top of page
Dirk Denoyelle's BRICKS OF WONDER EN BRICKS DES BRICKS
blanc-6000x2000.png

Personal Data Protection Policy

Updated on 05/02/2026

RIVAJ GROUP places great importance on respecting your privacy and is committed to building strong and lasting relationships with you.

Protecting your personal data is a top priority for us.
This data protection policy aims to clearly inform you of our commitments and the measures we implement to ensure your personal data is handled in compliance with applicable European and French regulations. It is complemented by our cookie policy available at the bottom of the Site pages.
This policy applies to all services offered on the website gimstour.com, a company of RIVAJ GROUP (hereinafter referred to as “the Site”).

This policy is governed by Law No. 78-17 of January 6, 1978 (the French Data Protection Act), as amended, and by the European Regulation on personal data protection of April 27, 2016 (GDPR). It may evolve depending on legal and regulatory developments and CNIL guidelines.
For more information on personal data protection, you can visit the CNIL website: www.cnil.fr

Who processes your personal data?
The data controller determining the purposes and means of processing personal data is:
RIVAJ GROUP
10 place du Général Catroux – 75017 Paris
Registered under number 812 106 474

Why do we use your personal data?
We may use your personal data for the following purposes and legal bases:

Marketing communications & newsletters
We may send you personalized emails, recommend similar products/services, or keep you informed about our news.
Data concerned: identification data (name, surname, email address)

Legal basis:

  • Consent (for newsletters and communications)

  • Legitimate interest (for similar products/services)

You can withdraw your consent at any time via the unsubscribe link.
Order management & customer relationship
We use your data to manage orders (delivery, billing, customer service, etc.) and notify you of any changes to events.
Data concerned: identity data, purchase data, complaints
Legal basis: contract

Payment processing
Payments are secured. We do not collect your banking details directly; they are handled by a PCI-DSS certified provider.
Data concerned: payment data (card number, IBAN, etc.)
Legal basis: contract

Improving the Site and services
We analyze user activity (e.g., visits) using tools like cookies to improve our services.
Data concerned: IP address, device identifiers
Legal basis: consent
Targeted advertising
We may use your data for profiling to personalize ads and improve your experience.
Data concerned: purchase data, interaction with communications
Legal basis: consent
You can disable tracking via the “Manage cookie preferences” link.

Legal obligations & requests
We may process data to handle legal claims or respond to authorized authorities.
Data concerned: identity data, request content, ID (if needed)
Legal basis: legal obligation
When is your data collected?
We collect data when you:

  • Create an account

  • Purchase tickets

  • Browse the Site

  • Enter competitions

  • Contact customer service

  • Fill in forms

  • Subscribe to newsletters

  • View ads

Some data is collected automatically through your activity.

What happens when you buy a ticket?
Your data is collected by RIVAJ GROUP and its processors to:

  • Manage your order (billing, ticket delivery)

  • Ensure security and prevent fraud

  • Comply with legal obligations

  • Improve services

Your data may also be shared with event partners (organizers/producers).
Payment data is encrypted and handled by secure providers only.
For some events, tickets are sold via third-party platforms—we are not responsible for their data processing.

What about minors?
The Site is not intended for minors. We do not knowingly process data of individuals under 15.

What communications may you receive?
Service emails
Order confirmations, delivery updates, etc. (mandatory)
Commercial communications
Offers related to previous purchases (unless you opt out)
Newsletters
If you subscribed, you may receive updates and offers
Alerts
Notifications about events or artists you follow

How long is your data kept?

  • Active customers: data kept while active

  • Inactive accounts: 3 years

  • Newsletter subscribers: 3 years after last interaction

  • ID documents: 1 year

  • Payment data: up to 13–15 months (for legal proof)

After this, data is deleted or archived with restricted access.

Your rights
You have the right to:

  • Access, correct, or delete your data

  • Object to processing

  • Restrict processing

  • Data portability

  • Not be subject to automated decisions

You can also define instructions for your data after death.
To exercise your rights:
📧 billetterie.rgpd@rivajgroup.com
📍 RIVAJ GROUP – 10 place du Général Catroux – 75017 Paris
If needed, you can contact CNIL.

Contact for newsletters
You can unsubscribe anytime via email links or:
📧 communication@rivajgroup.com

DPO Contact
📧 dpo@rivajgroup.com

Who receives your data?

  • Internal services of RIVAJ GROUP

  • Subcontractors (payment, marketing, IT, etc.)

  • Partners (e.g., donation partners)

  • Authorities (when legally required)
     

International data transfers
Your data may be transferred outside the EU with appropriate safeguards (e.g., standard contractual clauses).

How do we protect your data?
We implement technical and organizational measures:

  • Restricted database access

  • Secure subcontractors

  • Employee training
     

Policy updates
We may update this policy at any time. In case of major changes, you will be notified.
We recommend checking this page regularly.
Last updated on the date indicated above.

bottom of page