No Away Season Tickets because of GDPR (1 Viewer)

Forums New posts
hill83

hill83

Well-Known Member
GDPRmeme.jpg
 
shmmeee

shmmeee

Well-Known Member
What’s nonsense. GDPR doesn’t say anything about credit card details. They could just store a token from their payment gateway, that’s what we do. Of course businesses can keep payment details, how would any subscription service work otherwise?

Someone in admin needs shooting. No reason at all to stop away season tickets.

Best guess is they just want to stop and have found an excuse people won’t question.
 
shmmeee

shmmeee

Well-Known Member
ajsccfc said:
The only good thing about GDPR is that it's the easiest way to purge your email of all the email from companies you never open, although they don't even need to have asked permission to keep spamming you if you had previously given it.
Click to expand...

Depends. Consent has to be informed if that’s the rationale you’re going for. Could be that previous consent doesn’t meet the standard.

But informed consent is only one rationale, if they can prove they have reason to think you’re interested they can send you stuff. Could be you’re consenting to a closely related item or could be you’ve opened similar emails in the past.

Most of those GDPR emails are just a way to see who is live.
 
Nick

Nick

Administrator
shmmeee said:
What’s nonsense. GDPR doesn’t say anything about credit card details. They could just store a token from their payment gateway, that’s what we do. Of course businesses can keep payment details, how would any subscription service work otherwise?

Someone in admin needs shooting. No reason at all to stop away season tickets.

Best guess is they just want to stop and have found an excuse people won’t question.
Click to expand...

Would have thought it would be dealt with through Ticketmaster, unless before CCFC had them all written down somewhere and now they have gone to Ticketmaster to ask if they can do it and they can't?
 
ajsccfc

ajsccfc

Well-Known Member
This was all based on the worst training day I've ever had, but it was something like if you've bought something and therefore agreed to receive promotional emails, they didn't need to do anything or check if you're still cool as it's a consensual contract. I'll be honest though, the only thing I actually remember properly from it is which countries are part of the EEC but not the EU, and that question didn't even come up on the stupid fucking exam.

EDIT: EEA not EEC, can't even remember that part
 
JimmyHillsbeard

JimmyHillsbeard

Well-Known Member
shmmeee said:
What’s nonsense. GDPR doesn’t say anything about credit card details. They could just store a token from their payment gateway, that’s what we do. Of course businesses can keep payment details, how would any subscription service work otherwise?

Someone in admin needs shooting. No reason at all to stop away season tickets.

Best guess is they just want to stop and have found an excuse people won’t question.
Click to expand...

Exactly. I was just thinking how come iFollow (which stores cc details and rolls over payment from year to year) is unaffected and the away season ticket scheme has to be scrapped?
 
Nick

Nick

Administrator
JimmyHillsbeard said:
Exactly. I was just thinking how come iFollow (which stores cc details and rolls over payment from year to year) is unaffected and the away season ticket scheme has to be scrapped?
Click to expand...

Would guess that uses the EFL's system for payment and all of that is looked after by iFollow rather than CCFC.
 
David O'Day

David O'Day

Well-Known Member
From the hours of having to sit through GDPR sessions at work these is bubbles, they can store your payment details and still comply with GDPR. As someone above said it's a way of stopping something they didn't fancy running anymore and deflecting the blame.
 
MatthewWallis

MatthewWallis

Well-Known Member
JimmyHillsbeard said:
Exactly. I was just thinking how come iFollow (which stores cc details and rolls over payment from year to year) is unaffected and the away season ticket scheme has to be scrapped?
Click to expand...

Nick said:
Would guess that uses the EFL's system for payment and all of that is looked after by iFollow rather than CCFC.
Click to expand...

iFollow probably uses a CPA which uses the 16 digit number on your card not all of the card details, so there isn't a need to store the expiry date and 3 digit code. The away season tickets will be the club manually have the card details somewhere and entered by a person manually each time which works completely differently.

It's probably the club covering themselves just incase, as no one wants to be on the receiving end of a GDPR fine
 
Nick

Nick

Administrator
David O'Day said:
Which would show CCFC and Ticketmaster can take recurring payments legally
Click to expand...

It would depend on how they were doing it before (CCFC) as to whether that's still viable.

Did the payments used to go through Ticketmaster or CCFC?

If somebody at CCFC had card details in a spreadsheet and ran them through manually every time for example it's completely different.
 
shmmeee

shmmeee

Well-Known Member
ajsccfc said:
This was all based on the worst training day I've ever had, but it was something like if you've bought something and therefore agreed to receive promotional emails, they didn't need to do anything or check if you're still cool as it's a consensual contract. I'll be honest though, the only thing I actually remember properly from it is which countries are part of the EEC but not the EU, and that question didn't even come up on the stupid fucking exam.

EDIT: EEA not EEC, can't even remember that part
Click to expand...

I’ve been on the phone with the ICO a lot. It’s a lot more permissive than people think.
 
shmmeee

shmmeee

Well-Known Member
Nick said:
It would depend on how they were doing it before (CCFC) as to whether that's still viable.

Did the payments used to go through Ticketmaster or CCFC?

If somebody at CCFC had card details in a spreadsheet and ran them through manually every time for example it's completely different.
Click to expand...

If they were doing that then they were in breach of PCI DSS anyway. That’s why most people use a payment gateway to handle PCI compliance and they just store a token.
 
Nick

Nick

Administrator
shmmeee said:
If they were doing that then they were in breach of PCI DSS anyway. That’s why most people use a payment gateway to handle PCI compliance and they just store a token.
Click to expand...

Yep, that's why I wasn't sure how they were doing it before to be able to tell.

They could have easily made a database of away season ticket holders and stored a token from a payment processor and then just run a script to bill them all an amount with that payment processor every time.
 
David O'Day

David O'Day

Well-Known Member
Nick said:
It would depend on how they were doing it before (CCFC) as to whether that's still viable.

Did the payments used to go through Ticketmaster or CCFC?

If somebody at CCFC had card details in a spreadsheet and ran them through manually every time for example it's completely different.
Click to expand...

Spreadsheet? As Shmmeee says there were already PCS regs on on card protection when taking card payments.
 
Nick

Nick

Administrator
David O'Day said:
Spreadsheet? As Shmmeee says there were already PCS regs on on card protection when taking card payments.
Click to expand...

It was just a very loose / extreme example, I have no idea how they were doing it before.

I'm also not sure how it ties in with Ticketmaster as you would have thought it would need to go through them.
 
shmmeee

shmmeee

Well-Known Member
Regardless, everyone on whatever database they’re using has consented and is clearly interested in the services CCFC are supplying and also has an existing business relationship with CCFC. There’s no reason GDPR would stop them doing what they’re doing.
 
Terry Gibson's perm

Terry Gibson's perm

Well-Known Member
So will people have to get the individual tickets through the useless ticket master and be charged every time.

I had the misfortune of having to ring them regarding the play off tickets and just got my mobile bill which was £15 more than normal as they kept me on hold for half an hour
 
Sick Boy

Sick Boy

Well-Known Member
shmmeee said:
Digital marketing is a massive pain,

Signed everyone else

:p
Click to expand...

Hahaha I mostly do Organic so I make your lives better ;) I do some FB ads as well sometimes though, hence why i got rid of it years and years ago. ;)
 
Last edited:
Nick

Nick

Administrator
shmmeee said:
Regardless, everyone on whatever database they’re using has consented and is clearly interested in the services CCFC are supplying and also has an existing business relationship with CCFC. There’s no reason GDPR would stop them doing what they’re doing.
Click to expand...

I can't see why Ticketmaster wouldn't be able to process it somehow as well.

Even just a setting on a person's account so everytime away tickets get added for sale it automatically orders them for that person and job done.
 
I_Saw_Shaw_Score

I_Saw_Shaw_Score

Well-Known Member
Don’t get this, surely the T&C & privacy agreement would say to the customer (the fan) we will need these details to do this with your details, pass them on to these (opposition club?)you can opt out anytime you wish.

I don’t get what’s changed from what they’ll already be doing apart from being maybe more transparent with the customer?
 
Nick

Nick

Administrator
Why do they need to give the away season ticket holder details to the other clubs? Surely it's just the same as a normal fan buying away tickets?
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Top