Privacy Notice

Name: Lost Ventures Ltd
Address: 1 Red Lion Court, London, England, EC4A 3EB
E-mail: [email protected]

We currently collect and process the following information:

• Personal identifiers, contacts (for example, name and contact details, address, age)
• Banking details
• Health data (only in limited cases i.e. if this is required under law)
• Cookies
• Employer Info (only in limited cases i.e. registering for press accreditation or staff accrediation)
• Appropriate workplace declarations (for working staff members)
• Next of kin details as appropriate (e.g. working staff members)

We will collect your personal data directly from you when you:

• create and place an order;
• sign up to create an account or log in to your account;
• subscribe to our newsletters or to mailing lists;
• subscribe to a waiting list for an event;
• participate in a competition; promotion or survey;
• send an email, phone or online request to our customer service team or our social media channels;
• register for staff, press or artist accreditation; and
• visit our websites and apps (see more in our Cookie Notice).

We note that if you ever need to visit one of the health and welfare tents or facilities at one of our Events, you might need to give certain health or medical information which may be considered sensitive information. These services will be managed by the relevant third party at the Event and not us, in which case we won’t have control or visibility of the information you give and this Privacy Notice won’t apply.

We also receive personal information indirectly, from the following sources:

• From your social media account when you register for an event to our Platform by signing in through it;
• Via our app when you register for it to be able to share the notifications (if you opt-in)
• From our trusted ticket agents and service providers to deliver the goods and services requested;
• From other festivals and events within our Superstruct Entertainment Group if you have agreed that you want to hear more from our events;
• From other third parties outside our Group where you have agreed to them to share your information with us for marketing purposes;
• Government, tax or law enforcement agencies.

Service and Operational Purposes:

• to provide you with your event ticket or any other goods, services and information that you have requested from us;
• to manage your entry to our events, including age and identification verification;
• to provide you customer service and support, deal with enquiries or update you of changes to our events, our Platform or other services;
• to improve and update our Platform and to make sure that content from our Platform is presented to you in the most effective and optimal manner (please view the specific Cookie Notice for more information);
• to capture your feedback about our events and help us improve for future years;
• to tailor our communication with you, to help you get the most out of your ticket to the festival;
• to manage our teams and their welfare on site;
• to help provide accessibility support if required; and
• to help inform our traffic/travel management plan for arriving at and leaving the festival.

Third-party promotions:

We will share your personal data with third parties for their own marketing and promotional purposes only after you have given us your consent. If you opt-in to any third-party communications, you can opt out at any time by following instructions in the third-party communications received.

To protect your vital interests:

If you feel unwell during the festival and visit our health or welfare tents, we might need to collect some health data.

Competitions:

If you have entered a competition or prize draw that we have organised, we will use the personal data that you have provided to us in order to contact you to let you know whether you have won a competition or prize draw that you have entered and so allow us to both perform the contract for the prize and as necessary for our legitimate interests to allow us to encourage customer demand and develop our business.

Direct Marketing Purpose (via email/phone):

We may use your information so that we can contact you directly for marketing and promotional purposes in connection with our events.

Legal Purposes:

We may use your information to enable us to enforce our legal rights, and/or to protect the rights, property or safety of our employees and/or other third parties. To ensure your health and safety during the event we will process any health or mobility information you provide us to comply with our legal obligations.

We will only use your personal data when the law allows us to. Under the DPA 2018 and the GDPR the lawful bases we rely on for processing this information are:

(a). Your consent i.e. for marketing from third parties. You are able to remove your consent at any time by contacting us  [see more about your right to withdraw on section 6];

(b). We have a contractual obligation.(i.e. to successfully book and deliver your tickets);

(c). We have a legal obligation (i.e. to detect fraud, or tax purposes);

(d) We need it to perform a public task;

(e) We have a legitimate interest (i.e. for direct marketing when you have bought tickets) and your interests and fundamental rights do not override those interests.

We share this information with:

• selected third parties that we work with, so we are able put on the events you love and choose to attend. For example, when you register to attend an event we host, we might need to share your information with third party sub-contractors or service providers (including but not limited to the providers of boutique accommodation and the dining experiences) and those that help us to put on our Events (such as venue or security staff);
• When required by the travel providers (such as the event organiser, promoter, transport company) in order to confirm your booking and to fulfil their part of your contract, your personal data may be shared with them;
• We may also share your data with third parties who provide services to us in connection with making your booking such as payment and ticketing providers;
• Other festivals and event organisers within our Superstruct Entertainment Group if you have consented for us to do so;
• Any other third-party outside our Group that you have given your consent to share your information with for marketing purposes;
• Any other third parties and governmental institutions to comply with our legal obligations and enforce our legal rights (i.e. tax obligations).

Before sharing any of your personal data with external providers, we require our providers to sign an agreement confirming that your data will be kept secure.

We take all reasonable and appropriate technical and organisational measures to protect the security of your personal information throughout the course of our business. Technical safeguards are for example restrictive access, encryption and antivirus software.

In case we transfer your information to a country which is outside the UK or the EEA we have put in place contractual agreements or other measures with any recipients of your information to ensure your personal data will be equally protected.

Your information is securely stored on Dropbox and in Mailchimp.

We keep your personal information for only as long as this is necessary for the purpose we collected it. We will then dispose your information by removing all files and back-ups from all personal computers, one drive and hard drive.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you before you can complain at the relevant Supervisory Authority.

Under data protection law, you can exercise the following rights:

Your right to withdraw consent – You can withdraw your consent at any given time by contacting our DPO at [email protected].

Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances i.e. if your personal data are no longer necessary for the purpose they were collected for or if you withdraw your consent.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances i.e. if you think that the information we process is inaccurate or unlawful.

Your right to object to processing – You have the right to object to the processing of your personal information only if we process the relevant information on legitimate or public interest grounds.

Your right to data portability – You have the right to ask that we transfer the personal information you directly gave us to another organisation, or to you, if we process the relevant information on consent or contract grounds.

Your right to lodge a complaint – You have the right to lodge a complaint to the supervisory authority if our response doesn’t satisfy your request.

For UK the Supervisory Authority is ICO. The ICO’s contact details are:

Information Commissioner’s Office

Wycliffe House, Water Lane, Wilmslow

Cheshire SK9 5AF

ICO website: https://www.ico.org.uk

If you are based or the issue you would like to complain about took place in the European Economic Area (EEA), please click here for a list of local data protection authorities in the EEA countries.

Please contact us at [email protected] with the Lost Village Privacy Team (at [email protected]) in copy if you wish to make a request or complain or have any questions on how we use your personal data.

We will keep this privacy notice up to date to reflect changes in our products and services. This notice was last updated on 24^th September 2021. Should this notice change in any fundamental way, a notice will be displayed for 30 days. We recommend checking this page on our Platform from time to time.