Privacy policy
Loyola University Chicago
Loyola University Chicago Ticketing Privacy Policy
Loyola University Chicago (“Loyola,” “LUC,” “we,” or “our”) is committed to protecting the privacy and security of personal information collected through Loyola’s ticketing services, websites (including without limitation https://www.ramblertickets.com/), mobile applications, digital platforms, and related communications (collectively, the “Services”).
This Privacy Policy explains how Loyola collects, uses, shares, stores, and protects personal information obtained through the purchase, management, and use of the Services.
By accessing or using the Services, you acknowledge and agree to the practices described in this Privacy Policy.
PART A: General Privacy Notice
1. Scope and Applicability
This Privacy Policy applies to individuals who interact with the Services, including but not limited to:
• Ticket purchasers
• Season ticket holders
• Donors and supporters
• Students, alumni, faculty, and staff
• Event attendees
• Website and mobile application users
• Individuals subscribing to marketing or promotional communications
This Privacy Policy applies to information collected through:
• Ticketing websites and portals
• Mobile applications
• Email and text communications
• Customer service interactions
• In-person transactions
• Third-party ticketing and payment platforms used on behalf of Loyola
2. Purpose of this Policy
The purpose of this Privacy Policy is to:
• Explain what personal information Loyola collects
• Describe how personal information is used and shared
• Explain the use of cookies and tracking technologies
• Inform users about their privacy rights and choices
• Describe Loyola’s efforts to safeguard personal information
• Comply with applicable privacy and data protection laws
3. Information We Collect
A. Information Provided Directly by You
We may collect information you voluntarily provide, including:
• Name
• Mailing address
• Email address
• Telephone number
• Date of birth
• Username and password credentials
• Payment and billing information
• Ticket purchase history
• Donation information
• Student or alumni affiliation information
• Preferences regarding events, seating, and communications
• Customer service inquiries and correspondence
B. Information Received from Third Parties
We may receive information from third parties, including:
• Payment processors
• Service providers
• Marketing and analytics providers
• Social media platforms
• University systems and affiliated departments
• Sponsors, partners, and promotional affiliates
• Publicly available sources
C. Information Collected Automatically
When you interact with our Services, we may automatically collect information such as:
• IP address
• Browser type and device identifiers
• Operating system information
• Geolocation data (where permitted)
• Pages viewed and links clicked
• Date and time of access
• Referral URLs
• App usage information
• Cookie identifiers and advertising identifiers
• Purchase and browsing activity
4. How We Use Personal Information
Loyola may use personal information for purposes including:
• Processing ticket purchases and payments
• Managing ticket accounts and event access
• Providing customer service and support
• Communicating regarding events, schedules, and updates
• Sending promotional and marketing communications
• Conducting analytics and improving Services
• Personalizing user experiences
• Managing loyalty, donor, or membership programs
• Preventing fraud, abuse, and unauthorized access
• Maintaining system security and integrity
• Complying with legal, regulatory, and institutional obligations
• Supporting operational planning and reporting
5. Sharing of Personal Information
Loyola may share personal information with:
• Service providers and vendors supporting ticketing operations
• Payment processors and financial institutions
• Technology and cloud service providers
• Marketing, analytics, and advertising partners
• University departments and affiliated entities
• Event partners, sponsors, or conference organizations when necessary for event operations
• Law enforcement, regulators, or legal authorities where required by law
• Other parties in connection with institutional restructuring, mergers, or legal proceedings
Loyola does not sell personal information for monetary compensation.
6. Cookies and Tracking Technologies
Our Services may use cookies, pixels, web beacons, SDKs, and similar tracking technologies to:
• Maintain user sessions
• Remember user preferences
• Analyze traffic and user behavior
• Improve platform performance
• Deliver personalized content and advertisements
• Measure marketing effectiveness
Third-party vendors and service providers may also use cookies and similar technologies on our behalf.
Users may control cookies through browser settings or device preferences; however, disabling certain cookies may affect the functionality of the Services.
7. Data Retention
Loyola retains personal information for as long as necessary to:
• Fulfill the purposes described in this Privacy Policy
• Maintain business and transactional records
• Comply with legal, regulatory, tax, accounting, and institutional obligations
• Resolve disputes and enforce agreements
• Maintain security and fraud prevention records
Retention periods may vary depending on the type of information and applicable legal requirements.
8. Protection of Personal Information
Loyola uses reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, or destruction.
9. Artificial Intelligence and Automated Technologies
Loyola and its service providers may use artificial intelligence (“AI”), machine learning, or automated technologies to support operations such as:
• Customer service assistance
• Fraud detection and prevention
• Analytics and reporting
• Marketing personalization
• Event recommendations
• Chatbot or virtual assistant functionality
10. Children’s Privacy
The Services are not directed to children under the age of 13.
Loyola does not knowingly collect personal information directly from children under 13 without appropriate parental consent where required by law.
11. Your Privacy Rights
A. Right to Opt Out
You may opt out of certain uses of personal information, including marketing communications, certain advertising or analytics activities, and cookie-based tracking technologies.
B. Right to Correct Information
You may request correction of inaccurate or incomplete personal information maintained by Loyola .
C. Right to Delete Information
You may request deletion of personal information, subject to applicable legal and operational exceptions.
Loyola may retain certain information as necessary to complete transactions, comply with legal obligations, resolve disputes, detect fraud, enforce agreements, and maintain institutional records.
Deletion or opting out may result in the inability to access ticketing accounts, attend events electronically, receive communications, or use certain Services.
12. Additional Rights and Remedies
To the extent the GDPR (defined below in Part B) and/or other international, federal, state or local data or privacy laws, rules regulations or legal requirements apply, individuals may have additional rights including access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making.
Individuals may also have the right to lodge a complaint with an applicable supervisory authority.
13. Consent
By using the Services, purchasing tickets, accessing our platforms, or interacting with our communications, you acknowledge and agree to this Privacy Policy.
You agree that Loyola and its third-party vendors and service providers may collect and use your information, including through cookies, pixels, and similar technologies, for the purposes described in this Privacy Policy.
14. Changes to this Privacy Policy
Loyola may update this Privacy Policy from time to time. Updates will be posted with a revised effective date.
15. Contact Information
Loyola University Chicago
Information Technology Services
Granada Center
1032 West Sheridan Road
Chicago, IL 60626
datasecurity@luc.edu
PART B: Additional Information Required Under the GDPR
vivenu GmbH (together with its affiliates and agents, “Service Provider”) collects, uses, discloses and otherwise processes information when you use the Services (including without limitation https://www.ramblertickets.com/). As a condition precedent to your use of the Services, Loyola requires that you consent to this Privacy Policy satisfy certain legal requirements.
Consent to Transfer of Data to a Third Country
In using Service, you may voluntarily provide certain personal data (such personal data, the “Transferred Personal Data”) that will be transferred outside such location to Service Provider in the European Economic Area, to Loyola’s U.S. based servers, and to third party processors, such as data centers and other companies who contract with Loyola to provide data processing services (collectively, “Processors”).
This consent seeks your approval for such transfers, advises you of certain safeguards intended to assure that such transfers happen in a secure manner, and warns you of possible risks related to such transfers.
Under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “GDPR”), and before Loyola collects or receives any personal data from you, you are also entitled to the information in the linked GDPR Privacy Notice, which is available on Loyola’s website. Please review it prior to executing this consent.
Types of Transferred Personal Data and Purpose of Transfer
The Transferred Personal Data will include such data, without limitation, described in Part A, Subpart (3), above. The processing of such data will be for the purpose(s) of enabling you to utilize the Services. Loyola has a legitimate interest in processing data for such purposes.
Categories of Recipients Who May Receive Your Personal Data
In operating and administering the Services your personal data may be shared with third party Processors, such as data centers, Software-as-a-Service providers and other companies who contract with Loyola to provide data processing services in connection with Loyola’s ordinary and customary business activities as an institution of higher education.
Safeguards To Protect Your Transferred Personal Data
To help protect the privacy of your Transferred Personal Data that Loyola receives from Service Provider, Loyola maintains physical, technical and administrative safeguards, such as, for example, the use of user names, sign-on passwords, encryption, firewalls and other security measures. Loyola monitors, updates and tests its security technology on an ongoing basis, including through independent third party audits. Loyola restricts access to your personal data to those employees who need to know that information. In addition, Loyola trains its employees about the importance of confidentiality and maintaining the privacy and security of your information and will take appropriate disciplinary measures to enforce employees’ privacy responsibilities.
Furthermore, prior to transferring your Transferred Personal Data to a third party Processor, Loyola will require the Processor to sign a written agreement obligating the Processor to comply with the processing requirements imposed under the GDPR. Loyola and Service Provider have signed such a written agreement.
The European Union (“EU”) and the United States have developed the Data Privacy Framework that is administered by the International Trade Administration (“ITA”) and U.S. Department of Commerce (“DOC”). The EU has determined that this framework provides data subjects with an adequate level of protection with respect to the transfer and processing of their personal data from the EU to the United States. Loyola generally complies with the Data Privacy Framework principles and safeguards. However, as a not for profit educational institution that is not subject to ITA or DOC jurisdiction, Loyola is unable participate in the Data Privacy Framework program, and thus rely on the EU’s Data Privacy Framework adequacy determination. Consequently, Loyola is requesting that you consent to this Privacy Policy to use and receive the Services.
Possible Risks Related to Transferring Your Personal Data to a Third Country
Despite the above safeguards, there remains a risk that a breach of security may result in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your Transferred Personal Data as a result of any one or more of the following incidents, or for another reason:
• “Phishing” scams, resulting in the disclosure of username and log-on credentials that allow unauthorized access to personal data;
• The installation by malware by outside third parties;
• Unauthorized access by internal employees;
• “Ransomware” attacks resulting in the unavailability or possible loss of personal data;
• Employee or Processor failure to comply with directions or contractual requirements;
• Weak passwords;
• Software application vulnerabilities;
• Lack of a single, comprehensive, federal privacy and data protection statute; and
• Lack of a single national agency to oversee and enforce privacy and data protection laws.
While Loyola believes the safeguards described in this consent will prevent or minimize such data breaches, these are possible risks.
Consent to Transfer of Personal Data to the United States
Please consent to the processing of your Transferred Personal Data by Loyola in connection with your use of the Services, and the use of such data and the transfer of such data by Service Provider to Loyola and by Loyola to any Processors.
Right to Withdraw Consent
If you consented, you retain the right to withdraw such consent at a later date, in which case your use of the Services may be terminated and/or rescinded.
To withdraw such consent with respect to Loyola’s processing, you must contact:
Chief Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road
Chicago, Illinois 60660
GDPR@luc.edu
In the event that your withdrawal of consent makes it impossible or impractical for you or Loyola to remain in compliance with GDPR and/or U.S. laws, or for Loyola to perform any actions that require the use of the Transferred Personal Data, such withdrawal may result in Loyola taking such actions as may be necessary or appropriate to comply with such laws and may result in rescinding your ability to use the Services.
Remedies Include the Right to File a Complaint with the Supervisory Authority
If you believe your privacy rights under the GDPR have been violated, you the right to file a complaint with the applicable supervisory authority. The GDPR gives you the rights and remedies set forth in GDPR Articles 77-82, which include the right to file a complaint with the Italian data protection supervisory authority:
Garante Per La Protezione Dei Dati Personali
Piazza di Monte Citorio, 121
00186 Roma
Tel. + 39 06 69677 1
Fax. + 39 06 69677 785
Email: garante@garanteprivacy.it
Website: http://www.garanteprivacy.it