Effective Date: 18 August 2025

1. Introduction

This Privacy Policy explains how PUR MUSIC EVENTS LTD (Company No: 15967147, Registered Office: 70 St Ina Rd, Cardiff, CF14 4LT), GEMFESTIVAL LTD (Company No: 15191795, Registered Office: 78–78a Monnow Street, Monmouth, NP25 3EQ), and SATELLITE C LTD (Company No: 14769018, Registered Office: 70 St Ina Rd, Cardiff, CF14 4LT) (“PullUp”, “GemFest”, “Satellite C”, “we”, “our”) collect, use, disclose, and protect your personal data when you use our websites, purchase tickets, join our mailing lists, or attend our events.

We comply with:

  • UK GDPR & Data Protection Act 2018

  • EU GDPR (for EU residents)

  • Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)

Depending on which event or transaction you engage with, either PUR MUSIC EVENTS LTD or GEMFESTIVAL LTD will act as the Data Controller.

For privacy queries: info@pulluprecordings.co.uk

2. Data We Collect

Directly from you

  • Name, email, phone number, postal address

  • Ticket purchase details: event selection, order ID, billing details, last four digits of card (via secure processors)

  • Marketing preferences and consent records

  • Customer support and communications

Automatically

  • IP address, browser/device details, cookies, and usage data

  • Referral sources and time stamps

From partners

  • Ticketing platforms: FIXR, Skiddle, Eventbrite, Fatsoma, Resident Advisor

  • Analytics and advertising platforms (Google Analytics, Meta Ads)

3. How We Use Your Data

  • Process and deliver ticket orders and event entry

  • Provide customer support and handle enquiries

  • Send marketing (with your consent or where legally allowed)

  • Improve our websites, events, and services (analytics and reporting)

  • Ensure event safety and compliance with law

  • Detect and prevent fraud or abuse

4. Legal Bases (UK & EU)

  • Contract – to deliver tickets and services

  • Consent – for marketing and cookies

  • Legitimate Interests – service improvement, fraud prevention, event safety

  • Legal Obligation – record keeping, tax, and compliance

5. Sharing Your Data

We do not sell your personal data. We may share with:

  • Ticketing platforms (FIXR, Skiddle, Eventbrite, Fatsoma, Resident Advisor)

  • Payment processors and banks

  • Email/CRM providers (e.g., Brevo)

  • Analytics & advertising platforms (Google, Meta)

  • Professional advisors (accountants, lawyers, insurers)

Where transfers occur outside the UK/EU, we ensure safeguards such as Standard Contractual Clauses.

6. Data Retention

  • Ticketing/transaction data: up to 6 years (legal/accounting)

  • Marketing data: until you withdraw consent or we mark inactive

  • Support/incident logs: as needed for resolution or law

  • Cookies/analytics: see Cookie Policy

7. Your Rights (UK & EU Residents)

Under GDPR you have the right to:

  • Access your data

  • Rectify inaccurate data

  • Request deletion

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time

Contact: info@pulluprecordings.co.uk
You may also complain to the ICO in the UK or your local EU data authority.

8. Additional Rights for Australian Residents

If you are in Australia, the Australian Privacy Act 1988 gives you rights under the APPs. These include:

  • Access: You can request access to the personal data we hold about you.

  • Correction: You can ask us to correct inaccurate or incomplete information.

  • Purpose Limitation: We only collect, use, and disclose your data where reasonably necessary for our functions (e.g., ticketing, events, marketing with consent).

  • Direct Marketing: We will not send you direct marketing unless you’ve consented, or it’s permitted by law. You may opt out at any time.

  • Cross-Border Disclosure: If we transfer your personal data outside Australia (e.g., to servers in the UK, EU, or US), we will take reasonable steps to ensure the recipient protects it consistently with the APPs.

For privacy concerns in Australia, you may also contact the Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au

9. Children

Our events are intended for adults. If we discover we’ve collected data from a child without appropriate consent, we will delete it.

10. Security

We use technical and organisational measures (restricted access, secure servers, staff training, encryption where appropriate) to protect your personal data. However, no system is 100% secure.

11. Updates to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

12. Contact

For all privacy enquiries, data access requests, or complaints, please contact us at:
info@pulluprecordings.co.uk

For more details about how we use cookies, please see our Cookie Policy.

Privacy Policy