Privacy Policy

This policy applies to you when you enter into a contract with us to receive the Services or otherwise interact with us in relation to your use or potential use of the Services. This also applies when you interact with us, including through the use of our websites or by interacting with us via social media.

The policy does not apply to you if you are a ticket purchaser or an event attendee who has purchased a ticket from an event organizer who uses the ditix platform. In such circumstances, we process the personal data of ticket buyers and event attendees solely on behalf of the Promoter (as their "processor"), and the Promoter is legally responsible for informing ticket purchasers and event attendees about how their personal data is collected and used. Our privacy practices with respect to such personal information are governed by the contract we have with the event organizer.

Please take a moment to read this policy in detail (along with our TERMS of the website)

As you will see, it explains our privacy practices and covers the following areas:

• Information we may collect about you • How and on what basis we use your personal data; • Our use of cookies; • Disclosure of your personal information; • How we store and protect your personal data; • Your rights; • Links to other websites; • Changes to our Privacy Policy; and • How to reach us.

For the purposes of the applicable data protection laws, the data controller is diginights GmbH, trading as ditix.io, Ferdinand-Braun-Str., 17, 74074 Heilbronn.

You can contact us under the "Contact Us" section below.

We may collect and process the following personal data about you:

We collect information from you when you fill out forms on ditix.io (including when you register to use our Services), when you respond to surveys we send you to complete, post materials on the Sites, request more information about the Services, and when you report a problem with our Sites.

This information may include:

Other information we collect about your visit to our website or use of our apps. In relation to each of your visits to our websites, we may automatically collect details of your visit, including, but not limited to, traffic data, location data, weblogs and other communication data. We may also collect information about your computer, where available, including your IP address, operating system, and browser type, for system administration, analyzing how users use our websites, and to report aggregate information to our advertisers. We may also collect details of the resources you access on our website. For more information, please see our use of cookies and our Cookie Policy below.

We may also collect, use, and share anonymized data and aggregated data such as statistical or demographic data for any purpose. Anonymized and aggregated data can be derived from your personal data, but it is not legally considered personal data because this data does not directly or indirectly reveal your identity. For example, we may aggregate statistics to help us understand the use of our websites.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). . We also do not collect information about criminal convictions and offenses.

We will only use your personal data for specific purposes and where we have a lawful basis for doing so. Most often, we use your personal data in the following cases:

To perform a contract with you or to take steps at your request before entering into a contract with you.

We use your personal information to enter into and perform our contracts, including:

We will use your personal data where you have given us your consent to process your personal data:

We use your personal data to comply with various legal and regulatory obligations, including:

We use your personal information to provide and develop our services, improve our risk management, and defend our legal rights, including:

You will only receive our marketing communications if we can lawfully send them to you, i.e.:

We use third-party advertising platforms such as Facebook, Google, etc. to send you promotional messages tailored to you. For more information, please see our use of cookies and our Cookie Policy below.

You can unsubscribe from our direct marketing at any time by:

Our payment processors (see Payments through our websites) use technology to help them make decisions about financial transactions and your card payments that may prevent you from accessing or continuing to use our Services. In this role, our payment processors act as controllers and can monitor findings and patterns of payment transactions and other online signals to reduce the risk of fraud, money laundering and other harmful activities. This activity is carried out in accordance with their privacy policy, which is available:

Our websites use cookies and other similar technologies to distinguish you from other users of our websites. Some cookies are necessary for our websites to function, others help us provide you with a pleasant experience when you browse our websites, others allow us to collect data to improve our websites, and still others are used for targeted advertising.

Retargeting Our websites use targeted advertising. As a result of this retargeting, you may see ads for our services on other websites, such as Facebook. Our retargeting providers read a cookie that is already in your browser, or they place an anonymous cookie or "pixel" on your browser when you visit our websites.

Analytics We use analytics services (including Hotjar and Google) to better understand the needs of our users and to optimize our service and experience. These are technology services that help us better understand our users' experience (e.g., how much time they spend on which pages, what links they click, what users like and dislike, etc.), and this allows us to build and maintain our service with user feedback. The analytics services use cookies and other technologies to collect data about your behavior and devices (e.g., device IP address, device screen size, device type (unique device identifiers), browser information, geographic location, preferred language). Hotjar stores analytics information on our behalf in a pseudonymized user profile. Hotjar is contractually prohibited from selling the data collected on our behalf. For details about Google's privacy practices, please visit Google Analytics\u2012 Privacy .

You can choose which cookies you agree to. Please read our Cookie Policy to find out more about the cookies we use, what they are used for and how you can set or change your preferences in relation to cookies.

All payments through our websites are made through Stripe's and PayPal's payment services (payment processors). To use these payment services, you must have your own account with the payment processor and have connected your account to our services. To provide your card and billing details, you will be redirected to the service of a payment processor.

When processing card payments, the payment processor acts as a data processor for us, but in other respects, both we and the payment processors act as data controllers and we share personal data with the payment processors and the payment processors share personal data with us in order to provide the Services. For more information about how the payment processors handle your personal data, please visit:

We share limited personal information with our affiliates only to the extent necessary to provide our services and for internal administrative purposes.

We may share your personal information with selected third parties, including:

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed, altered, or disclosed in an unauthorized manner. In addition, we limit access to your personal information to those employees, agents, contractors, and other third parties who need to know it for business reasons.

All information you provide to us is stored on our secure servers. All payment transactions are carried out by our payment processors via encrypted connections using SSL technology. Unfortunately, the transmission of information via the Internet is not completely secure and any transmission is at your own risk.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We will retain your personal information for as long as necessary to provide our services and for as long as you do not wish to opt-out of receiving our marketing communications or targeted advertising. We will also retain your personal information as necessary to fulfill our contractual obligations and comply with our legal obligations, resolve disputes, and enforce our agreements.

When we no longer need to process your personal data for the purposes set out in this Privacy Policy, we will delete your personal data from our systems, unless we are required to retain a limited amount of information to ensure that we are acting in accordance with your wishes. To the extent permissible, we will also delete your personal data at your request. For information on how to submit a deletion request, please see the Your Rights section.

Please email privacy@ditix.io if you would like details of our retention periods for different types of personal data.

Your personal data will be processed by us in the European Economic Area ("EEA"). We take steps to minimise the transfer of your personal data outside the EEA, but there may be circumstances where we or our service providers transfer your personal data to a destination outside the EEA.

We will only transfer your data outside the EEA in accordance with data protection laws and provided that appropriate safeguards are in place to protect the personal data transferred, such as an adequacy decision, approved model contractual clauses or binding corporate rules.

Please contact us using the details set out in the "Contact Us" section below if you would like details of the specific safeguards that apply to the export of your personal data.

Depending on your location and applicable laws, you have certain legal rights in relation to your personal data. You can exercise your rights at any time by contacting us at privacy@ditix.io.

Right of access: You have the right to access any personal data we hold about you: We will provide a copy of your personal data that we hold together with details of the purposes of the processing, the types of personal data we hold and the persons to whom your personal data has been disclosed.

Right to rectification: You have the right to have inaccurate or incomplete personal data rectified or to restrict the processing of personal data while verifying its accuracy.

Right to erasure: You have the right to request that personal data that we hold about you be deleted. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your data unlawfully, or where we are required to erase your personal data in accordance with the law.

Right to data portability: In certain circumstances, you have the right to have data we hold about you transferred to yourself or to another data controller. Note that this right only applies to information that is processed by automated means that you initially gave us consent to use or where we used the information to perform a contract with you.

Right to object: You have the right to: ask us not to process your personal data for direct marketing purposes; object, on grounds relating to your particular situation, to the processing of your personal data (including profiling) where we are relying on a legitimate interest.

Right to withdraw consent: You have the right to withdraw your consent at any time where we are relying on consent to process your personal data. However, this does not affect the lawfulness of the processing that took place before you withdraw your consent.

Right of appeal: You have the right to lodge a complaint with a data protection authority responsible for you if you are dissatisfied with the way we handle your personal data.

We may need to request certain information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to people who have no right to receive it. We may also contact you to ask you for further information in relation to your request in order to expedite our response.

We try to respond to all legitimate inquiries within one month. Occasionally, it may take longer than a month if your request is particularly complex or if you have made multiple requests. In this case, we will notify you and keep you informed.