Privacy – TICKETOVA Scan

About this document

This document only supplements the general TICKETOVA privacy policy with the additional information that applies to the TICKETOVA Scan mobile app. Responsible party, contact, your rights, the legal bases for general processing and policy changes are governed by the general privacy policy. Only the points below are app-specific.

Go to the general privacy policy

Scope of this supplement

This supplement applies exclusively to the TICKETOVA Scan mobile app (iOS and Android), used by staff and administrators of our B2B customers for admission and ticket validation.

Account data (app-specific)

For authentication inside the app we process: phone number for the passwordless OTP login, an internal user / account ID, and a session token. Credentials are stored exclusively in the secure key store provided by the operating system.

Location data

On every scan the app records the device's approximate and precise location. The sole purpose is an audit trail and traceability of where a ticket check occurred. Location data is not used for advertising or profiling.

Usage data (app-specific)

We record scan events (timestamp, ticket ID, result such as valid/used/expired) and app interactions (screens viewed, actions performed). This data supports operation, troubleshooting and the integrity of admission control.

Technical diagnostics

To ensure app stability and performance we process technical crash reports and performance metrics (e.g. load times, app start). This data contains no user content.

Transmission

All app data is transmitted exclusively over encrypted TLS/HTTPS connections.

Hosting and storage (app backend)

Processing of app data is subject to the Swiss Data Protection Act.

Sharing with third parties

None. Data collected by the app is sent exclusively to TICKETOVA servers. No sharing with third parties takes place.

Logging and advertising

Within the app, scan events are logged for data protection and security purposes (audit trail, admission control, abuse prevention). Beyond that, we do not use any analytics or advertising modules and do not share any data for advertising purposes.

Authentication

Login is passwordless via a one-time code (OTP). No passwords are stored.

Audience

The app is intended exclusively for B2B users, i.e. staff and administrators of our customers (event organisers). It is not designed for end consumers.

Legal basis (app-specific)

Processing inside the app is based on the contract between TICKETOVA and the customer, the employment or engagement relationship between customer and employee, and our legitimate interest in secure admission control.

Retention

Retention of app-related data is governed by the applicable customer contract and statutory retention obligations. Data that is no longer required is deleted or anonymised.

Supplement status

Effective 01.01.2026