Privacy Policy

Effective Date: January 11, 2026
Last Updated: January 11, 2026

TicketClap is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, store, and protect your digital personal data when you access or use our website, mobile application, or services (collectively, the "Platform").

By using the Platform, you consent to the practices described in this Policy. This Policy is governed by the Digital Personal Data Protection Act, 2023 ("DPDP Act") and applicable Indian laws. If you do not agree, please do not use our services.

1. Information We Collect

We collect only such digital personal data that is necessary for providing our ticketing and related services ("personal data"). This includes:

• Data you provide directly: Name, email address, mobile number, address, date of birth (if required for age-restricted events), government-issued ID details (where mandated for entry), payment details (not stored by us; processed via secure third-party gateways), and any information you submit via forms, reviews, or support queries.
• Event-related preferences: Booked events, search history, favorite categories, and feedback.
• Automatically collected data: IP address, device information (type, OS, browser), unique device identifiers, location data (approximate, if enabled), pages visited, time/date of access, referral sources, and interaction logs.
• Cookies & similar technologies: For session management, analytics, and personalized experience (see Section 8).

We do not collect special categories of data or more information than required for the specified purposes (data minimization principle).

2. How We Use Your Personal Data

We process your personal data only for legitimate, specified purposes, including:

• Creating and managing your account
• Processing ticket bookings, payments, confirmations, and refunds
• Facilitating entry to events (sharing limited data with organizers/venues)
• Personalizing recommendations and improving user experience
• Sending transactional communications (e.g., booking confirmations, reminders)
• Marketing promotions (only with your consent; opt-out always available)
• Preventing fraud, ensuring platform security, and complying with legal obligations
• Conducting analytics, research, and service improvements (often in aggregated/de-identified form)

Processing is based on your consent, contractual necessity, or legitimate uses permitted under the DPDP Act.

3. Sharing & Disclosure of Personal Data

We do not sell your personal data. We share it only when necessary:

• With event organizers, venues, and partners for ticket fulfillment, entry verification, and event management
• With trusted service providers (payment gateways, cloud services, analytics tools, customer support) under strict confidentiality agreements
• To comply with legal obligations, court orders, government requests, or to protect rights/safety (as per applicable law)
• In case of merger, acquisition, or asset sale (with notice where required)

Any international transfers (if any) will ensure adequate protection as per DPDP Act requirements.

4. Data Security

We implement reasonable technical, organizational, and security measures (including encryption, access controls, and regular audits) to protect your personal data from unauthorized access, loss, misuse, or alteration. We comply with industry standards and applicable laws. However, no system is completely secure — please safeguard your credentials and report any suspected breach immediately.

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined, comply with legal obligations, resolve disputes, or enforce agreements. After that, data is securely deleted or anonymized.

6. Your Rights as Data Principal

Under the DPDP Act, you have the right to:

• Access your personal data we hold
• Correct or update inaccurate/incomplete data
• Erase your data (subject to legal retention requirements)
• Withdraw consent (where processing is consent-based; may affect service access)
• Nominate another person to exercise rights in case of death/incapacity
• Grieve any violation (first with us, then to the Data Protection Board of India if unresolved)

To exercise these rights, email us at privacy@ticketclap.com. We will respond within the timelines prescribed under law (generally 30 days or less).

7. Children's Data

Our services are not directed at children under 18. We do not knowingly collect data from children without verifiable parental/guardian consent as required by law. If we become aware of such data, we will delete it promptly.

8. Cookies & Tracking Technologies

We use cookies, pixels, and similar tools for essential functionality, performance, analytics, and targeted advertising. You can manage preferences via our cookie banner or browser settings. For details, refer to our separate Cookie Policy.

9. Changes to This Privacy Policy

We may update this Policy to reflect changes in practices, technology, or law. Updates will be posted here with the revised effective date. Significant changes will be notified via email or Platform notice. Continued use constitutes acceptance.