1. Introduction
At Hikaye, we take your privacy seriously. This privacy policy explains how we collect, use and protect your personal information in accordance with GDPR.
By using our service, you accept the collection and use of information according to this policy.
2. Data controller
Hikaye is the data controller for the processing of your personal information.
Contact:
Email: info@hikayeclub.com
Phone: +45 12 34 56 78
Address: Norregade 10, 1165 Copenhagen K, Denmark
3. What data do we collect?
We collect various types of information to deliver our service:
- Personal information: Name, email, phone number
- Payment information: Processed securely through our payment provider
- Technical information: IP address, browser type, device information, operating system
- Purchase history: Your ticket purchases, table bookings, and order history
- Tracking & analytics: Page views, sessions, clicks, scroll depth, time on pages, referrer URLs, UTM campaign parameters
- Cookies: Session tokens, preferences, analytics data (only with consent)
4. How do we use your data?
We use your data for the following purposes:
- To process your ticket purchases and deliver tickets
- To send you order confirmations and important updates
- To analyze user behaviour and improve user experience (only with cookie consent)
- To create statistics on visitors, popular events, and sales data
- To prevent fraud and abuse
- To comply with legal obligations
Tracking & analytics: We track page views, sessions, and user behaviour to improve the platform. You can reject non-essential cookies at any time via the cookie banner. Tracking data is stored for 90 days.
5. Data sharing
We never share your data without your consent, except in the following situations:
- With event organisers (only information necessary for access)
- With our payment provider (processed securely and encrypted)
- If required by law
- With your explicit permission
6. Data security
We implement appropriate technical and organisational measures to protect your data:
- SSL/TLS encryption of all data transmission
- Secure storage in encrypted databases
- Regular security updates
- Limited access to personal data
7. Your rights
In accordance with GDPR, you have the following rights:
- Right of access: You can request a copy of your data
- Right to rectification: You can have incorrect information corrected
- Right to erasure: You can request deletion of your data
- Right to data portability: You can receive your data in a structured format
- Right to object: You can object to the processing of your data
To exercise your rights:
Send a request via our contact form with your name, email, and which right you wish to exercise. We process all requests within 30 days.
8. Data retention
We only store your personal information for as long as necessary:
- Order data and tickets are stored for a minimum of 5 years (legal requirement for accounting)
- Analytics and tracking data are deleted after 90 days
- Session data is automatically deleted after 24 hours of inactivity
- User accounts are stored until you request deletion
- Marketing data is deleted if you unsubscribe
9. Cookies
We use cookies to improve your experience. Read more in our cookie policy.
10. Policy changes
We may update this privacy policy from time to time. We will inform you of significant changes via email or on our website.