Stadioo

Privacy Policy

Last updated: 31 May 2026

Stadioo Global Limited (Company Number 78054817), a company incorporated in Hong Kong under the Companies Ordinance (Cap. 622), with its registered office at Unit 1113, 11/F, Peninsula Centre, No. 67 Mody Road, Tsim Sha Tsui, Kowloon, Hong Kong, is the data controller responsible for any personal data processed in connection with our website and ticket distribution services.

We are committed to protecting the personal data you provide and to processing it lawfully, fairly and transparently in accordance with the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) ("PDPO") and, where applicable, the EU General Data Protection Regulation 2016/679 ("GDPR").

1. Information We Collect

We may collect the following categories of information:

  • Identification data: full name, date of birth where required by event organisers
  • Contact data: email address, phone number, billing/delivery address
  • Payment data: processed only via PCI-DSS compliant payment processors; we do not store full card numbers
  • Transaction data: tickets purchased, order history, delivery records
  • Technical data: IP address, browser type and version, device identifiers, referring URL, cookies (see Section 4)
  • Communications data: emails and support correspondence with us

2. Legal Basis for Processing

We process your personal data on one or more of the following legal bases:

  • Contract performance (GDPR Art. 6(1)(b)) — to deliver the tickets and services you have requested
  • Legal obligation (GDPR Art. 6(1)(c)) — to comply with accounting, tax, anti-money-laundering and event-organiser identification requirements
  • Legitimate interests (GDPR Art. 6(1)(f)) — for service improvement, fraud prevention, network and information security
  • Consent (GDPR Art. 6(1)(a)) — for marketing communications and non-essential cookies, withdrawable at any time

3. How We Use Your Information

Personal data may be used to:

  • Process orders and deliver tickets
  • Provide customer support and respond to enquiries
  • Comply with event-organiser requirements (e.g., named ticketing)
  • Meet statutory record-keeping and tax obligations
  • Send service updates and event-related notifications (with your consent where required)
  • Detect, prevent and investigate fraud or misuse
  • Improve our services through aggregated, statistical analysis

4. Cookies

We use cookies and similar technologies for site functionality, security, performance measurement, and (subject to your consent) analytics. A separate Cookie Policy sets out the cookies we use and your choices. For website visitors in jurisdictions where consent is required (including the EEA and the UK), non-essential cookies are only set after you accept them through our cookie banner. You can change or withdraw consent at any time.

5. Sharing with Third Parties

We do not sell your personal data. We share personal data only where necessary and with appropriate safeguards:

  • Payment processors to authorise and settle payments
  • Event organisers and authorised resale platforms (e.g., Viagogo, StubHub, Vivid Seats) where required to fulfil your order
  • Delivery and courier providers for physical ticket delivery
  • Professional advisers (auditors, accountants, lawyers) under confidentiality
  • Public authorities where required by law or to protect our rights

Where we transfer personal data outside the jurisdiction in which it was collected, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.

6. Retention

We retain personal data only for as long as necessary:

  • Order and transaction data — 7 years from the end of the relevant financial year, to meet accounting and tax requirements
  • Customer support records — 3 years from last contact
  • Marketing consent records — until consent is withdrawn, plus 12 months for audit
  • Website analytics — aggregated and anonymised after 14 months

Where data is no longer required, it is securely deleted or anonymised.

7. Data Security

We have implemented appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, alteration or disclosure. Measures include encrypted transmission (TLS), access controls, audit logging and regular security reviews.

8. Your Rights

Subject to applicable law you have the right to:

  • Request access to the personal data we hold about you
  • Request correction or completion of inaccurate data
  • Request erasure of your data ("right to be forgotten")
  • Restrict or object to processing
  • Receive a copy of your data in a portable, machine-readable format
  • Withdraw consent for any consent-based processing at any time
  • Lodge a complaint with a supervisory authority — in Hong Kong, the Office of the Privacy Commissioner for Personal Data (PCPD); in the EU, your local Data Protection Authority

To exercise your rights, contact us at support@stadioo.com. We will respond within 30 days.

9. EU Representative

Where we process the personal data of individuals located in the EEA without an establishment in the EU, we will appoint a representative under GDPR Article 27. If applicable, the EU representative's contact details will be published on this page. EEA data subjects may otherwise contact us directly at support@stadioo.com.

10. Children

Our services are directed at business clients and adults. We do not knowingly collect personal data of children under 16. If you believe we hold data about a child, please contact us so we can delete it.

11. Changes to This Privacy Policy

We may update this policy from time to time to reflect changes in law or our practices. Material changes will be communicated by updating the "Last updated" date at the top of this page. Where required by law, we will also notify you directly.

12. Contact

Stadioo Global Limited (Company Number 78054817)
Unit 1113, 11/F, Peninsula Centre, No. 67 Mody Road, Tsim Sha Tsui, Kowloon, Hong Kong
Email: support@stadioo.com