Privacy Policy
Effective Date: 2026-05-07
This English text is a courtesy translation. The Hebrew version at layla.events/he/privacy is the binding legal document under Israeli law. In any conflict, the Hebrew prevails.
This Privacy Policy applies to the use of the website at https://layla.events (hereinafter, "the Website") and the Layla mobile application (hereinafter, "the Application", and together with the Website: "the Platform") of Rey Nagar, Israeli authorized dealer (osek morshe no. 328505532), located at 64 Ha-Iyar St., Tel Aviv-Yafo, trading as "Layla" (hereinafter, "Layla", "we" or "us"). The terms "you" or "your" refer to any user of the Platform, whether a user of the services provided on the Platform, such as a user purchasing tickets for an event ("Service User" or "Consumer"), or a service provider, such as an event organizer ("Service Provider" or "Organizer"). If you do not agree to the terms of this Privacy Policy, please refrain from clicking "Login" or "Register" and refrain from using the Platform.
We respect your right to privacy. This Privacy Policy details the ways in which we collect, use, store and protect information received from users. If you have comments or questions regarding our Privacy Policy, please contact us at hello@layla.events.
Please also review the Terms of Use on the Platform ("Terms of Use"). Highlighted terms not defined in this document will be interpreted according to the meaning attributed to them in the Terms of Use. "Personal Information", as used in this Privacy Policy, is information that can be associated with a person or entity, such as name, phone number, address, date of birth, national ID number or email address.
This Privacy Policy is written in the masculine for convenience only, and it refers to all genders.
Information We Collect
We collect the following information from your use of the Platform:
Details provided by Service Users or details collected through the Platform. Details transmitted during registration, such as first and last name, email address, mobile phone number and date of birth. Also, if the event Organizer requires it for entry control and to comply with the law (such as 18+ events or events that require identity verification), we may collect additional information including national ID number. We also collect data transmitted during purchase of services of any kind, including the identity of the card used for payment (last four digits, card brand and a payment token only — full card number, CVV and magnetic-stripe data are never transmitted to Layla and are never stored by us; they are submitted directly to our payment processor Tranzila in secured fields) and the price of the ticket purchased. We also collect information about events for which you ordered tickets, and the nature of the event may indicate certain characteristics about you.
Details provided by Service Providers. Details transmitted during registration, such as legal name and trading name of the business, business or company identification number, email address, mobile phone number, bank account details for receiving payouts, and documents and images required for know-your-business (KYB) checks and compliance with anti-money-laundering obligations under the Israeli Prohibition on Money Laundering Law 5760-2000, including business registration certificates, identity documents of beneficial owners, and others.
Details collected automatically from the Platform (whether from Service Users, Service Providers and/or other visitors to the Platform). The Platform will collect certain information automatically, such as approximate geographic location (city level), IP address, pages you viewed or accessed, services you were interested in, whether you accessed from a smartphone or computer, and what operating system and browser you used. We may also collect usage data such as visit length, navigation path within the Platform and actions you performed.
When contacting us. In addition, we collect any information you provide when you contact us for any reason — whether by email, contact form, in-app chat, or WhatsApp Business message.
You are not legally obligated to provide the information described here, but by using the Platform you express your consent to provide us with the said information.
How We Use Information
Currently the following roles within Layla have access to information about you: technical development and operations, support and customer-service team, customer-success team, finance and bookkeeping team, and management (including the operations manager). It should be noted that these role types may change from time to time.
We will not share your information with third parties without your explicit consent, unless we are required to do so by any law, regulation or court order, or in order to cooperate with a law-enforcement investigation, and except for the ways expressly mentioned here. We may use personal information and other information internally — for example, to provide you with the service you requested (ticket sale, digital ticket delivery, sending receipts, event updates), to help detect issues on our servers, to prevent fraud and comply with anti-money-laundering obligations, and to improve the services we offer to you and to our other customers. We use the information you provide when you contact us to handle your inquiry. We use the information you provide when you authorize us to contact you and/or to receive promotional or other notices from us, in order to contact you and/or to provide you with such notices.
We may share your personal information with:
- Event Organizers — including information such as full name, phone number, email address and amount paid (without credit-card details except for the last four digits), as well as additional information that the Organizers required to receive from event participants, such as national ID number for entry control and to comply with the law. Organizers are contractually required by us to use this information solely for event operations and legal compliance, and to adopt data-protection practices no less stringent than ours.
- Affiliated companies, third parties that are subcontractors, or service providers — such as credit-card processing providers (Tranzila), digital receipt and tax-invoice issuance providers (Morning and Tranzila Documents), Israeli SMS message providers (ActiveTrail as default, Inforu as fallback), WhatsApp Business providers (Meta), cloud-hosting providers (Vercel for the Frontend, Neon Postgres in Frankfurt for database storage), error-monitoring providers (Sentry), analytics providers (PostHog), transactional-email providers (Resend) and identity-management providers (Clerk). We require companies affiliated with us and our subcontractors to follow procedures that protect your right to privacy, procedures that are at least at the level of the procedures described in this Privacy Policy.
- Business partners and service providers with whom we may jointly offer products or services, or whose products or services may be offered on our Platform. You will be able to tell when a third party is involved in a product or service because their name will appear, either alone or alongside ours. If you choose to use these products or services, we may share information about you, including your personal information, with those partners. Please note that we do not control the privacy practices of third parties who are business partners as described. If you no longer wish to allow such third party to use your information, please contact that third party directly.
- Referrals from websites. If you were referred to this Platform from another site (for example, by a link or via an affiliate program), we may share certain information about you with the referring site for reporting and compensation purposes. We recommend that you review the privacy policy of every site that referred you here. In addition, when you click through a link from our Platform to one of our partners, we provide that partner with a unique identifier so they know you were referred from our Platform. This unique identifier will not contain any of your personal information.
- Advertisers on the Platform. When you click on an advertisement, on our Platform or on another website, application and/or platform, the advertiser will know that a person clicked on this advertisement on this page and the advertiser may be able to identify you through certain means, such as cookies. We share your personal information with advertisers on our Platform (a) with your consent, (b) as encrypted IP addresses and/or device identifiers, and (c) as personal information visible to all users of our services, such as public profile information.
Furthermore, by analyzing all the information we receive, we may create statistical information about a wide variety of users (hereinafter: "Statistical Information"). This information helps us understand trends and user needs so that we can consider new services and products and adjust existing services and products to customer needs. Statistical Information is anonymous and we will not link it to personal information. We may share Statistical Information with our partners, on commercial terms determined at our sole discretion. In addition, we may provide any information to third parties as long as we have removed data identifying a specific person or user, such as name, address or contact details.
We also use a tool called "PostHog" and Vercel Analytics to collect information about usage of the Platform and our services. These tools collect data such as the frequency at which users visit the Platform, which pages they view, and which other websites they used before arriving at the Platform. The tools collect the IP address assigned to you on the date of your visit to the Platform rather than your name or other identifying information. We do not combine information collected through the use of these tools with information that allows personal identification. We use the information we receive from these tools solely to improve our Platform and services.
How We Protect Information
We take industry-accepted measures to protect the information provided to us, both during transmission of the information (TLS 1.3) and after we receive the information (AES-256-GCM encryption of sensitive information at rest, using envelope encryption and managed KMS keys, role-based access control, 24/7 monitoring, and periodic penetration testing). However, there are no methods of electronic transmission or storage that are completely secure. Therefore, although we strive to use accepted methods to protect your information, we cannot guarantee its absolute security. We will delete any personal information we have received from a user upon receipt of a written request from that user, subject to record- retention obligations imposed on us by specific laws (for example, the VAT Law 5736-1975 and the Income Tax Ordinance [New Version], which require retention of receipt and invoice documents for seven years). We cannot restore deleted information.
Cookies
Cookies are short text files sent to your device through your browser. We use cookies to personalize the user experience and to display relevant content and advertising on the Platform. Third parties through which we provide services, or our business partners, may place cookies in your browser to collect information in connection with advertisements appearing on third-party sites. We may use a "persistent" cookie to save your settings and personal preferences. For example, if you log into the Platform, the cookie will be used to identify you as a current user, so that you do not have to re-enter your details every time you use the services. Most internet browsers are pre-configured to accept cookies, but you can change this setting so that your browser blocks a particular cookie or notifies you each time a cookie is sent. You can also delete any existing cookie at any time. Some features of the services may not work properly if you disable or remove cookies.
The cookies we use may change from time to time. In any case, the types of cookies we generally use fall into one of the following categories:
| Cookie type | Activity |
|---|---|
| Strictly necessary | These cookies are essential for the proper operation of the services. They help you access the services, navigate within them, and use various features, such as remembering past actions to return to previous pages. |
| Functional | These remember your preferences from visit to visit, such as default language and currency. |
| Security | These help us identify you and prevent other users from changing your username and password and other security operations of this kind. |
| Analytical | These cookies help us understand how all users use our services. This information helps us improve the services, such as which pages are most popular and which links go unnoticed. |
| Advertising | These cookies are designed to deliver advertisements that may be relevant to you. They help advertisers serve you new ads rather than ones you have already seen, or serve you targeted ads. These cookies help us understand how successful our advertisements are. These cookies may track you while you use our services and visit other sites. |
Communications
We may send you messages by email, SMS, WhatsApp or other notices about ourselves, about events for which you ordered tickets, or about our products and services. By accepting the Terms of Use of the Platform (including the Privacy Policy terms, which are incorporated into the Terms of Use) or by using the Platform, you affirmatively agree to receive such commercial messages. As a registered member, you can remove your personal details from our mailing list and stop receiving messages from us in the future, by clicking the unsubscribe link that appears in every message, by replying "STOP" to SMS / WhatsApp messages, or by sending an email to hello@layla.events. You will be given the option to unsubscribe from the commercial-message mailing list in every such email or other message we send. Please note — we reserve the right to send you various service-related messages, including service notices and administrative messages regarding your account or your transactions on this Platform, without offering you the option to avoid receiving them, unless you close your account.
Use of the Platform by Children
Layla does not knowingly collect personal information from children under the age of 13. In the event that you become aware of a child under 13 who registered without parental or guardian consent, please notify us immediately at hello@layla.events and we will delete the information immediately. Buying tickets for 18+ events is prohibited for minors and the responsibility for verifying age before purchase rests with the buyer. In cases where a particular event requires presentation of an ID at the entrance, this will be expressly stated on the event page.
Access, Correction or Update of Your Information
Pursuant to the Privacy Protection Law 5741-1981, in particular Sections 13–14 of the Law, and in light of Amendment 13 to the Privacy Protection Law (5785-2025), you have the right to review the information you provided during registration and to change data, inaccuracies or errors, request deletion of the information, object to marketing processing of the information, and receive a copy of the information in a structured format (the right to portability). To request access as described, or to correct, update, adjust or delete your personal information, please contact us at hello@layla.events. We will respond to your request within 30 days, as set out in the law. We will retain your information for as long as your account is active or as necessary to provide you with services. If you wish to close your account or request that we no longer use your information to provide you with services, please contact us at the email address above. We will retain and use your information as required to comply with our legal obligations, resolve disputes and enforce our agreements, and in particular retain tax documents for seven years as required by law.
Other Uses or Transfer of Your Information
We will fully cooperate with all law-enforcement authorities and with any court order requesting or directing us to disclose the identity or activities of any user suspected of engaging in unlawful activity. We may use subcontractors located in countries other than yours and send them the information we receive. We may send your information to affiliated companies or providers located in countries other than Israel, including in EU member states (for example, our database is stored in Frankfurt under GDPR protection), in the United States (for example, the Sentry monitoring provider or the Vercel hosting provider) and in Ireland (for example, Meta WhatsApp Business). Our affiliates and all our subcontractors will be subject to nondisclosure and non-use obligations beyond what is necessary to operate the service. However, in some countries, protections for personal information and other information may not be equivalent to those offered in Israel. In every such transfer, we ensure that a Standard Contractual Clauses (SCC) data-protection agreement is in effect, limiting the use of the information to what is necessary to operate the service only.
We may transfer our databases, which contain your personal information, in the event that we sell our business or part of it, or transfer the activity to another legal entity — for example, in the event that Rey Nagar decides in the future to incorporate as a private limited company and transfer the business activity to it — including in the event of winding-up or dissolution of the activity. We may transfer, disclose and/or share information about our users, including personal information, as part of a merger, sale of business assets or acquisition, in the event of dissolution or winding-up, or during negotiations for any such transaction, and it shall continue to be subject to the provisions of this Privacy Policy, in accordance with the provisions of the law. In providing such information, you expressly consent to such transfer and use, including to transfers outside your country of residence.
Governing Law and Jurisdiction
This Privacy Policy is governed exclusively by Israeli law, including the Privacy Protection Law 5741-1981 and its amendments, and the Privacy Protection Regulations (Data Security) 5777-2017. Any dispute arising from this Privacy Policy or its breach shall be heard exclusively in the competent courts of the Tel Aviv–Yafo District.
Changes
Our Privacy Policy may change from time to time, and we recommend that you review it periodically. Material changes will be notified by email and a prominent in-app notice at least 14 days before they take effect. Continued use of the Platform after the changes come into effect constitutes acceptance of the updated Policy.
Contact Us
If you have comments or questions regarding our Privacy Policy, or if you wish to exercise your statutory rights (access, correction, deletion, objection, portability), please contact us at hello@layla.events.
Operator details for legal and regulatory purposes:
- Database controller: Rey Nagar
- Status: Israeli authorized dealer (osek morshe)
- Business number: 328505532
- Registered address: 64 Ha-Iyar St., Tel Aviv-Yafo
- Trading as: "Layla"
- Website: https://layla.events
- Email: hello@layla.events