When we talk about Firefly Events we mean Firefly Outdoor Events Limited, registered number 10758422, of Croft Farm, Henley Road, Marlow, Buckinghamshire, England, SL7 2BZ (“us”, “we”, “our”). Firefly Events owns and operates the https://www.fireflyevents.co.uk/ website and works closely with our ticketing partner, who has been appointed as one of our data processors when you make a booking for one of our events. When you interact with us through our websites (or otherwise, including purchasing tickets directly at our events) you may provide to us, or we may collect, certain information from which you are personally identifiable (which is referred to as personal data).
For the purposes of the data protection laws, we are the “data controller”, meaning that we are responsible for deciding how your personal data is used and more importantly, for keeping your data safe and only using it for legitimate purposes.
What this policy explains
• What data we collect about you
• Why we use your data and our legal grounds for doing so
• Who we share your data with
• Whether we send your data outside of the EEA or not
• The Firefly Events marketing communications and how to opt-out
• When and why you might see adverts for Firefly Events online
• How we keep your data safe
• Third party websites
• How long we store your data
• Your rights and how to exercise them
• Changes to our policy
• How to contact us
What data do collect we about you?
We have set out below the different types of personal data that you provide directly to us, or which we collect from you when we interact. We also wanted to let you know why we use this data and the different legal grounds, which allow us to do so. You don’t have to give us any of this data but if you don’t, you may not be able to buy tickets and you are unlikely to receive our optimal overall customer experience. But that is your choice – and we respect that.
You may provide us with the following types of personal data when you directly interact with us (through our websites, in person at our events or otherwise):
Contact – first name, surname, gender, DOB, account log-in information, country of residence, email address, telephone numbers and address
Profile – your preferences for marketing, other website preferences, your contact history and feedback on your Firefly Events experiences through reviews surveys
We may also collect the following types of personal data from you when you use our websites (using Cookies or other tracking technologies):
Technical – browser type, device information, IP address, hardware type, network and software identifiers, operating system and system configuration
Usage – information about how you use our websites, including time spent on page, click-throughs, download errors, browsing patterns
Why do we use your data and what are our legal grounds?
The table below sets out how we use your personal data and our lawful basis for doing so. In addition to these purposes, please note that we also anonymise and aggregate personal data (so that it does not personally identify you) and use it for testing our internal systems, carrying out research and general customer data analysis. Because this is not personally identifiable, we can use this for any purposes.
|Reasons why we use the data||What data||Legal grounds for using the data|
|Register you as a Firefly Events Customer||Contact, profile||Perform our contract with you.
Necessary for our legitimate interests (to make your purchase experience more user friendly)
|To enable you to put tickets in your basket and save for later||Contact, technical, usage||Same as above|
|Process payments for tickets which you make through our websites and to action refunds||Contact, financial||Perform our contract with you|
|Deliver your tickets||Contact||Same as above|
|Send you service messages by email, including ticket receipts and show information||Contact||Same as above|
Necessary to comply with a legal obligation
|For internal administration and record keeping purposes||All||Perform our contract with you
Comply with our legal obligations
Necessary for our legitimate interests (to effectively operate our business and perform our services)
|Providing customer support, including answering your questions which may involve contacting you by post, e-mail or phone||All||Performance of a contract with you
Necessary for our legitimate interests (to ensure our customers are informed and satisfied with our services)
|Send you service messages by email, including ticket receipts and show information||Contact||Necessary for our legitimate interests (to develop our business and understand our customer base to inform our marketing strategy)|
|To understand who is buying our tickets||Contact, Profile||We only do this if we have your consent|
|Improve and personalise your user experience by delivering more relevant Firefly Events content and advertising whilst you browse and to remember your preferences||Contact,
|Necessary for our legitimate interests (to develop our business and understand our customer base to inform our marketing strategy)|
|Administer our websites, including website trouble shooting, testing and analysis and to enable you to participate in interactive features of our websites||All||Performance of a contract with you
Necessary for our legitimate interests (to ensure that our websites are fully functional and operating in the most effective way for you)
|Enable you to participate in a competition or prize draw||Contact||Perform our contract with you|
|Give you the opportunity to provide feedback to Firefly Events through reviews and surveys||Contact,
|Necessary for our legitimate interests (to develop our business, promote new products and services, obtain feedback from customers to improve our services)|
|Verify your identity and detect fraud and security issues||All||Necessary for our legitimate interests (to prevent and detect fraud, security incidents and criminal activity)|
Sharing your data
We do not pass your personal data to any third parties for the purpose of third party marketing. If in the future we want to do this, we will ask for your permission if you have not given it already, and will only do so if you have consented.
However, we do need to share your data with the following third parties as an essential part of being able to provide our services to you (in accordance with the purposes set out above). In each case, we will only ever share the minimum amount of information required, and ensure that the relevant third parties are subject to suitable obligations in respect of confidentiality and security:
Companies which are within the same corporate group as Firefly Events, who are responsible for managing different aspects of our service delivery
Our ticketing service provider, who allow you to book your tickets to Firefly Events
Payment service providers and our delivery companies
Our professional service providers, such as marketing agencies, advertising partners and website hosts and our professional advisors
Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud
Companies approved by you, such as social media sites (if you choose to link your accounts to us)
In addition to the above, we may also need to share your personal data with third parties if we are legally obliged to.
Do we send your data outside of the EEA?
The European Economic Area or “EEA” is seen as having good standards when it comes to data privacy. Therefore we try to limit the transfer of any data outside of this region. However, from time to time, we do need to do this – for example, our cloud storage provider whose servers are located in the United States of America. In cases such as this, we make sure that your data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for the transfer and putting in place all necessary safeguards for such arrangement where the third party is not based in a country which is deemed to have “adequate” data protection laws). Our cloud storage provider has been granted the U.S Privacy Shield status, which is in conjunction with the EU and GDPR.
Where applicable, you will have the right to see a copy of any safeguards we put in place for international transfers of your data. Just Contact Us if you would like to find out more.
Marketing messages and opt-ing out
If you have said we can, we’ll send you marketing messages by email and/or post to keep you aware of what we’re up to and tell you about future shows we think will be relevant to you or other services and promotions. If you change your mind, you can opt-out of receiving marketing at any time either by Contacting Us, or by using the opt-out function detailed in any e-mail communication. Once you do this, we will update your profile to ensure that you don’t receive further marketing messages. Please note, it might take a few days for all our systems to be updated, so you might get messages from us while we process your request.
We do not currently pass your data onto any third parties for third-party marketing purposes. However, if we ever wish to do so in the future we will always get your consent. You can then opt-out from any third-party marketing at anytime following the same process as above.
We do pass your data onto third parties who deliver our own marketing, and any updates to your preferences will also be passed onto these third parties.
Seeing adverts for Firefly Events elsewhere on the web
If you have given the appropriate consent, Firefly Events targets banners and ads to you when you have left our websites and are on other websites and apps. We do this using a variety of digital marketing networks and ad exchanges, and we use a range of advertising technologies like pixels, ad tags and cookies, as well as specific services offered by some sites and social networks, such as Facebook’s Custom Audience service.
The banners and ads you see will be based on information we hold about you, or your previous use of Firefly Events (for example, tickets you forgot to buy last time you were on the website), or simply from Firefly Events banners or ads you have previously clicked on.
For more information, please read our Cookies Policy.
How we keep your data secure?
We implement industry standard security processes to ensure your data is kept safe and secure and to prevent unauthorised access or use or loss of your data. We also make sure that when we are required to share your data with third parties, they are subject to suitable confidentiality and security standards.
Despite these measures, the transmission of data via the internet is not completely secure. As such, we cannot guarantee that information transmitted to us via the internet will be completely secure and any transmission is at your own risk.
Links to third party websites
How long do we store your data?
We will store your data for as long as you have an “active” Firefly Events purchase*, or as long as is needed to be able to provide the services to you and/or where you are still happy to hear from us about our latest news, products and services.
After this, we may still need to keep hold of your data if there is a legal reason for doing so (such as for tax or other financial reasons (such as being able to deal with chargebacks), where we need to resolve any disputes with you, or where we need to enforce our terms and conditions). In such circumstances, we will only retain the amount of data strictly necessary for these reasons and otherwise, will remove your data from our systems.
*If you’ve not bought tickets in more than 7 years, then we will remove any personally identifiable information from your data.
You have various rights under GDPR which entitle you, in certain situations, to:
ask us for a copy of the personal data we hold about you;
correct or update your personal data, which you can do yourself by logging into your account or if you would prefer, please contact us and we can assist;
request that we delete your personal data;
object to the handling of your personal data where we are relying on a legitimate interest (as set out in the above table);
restrict the processing of your personal data;
request the transfer of your personal data (or some of it) to a third-party service provider; or
where you have provided your consent for something, in certain circumstances, you may withdraw this consent (but note that we may continue to use your personal data if we have legal grounds for doing so).
And how to exercise them….
Please Contact Us if you would like to exercise your rights, which you can do for free. The only time we may be allowed to charge a reasonable fee is where your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. Otherwise, we will always respond within one month (unless there is a legal reason to take longer).
We may also need to ask you to confirm your identity before we proceed with your request if it is not clear who is making the request.
If you are concerned about the way we are handling your personal data you may also contact the ICO (Information Commissioner’s Office). However, where possible, we would really appreciate the opportunity to help with your concern in the first instance.
Changes to this policy
We may change this policy from time to time, to reflect how we are handling your data and will upload these updates onto our websites. If we make significant changes, we will make sure these are notified to you by email or other suitable method so that you are able to review the changes before you continue to use our services.
How to contact us
If you would like to discuss anything in this policy, want to exercise your rights or have any issues with the way we are handling your data, please:
Email us: firstname.lastname@example.org
Contact Customer Services
Write to us at: Firefly Events, Croft Farm, Henley Road, Marlow, Buckinghamshire, England, SL7 2BZ
LAST UPDATED: July 2018