The personal data controller is:
The Paris Opera
120 rue de Lyon
75576 PARIS Cedex 12.
The Paris Opera has appointed a Data Protection Officer (DPO) whose contact details are as follows:
79 bis, avenue de l'Europe
The Paris Opera collects and processes all or part of the following data:
When you create an account or place an order, you may choose to register as an individual or as a professional.
If you register as a professional, you will be asked for additional information, some of which is mandatory and allows you to activate all the associated features.
The data comes from the recording of information:
Online, the mandatory nature of the data is indicated by an asterisk at the time it is collected.
Some data may be processed automatically, in particular for:
The data processing concerns:
Processing of personal data is intended for the following purposes:
In this context, your data may be subject to automated processing or profiling in order for you to benefit from personalised advantages and personalised content on the website and the application.
The data processing carried out by the Paris Opera is based on the following articles of the General Data Protection Regulation (GDPR):
The personal data collected is destined:
(LIST AS OF MAY 2021, SUBJECT TO CHANGE)
Subject to the registration of your agreement, the data may also be transmitted to third-party partners
Personal data may be transmitted to SecuTix, a company established in Switzerland, which maintains and hosts the ticketing solution and acts as a subcontractor on behalf of the Paris Opera
The adequacy of personal data protection in Switzerland was recognised by Commission Decision No. 2000/518/EC of 26 July 2000.
Personal data is kept for the time required to manage the commercial relationship and to compile statistics, intended in particular for the Ministry of Culture.
Personal data relating to bank cards is kept encrypted for 18 months by our payment service provider, Ingenico, in particular with the aim of facilitating reimbursements by crediting the bank card used for the purchase.
After identification on www.operadeparis.fr, you have the possibility of deleting your account, in the "My details" section. By choosing to delete your account, no claim can be made in case of loss or non-receipt of your tickets.
The Paris Opera has implemented technical and logistical measures to guarantee the protection of your data, and in particular:
Your data is stored:
To secure your data, the Paris Opera and SecuTix SA, which guarantees to meet the requirements and to have obtained the certificates of compliance with the ISO/IEC 27001:2013 and PCI DSS v3.2 standards, take all the necessary technical and operational measures, in particular access controls, the use of firewalls and current anti-virus software, SSL encryption and log files during manual changes to the databases. The monetary aspect (credit card transactions) is PCI DSS certified and audited once a year.
Passwords used by the Paris Opera and SecuTix SA must meet complexity requirements to be valid.
Physical access to data warehouses is strictly controlled by codes, tracking, alarms, badges and video surveillance.
You may exercise your rights with the Data Protection Officer (DPO) and lodge a complaint, if necessary, with the Commission Nationale de l'Informatique et des Libertés (CNIL).
Identification will be required to exercise these rights. This identity document is:
Under this procedure, data are kept for the calendar year of the request, plus five years.
The Paris Opera's Data Protection Officer (DPO) is your contact for any request to exercise your rights.
79 bis, avenue de l'Europe
13127 Vitrolles France
You have the following rights in particular:
You have the right to make a complaint to the Commission Nationale de l'Informatique et des Libertés (CNIL), in particular:
Back to top