View cart

Privacy Policy for CanaryPlay


The event organiser, CanaryPlay, has the legal responsibility to tell ticket buyers and event attendees how their personal information will be collected and used. You can find their Privacy Policy below or contact them to request it.

Privacy Policy

Last updated: 18.02.2026

1. Data Controller

The data controller responsible for your personal data is:

CanaryPlay
Av. de Tirajana 40/130
35100 San Bartolomé de Tirajana
Gran Canaria, Spain
Email: info@canaryplay.es

CanaryPlay processes personal data in accordance with:

  • Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR)
  • Spanish Organic Law 3/2018 on Data Protection and Digital Rights (LOPDGDD)

2. Personal Data We Collect

We collect personal data when you:

  • Purchase tickets
  • Register for an event
  • Subscribe to marketing communications
  • Contact us
  • Browse our website

Data may include:

  • Full name
  • Email address
  • Billing information
  • Payment details (processed securely via Stripe)
  • IP address
  • Device and browser information
  • Ticket purchase history

We do not knowingly collect special category (sensitive) data.

If you provide personal data of another person (e.g. registering someone for an event), you confirm that you have informed them and have the legal basis to provide their data.

3. Legal Basis for Processing (Article 6 GDPR)

We process personal data under the following legal bases:

  • Contractual necessity – to issue tickets and deliver event services
  • Legal obligation – accounting and regulatory compliance
  • Legitimate interest – customer service, fraud prevention, website security
  • Consent – marketing communications and analytics cookies

4. How We Use Your Data

We use your data to:

  • Process ticket purchases
  • Send booking confirmations and event updates
  • Provide customer support
  • Manage cancellations and refunds
  • Comply with accounting and legal obligations
  • Improve website performance and user experience
  • Send marketing communications (if you opt in)

You may withdraw marketing consent at any time by clicking “unsubscribe” or contacting us.

5. Payment Processing

Payments are securely processed via:

  • Stripe Payments Europe Ltd

We do not store full card details. Payment data is encrypted and processed directly by Stripe under PCI-DSS security standards.

6. Ticketing Platform

We use:

  • TicketTailor Ltd

TicketTailor processes ticket purchase data on our behalf under a Data Processing Agreement in compliance with GDPR.

7. Analytics & Cookies

We use:

  • Google Analytics (GA4) to analyse website traffic and improve performance.

Analytics cookies are only activated after your consent via our cookie banner.

You may withdraw cookie consent at any time via the cookie settings tool on our website.

8. Data Sharing

We may share personal data with:

  • Payment providers (Stripe)
  • Ticketing platform (TicketTailor)
  • Email communication providers
  • Hosting and IT providers
  • Professional advisors (accountants or legal advisors where required by law)

We do not sell personal data.

9. International Transfers

Some service providers (e.g. Stripe or Google) may process data outside the European Economic Area (EEA).

Where this occurs, appropriate safeguards are applied, including:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • EU–US Data Privacy Framework (where applicable)

10. Data Retention

We retain personal data:

  • Ticket and accounting records: up to 6 years (legal obligation)
  • Marketing data: until you withdraw consent
  • Customer service communications: up to 3 years
  • Analytics data: according to Google Analytics retention settings

After these periods, data is securely deleted or anonymised.

11. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing
  • Request data portability

To exercise your rights, contact:
info@canaryplay.es

You also have the right to lodge a complaint with:

Agencia Española de Protección de Datos (AEPD)
https://www.aepd.es

12. Security

We implement appropriate technical and organisational measures to protect personal data against:

  • Unauthorised access
  • Loss
  • Misuse
  • Alteration

However, no online system can guarantee absolute security.

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.