Privacy Policy

Privacy Notice

You might be viewing this through our website or mobile application (which we'll collectively call "Platform" in short).

A photograph of the exterior of an old vehicle with someone sat inside it.

Privacy Notice

We consider the protection of your privacy to be extremely important. We are bound by and use your personal data in accordance with the Data Protection Act 2018 and the General Data Protection Regulation 2016/679 of April 27th 2016 (the “GDPR”).

We want to inform you as much as possible, respect you and give you control over what happens to your personal data and what you share with us.

Our Privacy Notice is designed to make you aware of what data we are collecting and how we collect it.

Please take time to read through our Privacy and Cookies Notices to understand your rights.

1.1 About us - Our contact details

We currently collect and process the following information:

  • Personal identifiers, contacts (for example, name and contact details, address, age/date of birth)
  • Banking details
  • Telephone number
  • Health data (only in limited cases i.e. if this is required under law)
  • Cookies
  • Employer info (only in limited cases i.e. registering for press accreditation or staff accreditation)
  • Appropriate workplace declarations (for working staff members)
  • Next of kin details as appropriate (e.g. working staff members)

1.3 Information you give us

We will collect your personal data directly from you when you:

  • create and place an order;
  • sign up to create an account or log in to your account;
  • subscribe to our newsletters or to mailing lists;
  • subscribe to a waiting list for an event;
  • participate in a competition; promotion or survey;
  • send an email, phone or online request to our customer service team or our social media channels;
  • register for staff, press or artist accreditation; and
  • visit our websites and apps (see more in our Cookie Notice).

We note that if you ever need to visit one of the health and welfare tents or facilities at one of our Events, you might need to give certain health or medical information which may be considered sensitive information. These services will be managed by the relevant third party at the Event and not us, in which case we won’t have control or visibility of the information you give and this Privacy Notice won’t apply.

1.4 Other information we collect about you and information we receive from third-party sources

We also receive personal information indirectly, from the following sources:

  • From your social media account when you register for an event to our Platform by signing in through it;
  • Via our app when you register for it to be able to share the notifications (if you opt-in); and
  • Government, tax or law enforcement agencies.

2.1 What do we use your data for?

Service and Operational Purposes:

  • to provide you with your event ticket or any other goods, services and information that you have requested from us;
  • to manage your entry to our events, including age and identification verification;
  • to process payments;
  • to provide you with customer service and support, deal with enquiries or update you in respect of changes to our events, our Platform or other services;
  • to improve and update our Platform and to make sure that content from our Platform is presented to you in the most effective and optimal manner (please view the specific Cookie Notice for more information);
  • to capture your feedback about our events and help us improve for future years;
  • to tailor our communications with you, to help you get the most out of your ticket to the festival;
  • to manage our teams and their welfare on site;
  • to help provide accessibility support if required; and
  • to help inform our traffic/travel management plan for arriving at and leaving the festival.

Third-party promotions:

We will share your personal data with third parties for their own marketing and promotional purposes only after you have given us your consent. If you opt-in to any third-party communications, you can opt out at any time by following instructions in the third-party communications received.

To protect your vital interests:

If you feel unwell during the festival and visit our health or welfare tents, we might need to collect some health data.


If you have entered a competition or prize draw that we have organised, we will use the personal data that you have provided to us in order to contact you to let you know whether you have won a competition or prize draw that you have entered and so allow us to both perform the contract for the prize and as necessary for our legitimate interests to allow us to encourage customer demand and develop our business.

Direct Marketing Purpose (via email/phone):

We may use your information so that we can contact you directly for marketing and promotional purposes in connection with our events.

Legal Purposes:

We may use your information to enable us to enforce our legal rights, and/or to protect the rights, property or safety of our employees and/or other third parties. To ensure your health and safety during the event we will process any health or mobility information you provide us to comply with our legal obligations.

2.2 Legal grounds for processing your personal information

We will only use your personal data when the law allows us to. Under the DPA 2018 and the GDPR the lawful bases we rely on for processing this information are:

(a) Your consent i.e. for marketing from third parties. You are able to remove your consent at any time by contacting us  [see more about your right to withdraw on section 6];

(b) We have a contractual obligation.(i.e. to successfully book and deliver your tickets);

(c) We have a legal obligation (i.e. to detect fraud, or tax purposes);

(d) We need it to perform a public task;

(e) We have a legitimate interest (i.e. for direct marketing when you have bought tickets) and your interests and fundamental rights do not override those interests.

3. Who will your data be shared with?

We share this information with:

  • selected third parties that we work with, so we are able put on the events you love and choose to attend. For example, when you register to attend an event we host, we might need to share your information with third party sub-contractors or service providers (including but not limited to the providers of boutique accommodation and the dining experiences) and those that help us to put on our Events (such as venue or security staff);
  • When required by the travel providers (such as the event organiser, promoter, transport company) in order to confirm your booking and to fulfil their part of your contract, your personal data may be shared with them;
  • We may also share your data with third parties who provide services to us in connection with making your booking such as payment and ticketing providers;
  • We may share your data with affiliated companies within our group (our “Group”) (in accordance with data sharing agreements in place with those entities) for service and operational purposes, in order to improve the festival and the services being provided to you;
  • Other festivals and event organisers within our Group for marketing purposes if you have consented for us to do so;
  • Any other third-party outside our Group that you have given your consent to share your information with for marketing purposes;
  • Any other third parties and governmental institutions to comply with our legal obligations and enforce our legal rights (i.e. tax obligations).

Before sharing any of your personal data with external providers, we require our providers to sign an agreement confirming that your data will be kept secure and, where possible, place them under the obligation to act in the capacity of data processor. This means that we determine the purpose for which and the manner in which your data is to be processed and the data processor is only allowed to handle your data according to the instructions and security standards that we follow.

4. How do we protect your personal data?

We take all reasonable and appropriate technical and organisational measures to protect the security of your personal information throughout the course of our business. Technical safeguards are for example restrictive access, encryption and antivirus software.

In case we transfer your information to a country which is outside the UK or the EEA we have put in place contractual agreements or other measures with any recipients of your information to ensure your personal data will be equally protected.

5. How long will we keep your personal data for?

Your information is securely stored on Dropbox and in Mailchimp.

We keep your personal information for only as long as this is necessary for the purpose we collected it. We will then dispose your information by removing all files and back-ups from all personal computers, one drive and hard drive.

6. What are your rights?

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you before you can complain at the relevant Supervisory Authority. Under data protection law, you can exercise the following rights:

Your right to withdraw consent

You can withdraw your consent at any given time by contacting our DPO at – see section 7.

Your right of access

You have the right to ask us for copies of your personal information.

Your right to rectification

You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure

You have the right to ask us to erase your personal information in certain circumstances i.e. if your personal data are no longer necessary for the purpose they were collected for or if you withdraw your consent.

Your right to restriction of processing

You have the right to ask us to restrict the processing of your personal information in certain circumstances i.e. if you think that the information we process is inaccurate or unlawful.

Your right to object to processing

You have the right to object to the processing of your personal information only if we process the relevant information on legitimate or public interest grounds.

Your right to data portability

You have the right to ask that we transfer the personal information you directly gave us to another organisation, or to you, if we process the relevant information on consent or contract grounds.

Your right to lodge a complaint

You have the right to lodge a complaint to the supervisory authority if our response doesn’t satisfy your request.

For UK the Supervisory Authority is ICO. The ICO’s contact details are:

Information Commissioner’s Office

Wycliffe House, Water Lane, Wilmslow
Cheshire SK9 5AF
ICO website:

If you are based or the issue you would like to complain about took place in the European Economic Area (EEA), please click here for a list of local data protection authorities in the EEA countries.

7. How to contact us

Please contact us at if you wish to make a request or complain or have any questions on how we use your personal data.

8. How do we keep this privacy notice up to date?

We will keep this privacy notice up to date to reflect changes in our products and services and may unilaterally change this privacy notice. This notice was last updated on 21st September 2023. Should this notice change in any fundamental way, a notice will be displayed for 30 days. We recommend checking this page on our Platform from time to time.