What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This policy engages GDPR and UK GDPR (lawful basis requirements, data subject rights, international transfer obligations), CCPA and the California Privacy Rights Act (opt-out of sale and sharing, sensitive data restrictions, privacy notice requirements), and potentially HIPAA-adjacent considerations for health and accessibility data collected in the US context. Enforcement authorities include the UK Information Commissioner's Office, EU data protection authorities, and the…

How does Ticketmaster's Ticketmaster Privacy Policy affect users?

The policy establishes that personal data including contact information, payment details, location, browsing behavior, and accessibility information is collected and shared with Event Partners and third-party vendors for fraud screening and advertising. Ticketmaster designates Event Partners as independent data controllers, establishing separate data responsibility for shared information. Users retain the ability to access, update, or delete personal data and to modify marketing and advertising…

How often is Ticketmaster's Ticketmaster Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Ticketmaster updates this document?

Yes. Monitor subscribers ($19/month) can add Ticketmaster to their watchlist and receive same-day email alerts whenever this document or any other Ticketmaster document changes.

CA-D-000284

Ticketmaster Privacy Policy

Ticketmaster

Last change detected June 12, 2026 Privacy policy

SHA-256: 4bf36196c5cab28c334… 3 versions captured 1 change documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Ticketmaster ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

10 Total

0 High severity

8 Medium severity

2 Low severity

Summary

This document establishes Ticketmaster's data collection, use, and sharing practices for personal information obtained through ticket purchases, website activity, and customer support interactions. The policy authorizes Ticketmaster to share user names, contact details, and purchase history with Event Partners (artists, promoters, venues) and advertising partners, and to construct behavioral profiles from user activity independent of marketing personalization settings. Users may manage marketing preferences, opt out of data sharing for advertising purposes, and submit data access or deletion requests through privacy.ticketmaster.com.

Technical / Legal Breakdown

This document is Ticketmaster's global privacy policy, governing the collection, use, storage, and sharing of personal information across its ticketing platforms, apps, websites, and customer service interactions, with legal bases including contractual necessity, legitimate interests, legal obligation, and consent. The policy states that Ticketmaster collects contact and billing details, purchase history, location data, browsing and device data, accessibility and health information, and geodemographic profiles; the terms authorize sharing this information with Event Partners (artists, promoters, venues), fraud screening providers such as Forter Inc., advertising and marketing partners, and government officials where required by law. The policy asserts broad profiling and personalization rights, including the creation of user profiles from purchase history, favorites, and social behavior, and states that profiling for fraud screening will continue even when personalization is disabled, a distinction that may not be immediately apparent to users managing their preferences. The policy engages GDPR and UK GDPR (referencing lawful bases and data subject rights), CCPA and US state privacy laws (referencing California and other US residents' rights including opt-out of sale and sharing), and sector-specific frameworks governing health and accessibility data, KYC identity verification, and payment processing; compliance obligations vary materially by jurisdiction, and the policy's adequacy for each regulatory context depends on local enforcement interpretation and the specific entity processing data in each market.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

1 important change detected

3 versions captured · Last updated: June 2026

June 12, 2026

medium

What changed Ticketmaster added new privacy disclosures on June 12, 2026 covering three areas: collection of sensitive personal and biometric information in limited circumstances with additional safeguards, use of messaging services in addition to existing communication channels, and capture of attendee images and video at events for marketing purposes with an objection right where Ticketmaster is responsible for the filming. The policy now explicitly describes these practices and associated user protections.

Why this matters The updated policy establishes that Ticketmaster may collect biometric information in limited circumstances where necessary for service delivery or required by law, with additional safeguards and advance notice. The policy now discloses that event photography and video may be captured and used in marketing materials, with a stated right to object where Ticketmaster controls the filming. Communications may now occur through messaging services in addition to existing channels. These disclosures inform you of practices Ticketmaster may engage in, but operational impact depends on whether and how these practices are implemented in your jurisdiction or event context.

View full change record →

Recent Provision Changes Jun 12, 2026

Added (2)

Health and Safety Data Sharing with Government Officials Medium

New provision explicitly authorizes government sharing of health/safety data collected during events with deletion practices specified.

User Data Rights and Access Low

New provision summarizes user privacy rights including data access and marketing opt-out in simplified language.

Removed (2)

Data Sharing with Commercial Partners

Removal of this provision suggests consolidation or elimination of disclosure about commercial partner data sharing practices not captured in other provisions.

Jurisdiction-Specific Rights (California CCPA/CPRA and EU/UK GDPR)

Removal of explicit jurisdiction-specific rights language may indicate relocation of CCPA/GDPR provisions to a separate rights section rather than the main privacy policy.

Modified (8)

Event Partner Data Sharing

Severity downgraded from high to medium and provision now includes detailed operational purposes for data sharing with event partners.

Persistent Fraud Profiling Despite Personalization Opt-Out

Previous 'Profiling and Personalization by Default' provision replaced with more explicit language clarifying that fraud profiling persists even when users opt out of personalization.

Sensitive Health and Accessibility Data Collection

Severity downgraded from high to medium and provision now includes explicit reference to consent requirement and validation procedures.

KYC Identity Verification for Ticket Sellers

Previous 'Identity Document Collection for Secondary Market Sellers' reframed with severity downgraded from high to medium and now includes clarification on secure deletion practices.

Geodemographic Data Collection via Third-Party Partners

Previous 'Geodemographic Data Collection and Use' provision now explicitly mentions opt-out rights and clarifies third-party partner involvement.

View full change record →

Medium — 8 provisions

Event Partner Data Sharing Compare →

When you buy a ticket, Ticketmaster shares your personal information with the artist, promoter, record label, or venue associated with that event, and these parties operate as independent data controllers with their own privacy practices.

Added May 8, 2026 Standard Seen across 252 platforms
Persistent Fraud Profiling Despite Personalization Opt-Out Compare →

Even if you turn off personalization in your account, Ticketmaster will continue to use your data for profiling activities such as fraud screening, meaning behavioral profiling of your account does not stop entirely.

Added May 10, 2026 Standard Seen across 284 platforms
Sensitive Health and Accessibility Data Collection Compare →

If you purchase accessible tickets or request accessibility accommodations, Ticketmaster collects health and disability-related information about you, which is treated as sensitive personal data requiring explicit consent in most jurisdictions.

Added May 10, 2026 Standard Seen across 284 platforms
Geodemographic Data Collection via Third-Party Partners Compare →

Ticketmaster works with advertising and marketing partner companies that compile demographic profiles about you including age, gender, and interests, and Ticketmaster uses this enriched data to personalize your experience, though you can opt out.

Added May 10, 2026 Standard Seen across 252 platforms
KYC Identity Verification for Ticket Sellers Compare →

If you sell a ticket on Ticketmaster, you must provide government-issued identification and potentially tax identification numbers to the payment services provider as part of financial compliance requirements, and this information is retained until regulatory deletion obligations are met.

Added May 8, 2026 Standard Seen across 284 platforms
Health and Safety Data Sharing with Government Officials Compare →

If health-related information such as contact tracing data is collected for an event, Ticketmaster may share that information with government officials and says it is regularly deleted, though no specific retention period is stated.

Added May 10, 2026 Standard Seen across 284 platforms
Third-Party Fraud Screening via Forter Inc. Compare →

Ticketmaster shares your personal information with Forter Inc., a third-party fraud detection company, and Forter may use that information according to its own privacy policy rather than solely Ticketmaster's.

Added May 10, 2026 Standard Seen across 252 platforms
Cookie and Tracking Technology Use Compare →

Ticketmaster uses cookies, web beacons, GPS, and WiFi tracking on its websites and apps to collect your browsing behavior, location, device details, and IP address, and third-party content on the site may add its own trackers.

Added May 10, 2026 Standard Seen across 284 platforms

Low — 2 provisions

Marketing Communications and Opt-Out Rights Compare →

Ticketmaster may send you marketing messages by email, SMS, push notifications, and social media, but you can update your preferences at any time through your account settings.

Added May 10, 2026 Standard Seen across 262 platforms
User Data Rights and Access Compare →

Ticketmaster acknowledges user rights to access their personal data and to control marketing preferences, with the full scope of rights detailed in the Your Choices and Rights section of the policy.

Added May 10, 2026 Standard Seen across 284 platforms