emage afriq Privacy Policy
Spain Summer Tour 2026 (Madrid • Marbella • Valencia)
Last Updated: February 2026
Effective Date: February 2026
This Privacy Policy explains how EMAGE AFRIQ Spain Summer Tour 2026 and EMAGE ENTERTAINMENTS LTD (together, “EMAGE AFRIQ”, “we”, “us”, “our”) collect, use, store, and share personal information when you interact with our websites, ticketing services, communications, and live events.
This policy applies to:
- www.emageafriq.com
- tickets.emageafriq.com
- any subdomains or related EMAGE AFRIQ pages
- our event apps (if/when launched)
- on-site event operations (entry systems, safety systems, Wi-Fi, cashless systems if used)
If you have questions, contact our Data Protection Officer (DPO) (see Contact Us).
Table of contents
- Our Commitment
- Privacy Notice Overview
- What Information We Collect & Where We Get It
- How We Use Your Information & Legal Bases
- Who We Share Your Information With
- Your Choices & Rights
- How We Look After Your Information
- How Long We Keep Your Information
- International Data Transfers
- Cookies & Tracking Technologies
- Children’s Privacy
- Changes to This Policy
- Contact Us
1) Our Commitment
You are at the heart of everything we do. We aim to maintain your trust by handling your personal information with respect and by giving you meaningful control over how it is used.
We follow these principles:
| Principle | What it means |
| Transparency | We explain what we collect and why |
| Purpose limitation | We use data only for stated purposes |
| Data minimisation | We collect only what we need |
| Accuracy | We keep data up to date where possible |
| Security | We apply appropriate protections |
| Your rights | We respect and facilitate your rights |
If we make major changes to how we use your information, we’ll notify you and, where required, ask for your consent.
2) Privacy Notice Overview
How this policy applies depends on how you interact with us:
If you purchase a ticket or merchandise
We use your information to:
- process your order and payment
- provide your ticket(s) and event access
- send important event updates and service emails
- provide customer support and manage refunds where applicable
- send marketing only where you have opted in, or where permitted by law (see Marketing below)
If you browse our sites
We use cookies and similar tools to:
- operate the site securely
- remember preferences
- measure performance
- (with consent) run marketing and tracking
If you attend our events
We may process information via:
- CCTV and venue security systems
- entry scanning (ticket validation and access control)
- Wi-Fi (if you register to use it)
- cashless systems (if used) for on-site purchases and operations
If you contact us
We use your details to respond, resolve issues, and improve service quality.
3) What Information We Collect & Where We Get It
We collect personal information in three ways: (A) you provide it, (B) we collect it automatically, (C) we receive it from third parties.
A) Information you provide directly
When you create an account, buy tickets/merchandise, or contact us, we may collect:
| Category | Examples |
| Identity data | name, title, date of birth (where needed) |
| Contact data | email, phone number, postal address |
| Account data | username, password, preferences |
| Transaction data | ticket type, number of tickets, purchases, order history |
| Payment data | payment method and billing address (card details handled by payment providers; we do not store full card numbers) |
| Communications | emails/messages you send, support requests, attachments |
B) Information we collect automatically
When you use our websites/apps, we may collect:
- device and browser information
- IP address and approximate location (city/country level)
- pages viewed, clicks, time spent, referral/exit pages
- cookie preferences and consent status
When you attend our events, we may collect:
- ticket scan validation and timestamps (entry/exit where applicable)
- security/CCTV footage where deployed
- Wi-Fi registration and session data (if you opt in/register)
- cashless transactions (if cashless wristbands/cards are used)
C) Information from third parties
We may receive information from:
- ticketing platforms and authorised sellers (e.g., Eventbrite, DICE, Resident Advisor or other official partners)
- venues and operational partners (entry management, safety operations)
- social media platforms (if you interact with social features/embeds or message us there)
- marketing/analytics partners (only where you consent, or where permitted by law)
- geodemographic/segment providers used to improve personalisation (where lawful)
Special category data (sensitive information)
We only process sensitive data where permitted and protected by law, and only when necessary:
- accessibility needs (may include health-related information) — processed with explicit consent or where required to provide requested support
- public health requirements (only if required by law, venue rules, or authorities, and only for as long as necessary)
Children
EMAGE AFRIQ events are strictly 18+. We do not knowingly sell tickets to, or intentionally collect personal information from, individuals under 18 for event attendance.
4) How We Use Your Information & Legal Bases
We must have a lawful basis to use your personal information. The main bases we rely on are:
- Contract (to deliver what you bought)
- Legitimate interests (to operate and improve the business safely and effectively)
- Consent (for marketing, optional tracking, and certain app features)
- Legal obligation (tax, accounting, regulatory and law enforcement duties)
- Vital interests (rare, emergency situations)
4.1 Contract — to deliver the service you requested
We use your information to:
- process orders and payments
- deliver tickets and event entry
- send booking confirmations and essential event updates
- provide customer support, handle refunds and disputes
- manage operational communications related to your purchase
4.2 Legitimate interests — to run and protect the business
We may use data to:
- conduct analytics and research (ticket patterns, audience insights, service improvements)
- prevent fraud (e.g., ticket touting, payment abuse, IP misuse)
- keep operations safe and secure (cybersecurity, venue security coordination)
- personalise experiences where appropriate and lawful
- enforce legal rights and defend claims
Where we rely on legitimate interests, we consider and balance your rights and expectations.
4.3 Consent — where you choose to opt in
We rely on consent to:
- send marketing via email/SMS/push/web notifications (where required)
- run non-essential cookies (analytics, advertising)
- enable location-based features in apps (if available)
- run crowd management analytics in apps (if used)
- share details with sponsors for their own marketing (only with explicit consent)
You can withdraw consent at any time (see Section 6).
4.4 Legal obligations
We may process information to:
- comply with tax/accounting laws
- respond to lawful requests from authorities
- meet regulatory requirements
- comply with public health or safety requirements (where applicable)
Summary table (what we do and why)
| Purpose | Legal basis |
| Ticket purchase, entry, service emails | Contract |
| Payments & fraud checks | Contract / Legitimate interests |
| Customer support & refunds | Contract |
| Security, anti-touting, investigations | Legitimate interests / Legal obligation |
| Analytics and service improvement | Legitimate interests (or Consent for certain cookies) |
| Marketing communications | Consent (or Legitimate interests where permitted for similar events) |
| Accessibility support (health data) | Explicit consent (or legal basis where required) |
| Legal compliance and reporting | Legal obligation |
5) Who We Share Your Information With
We share data only when needed for the purposes in this policy.
5.1 Within EMAGE ENTERTAINMENTS LTD / affiliated entities
For operational delivery: marketing, reporting, finance, IT support, customer service.
5.2 Service providers (processors)
We use vendors who process data on our instructions, such as:
- hosting/cloud infrastructure
- payment processors
- ticketing platforms
- email/SMS delivery providers
- analytics tools
- customer support tools
- security/CDN providers
- marketing platforms (where consent applies)
These providers are required by contract to protect data and use it only as instructed.
5.3 Event partners
To deliver the event experience (as needed):
- venues and venue operators
- production and security partners
- artists/performers and their teams (typically in limited contexts like VIP lists, meet-and-greet logistics)
- promoters/co-promoters
Event partners may process data under their own privacy policies.
5.4 Third-party fulfilment
If you buy merchandise or third-party services, we share only what’s needed for fulfilment.
5.5 Legal and regulatory bodies
Where required/permitted by law (courts, police, regulators, tax authorities, public health authorities).
5.6 Business transfers
If we restructure, sell, merge, or transfer assets, data may transfer as part of that transaction. We will notify you where required.
5.7 Sponsors
We do not share your personal details with sponsors for their own marketing unless you explicitly consent.
6) Your Choices & Rights
6.1 Your choices (controls)
Marketing:
- click “unsubscribe” in emails
- reply STOP to SMS (where used)
- update your account preferences (if available)
Cookies:
- use the cookie banner and “Cookie Settings” link
- see our Cookie Policy (and your browser controls)
Push notifications & location (if app exists):
- control in device/app settings; turn off location permissions
Personalisation:
- adjust preferences in account (if available), or contact us
6.2 Your rights (UK/EU GDPR)
You may have the right to:
- access your data
- correct inaccurate data
- request deletion (where applicable)
- restrict processing
- data portability (in certain cases)
- object (including an absolute right to object to direct marketing)
- withdraw consent
- complain to a regulator
We may need to verify your identity. We usually respond within 30 days, subject to legal allowances.
6.3 How to exercise rights
Contact Us
Or write to:
EMAGE ENTERTAINMENTS LTD — Data Protection Officer
[Registered Address], United Kingdom
If we cannot comply with a request, we will explain why.
7) How We Look After Your Information
We use appropriate organisational, technical, and physical safeguards.
Security measures may include:
- encryption in transit (TLS/SSL) and appropriate encryption at rest
- access controls and role-based permissions
- logging and monitoring for suspicious activity
- secure development practices and patching
- staff training and confidentiality obligations
- vendor due diligence and contractual controls
Data breach handling
If a breach occurs, we:
- investigate and contain it
- assess risk to individuals
- notify regulators within required timelines where applicable
- notify affected individuals when legally required or if high risk is likely
8) How Long We Keep Your Information
We keep data only as long as necessary for service delivery, legal obligations, and legitimate operational needs.
Typical retention (guideline)
| Data type | Retention | Why |
| Ticket purchase records | up to 7 years | tax/accounting and disputes |
| Customer support records | up to 3 years | service quality and dispute resolution |
| Marketing preferences | while subscribed + up to 1 year | suppression lists and compliance |
| Website analytics | typically up to 26 months | performance and planning |
| Event attendance logs | up to 3 years | operations and planning |
| Accessibility information | event period + up to 1 year | continuity and improvement |
| CCTV | per local law (often ~30 days) | safety and investigations |
We may keep data longer when required by law or for legal claims. We may keep anonymised data for research.
9) International Data Transfers
Because we operate across borders and use global service providers, your data may be transferred outside Spain or the EEA, including to the UK and US, and other countries where partners or vendors are located.
When transfers occur, we use appropriate safeguards, such as:
- Adequacy decisions (e.g., UK adequacy where applicable)
- Standard Contractual Clauses (SCCs)
- other lawful mechanisms recognised under applicable law
- explicit consent (only where appropriate and required)
You can request details of safeguards by contacting us.
10) Cookies & Tracking Technologies
We use cookies and similar tools for:
- essential website functionality and security
- performance and analytics (optional)
- personalisation (optional)
- advertising and remarketing (optional)
You can control cookies via:
- our cookie banner and preference centre (“Cookie Settings”)
- your browser settings
- third-party opt-outs (where available)
For full detail, see: Cookie Policy.
11) Children’s Privacy
EMAGE AFRIQ events are 18+ only. We do not knowingly collect personal information from minors for ticket purchases or event entry.
If you believe a minor has provided us personal information, contact us and we will take appropriate steps.
12) Changes to This Policy
We may update this policy to reflect changes in law, services, or practices. We’ll update the “Last Updated” date and provide notice where required. If consent is needed for a change, we will request it.
Previous versions are available on request.
Next review date: February 2027
13) Contact Us
Data Protection Officer (DPO)
Privacy enquiries / rights requests
Marketing preferences
General enquiries
Website: www.emageafriq.com/contact
Postal:
EMAGE ENTERTAINMENTS LTD
Data Protection Officer
[Registered Address]
United Kingdom