform).

The user has the right to request the termination of direct marketing at any time. The request can be made by replying to the same message with the text: NO SMS, or by sending a feedback message if the message is sent by e-mail.

Cookies

We use so-called ready-made records (Cookies) for the effective functioning of the website, analytics and marketing purposes. The user can disable cookies at any time from the browser settings. Cookies are used to effectively provide services to the user. Through ready-made records, we collect information about the pages opened, information about the actions performed on the platform, the length of time spent on the site, general information about how you use the platform. All this allows us to constantly improve the quality of service and create a platform tailored to you.

When logging into the platform, the user will be presented with information about the use of ready-made records, which, by clicking on the "Agree" button, will consent to the use of ready-made records by the company. The user can also refuse to accept the use of ready-made records. The user can also disable cookies at any time from the browser settings. We would like to inform you that if you do not agree to the "Cookie Policy" (which is also located on the platform) or block or delete Cookie files, some of the services/functionalities offered by us may not function properly, which may result in you being unable to receive our service in fully or in partially.

Automated individual decision-making (profiling) and related rights

Your data may be processed in the course of automated decision-making (profiling). The basis for which may be your consent, performance of obligations imposed on us by law and/or by an existing contract between us. The user has the right not to be subject to a decision made solely by automated means, including profiling, which produces legal or other significant results concerning him or her, except in cases where the decision-making based on profiling:

  • Is based on the data subject's explicit consent;
  • Is necessary for entering into or the performance of a contract between the data subject and the controller;
  • Is provided for by law or by a subordinate normative act issued within the framework of delegated powers on the basis of law.

Sharing data with third parties

We do not share your personal data with third parties, except when:

  • It is necessary to provide the service
  • There is a legal requirement
  • The user gives their consent

Your personal data may be shared in accordance with the requirements of the law. The data may be shared with third parties in a contractual relationship with the Company, who must provide you with the product you have selected, for whom sharing your personal data is important for the Company to fully provide you with the service. Third parties to whom your personal data may be provided are obliged to protect their security and confidentiality in accordance with applicable legislation and this Policy. Data may be shared:

  • In case of purchasing a ticket, with the event organizer;
  • With authorities specified by law, upon presentation of a relevant official document;
  • With telecommunications operators in case of sending relevant notifications for direct marketing purposes;
  • With service providers, IT service providers;
  • With third parties with your consent;
  • Detection, investigation and prevention of fraud and other types of crimes or misconduct, which are carried out by specialized companies;

The protection of your personal data is important to us, therefore, in order to properly protect your data, if we transfer your personal data to a third party, we verify before transfer whether they have taken appropriate organizational, legal and technical measures to protect the data.

In the event of a reorganization, merger, spin-off and/or sale of the company, or any structural change, the company may share your personal data, however, the relevant party will be required to undertake in advance a binding obligation to protect the security and confidentiality of your data.

The Company has the right to disclose your personal data to relevant law enforcement or other authorities/organizations and/or to transfer data for the purpose of detecting, investigating, preventing crime or for other legal purposes in cases specified by law. We also reserve the right to disclose your information to protect the rights, property or safety of users or others.

The Company may transfer the User's personal data to data recipients located in foreign countries in cases where this is necessary to ensure the quality and functionality of the service. In particular, for the purposes of website analytics, technical support, and information infrastructure.

In this case, the company uses Google Analytics, which is located in the US jurisdiction, where data protection guarantees may not be fully respected. However, the agreement concluded between the company and Google contains appropriate guarantees. Both parties have taken the necessary organizational and technical measures to ensure the secure transmission of data. As part of this service, the transfer of e-mail, telephone number, user ID and behavioral data may be carried out, which serves the anonymous analysis of website visitors and the improvement of the platform.

International data transfers are only carried out if:

  • The receiving country ensures an adequate standard of data protection; or
  • The transfer is based on appropriate legal safeguards for data protection (for example, standard contractual clauses); or
  • The data subject has given their prior and informed consent.

The user has the right to request additional information on the legal basis and security measures for international data transfers.

Data storage terms

Personal data is stored for the entire period of the service and also for 10 years after the end of the service, or for the period necessary to achieve the specific purpose of the processing. Data may be stored for a period longer than 10 years if their deletion is not possible due to relevant legal grounds.

User rights

The user has the right to:

  • Receive information about the data processed about him/her, specifically what data has been processed and for what purpose; as well as about the source on the basis of which the data was collected;
  • request correction, updating, completion or deletion of data;
  • Request that the processing of data be stopped and request the deletion of the processed data if the data processing is carried out unlawfully and/or the purpose for which the data was processed no longer exists;
  • Apply to the Personal Data Protection Service in case of violation of the user's rights;
  • Request documentary confirmation of the processed data, which will be issued in the form of copies;
  • Refuse to process the data at any time, withdraw the consent given by him/her and request the deletion of the data processed on the basis of it. The company will stop processing the data and delete the data already processed, unless there is another basis provided for by the data processing legislation and/or other legally restrictive circumstances.
  • Blocking of data - if the user disputes the authenticity and accuracy of the data, if the data processing is unlawful, the data is no longer necessary to achieve the purpose of their processing. In such a case, the company will block the data, except for the cases where blocking of the data may jeopardize the performance of the obligations imposed on it by the law and/or the law and the subordinate normative act issued on its basis, performance of tasks assigned to the sphere of public interest in accordance with the law or exercise of the powers granted to the person responsible for processing by legislation of Georgia, legitimate interests of the person responsible for processing or a third party, except for the cases where there is an overriding interest in protecting the rights of the data subject, in particular a minor. The data must be blocked for the duration of the reason for their blocking
  • Request information on to whom the processed data was transferred;

Restriction of user rights

The above rights of the user may be restricted if the exercise of this right may pose a threat to:

  • State security, information security and cybersecurity and/or defence interests;
  • Public safety interests;
  • Crime prevention, crime investigation, criminal prosecution, administration of justice, execution of imprisonment and deprivation of liberty, execution of non-custodial sentences and probation, operational-detective activities;
  • Interests related to financial or economic (including monetary, budgetary and tax), public health and social security issues important to the country;
  • Rights and freedoms of the data subject and/or other persons, including freedom of expression;
  • Protection of state, commercial, professional and other secrets provided for by law;

Data safety

We use technical and organizational security measures to protect your data from unauthorized access, unauthorized transfer, loss, or destruction.

Your identification data is available if you enter your email and encrypted password on the platform. Therefore, do not share your password with third parties. Otherwise, the company disclaims any responsibility for unauthorized access by third parties in such cases. We would like to inform you that your information is located on a highly secure server, which is accessible only to authorized persons.

Although the Company takes all necessary measures for information security, the Company is not responsible for unauthorized access to data by third parties as a result of cyber-attacks. The Company guarantees that it takes all measures and makes maximum efforts to prevent such unauthorized access.

Contact

For any additional questions or to exercise your rights (which includes deletion of data, withdrawal of consent to processing, modification, update, etc.), you can contact us: 00000

Amendments

This Policy may be amended at any time, without the consent of the User, which may be due to changes in applicable legislation or changes in the Company's processing of personal data. The amended Privacy Policy will be immediately uploaded to the Platform.