Buy Tickets

Cashless

3rd - 6th August 2023

Data Retention Policy

Data Retention Policy – Consumer Data

1. Introduction

In accordance with UK GDPR and the Data Protection Act 2018, Valley Fest Ltd (“Valley Fest”) are required to put in place certain policies and procedures to comply with the holding and processing of personal data.  In particular, the principle that processing should be lawful, fair and transparent, should be adhered to at all times.

Valley Fest only collects via Ticketline (through tickets sales) and via Mailchimp (for marketing purposes).

All sensitive data referencing the purchase of tickets is processed by Ticketline and covered by their own Data Policies. No information is held on servers that Valley Fest is in control of. 

Our marketing data base is managed through Mailchimp which has direct marketing requirements built in, e.g. an unsubscribe option on all communications.

In addition, Valley Fest uses the services of Weez Events to manage their cashless wristband operation. Account creation, including name & email, is required for sign-up to fulfil wristband use at the event. All sensitive data referencing the top-up of wristbands is processed by Weez Event and covered by their own Data Policies. No information is held on servers that Valley Fest is in control of. No data collected by Weez Event will ever be used for marketing purposes.

Terms in this policy have the same meaning as in the Data Protection Act 2018.

2. Purpose

The purpose of this Policy is to establish the requirements to minimise the storage of confidential personal data (“Personal Data”) and the risk of loss or manipulation of Personal Data in the event of compromise, human error, equipment failure or disaster.

3. Scope

The scope of this Policy includes all Personal Data, devices and information held by and on behalf of Valley Fest, in particular the Consumer Data held by Mail Chimp for marketing purposes.

4. Responsibilities

Valley Fest shall ensure that this Policy is communicated to all relevant employees, contractors and third parties involved in the retaining or processing of Personal Data and that they fully understand their responsibilities to comply with this Policy.

5. Assumptions

The legal definitions in the Data Protection Act 2018 continue to be relevant and require the current levels of protection.

6. Retention

Valley Fest operates on the basis of ‘less is best’, as such we (and any third party data processor) :

7. Retention Schedule

Source of DataBasis of collectionJustification for retentionRetention PeriodMethod of disposal
Ticketline – Ticket PurchaseConsentTo fulfil ticket deliveryFor as long as is necessary to fulfil the purpose of providing you a service to deliver your ticket and any other services that have been requested.Anonymised
Weez Event – Cashless Wristband Top-UPConsentTo fulfil cashless wristband use & post event statistical analysis.Until deletion is requested.   Anonymised
MailChimp -Newsletter Sign-upsConsentTo fulfil newsletter deliveryUntil unsubscribeDeletion

8.     Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

Valley Fest Ltd is registered with the Information Commissioner as a data controller with registration number ZB283240.