Privacy Policy

Last updated: 23 September 2025

This Privacy Notice explains how Halo Service Solutions Ltd collects, uses, shares and protects your personal data in connection with Halo Festival and related services. It also explains your rights and how to contact us.

Who we are

Controller: Halo Service Solutions Ltd, company number SC216980, Halo House, Gipping Way, Stowmarket, IP14 1GJ.

Contact for privacy: FestivalSupport@imaginehalo.com (please use this inbox for all privacy and data requests)

This notice applies when you buy tickets for Halo Festival, attend the event at Trinity Park, use our websites or social channels, enter our competitions, contact us, or otherwise interact with us.

Roles: For ticket purchases and resale, Skiddle acts as an independent controller for its own processing and its privacy notice applies. Once Skiddle shares ticketing information with us for event operations, Halo Service Solutions Ltd is the controller for that use.

What data we collect

We may collect the following categories of personal data about you:

  • Identity and contact details, for example name, email address, postal address, phone number.
  • Booking and transaction information, for example tickets purchased via Skiddle, order numbers, price paid, payment method reference, delivery details, refund history. Card details are processed by our payment providers and are not stored by us.
  • Account and preferences, for example newsletter preferences, saved details, and communication settings.
  • Event operations data, for example wristband or barcode status, access control logs, lost property records, incident reports, and medical or accessibility information you provide to request adjustments or Personal Assistant tickets.
  • Age related data where required for entry or alcohol service checks.
  • Marketing and communications data, for example your marketing consents, competition entries, survey responses, and customer service messages.
  • Technical and usage data, for example device identifiers, IP address, cookie identifiers, approximate location, and browsing actions on our sites. See the Cookies section.
  • Images and audio from CCTV or official photography and filming at the event for safety, security and promotional purposes.

Where we get your data

  • Directly from you when you purchase tickets, complete forms, contact us, or participate in promotions.
  • From our ticketing and resale partner Skiddle where you buy or resell tickets for Halo Festival.
  • From service providers that operate parts of our website, customer service, analytics, and marketing tools.
  • From social media platforms if you interact with our pages or ads and you have allowed the platform to share information with us.

How we use your data and legal bases

We use your personal data for the purposes below and rely on the legal bases shown.

To perform our contract with you

  • To process your ticket purchase and manage entry, access control, and customer service.
  • To provide accessibility arrangements and Personal Assistant tickets where requested.

To comply with our legal obligations

  • To meet health and safety, licensing, and safeguarding requirements.
  • To respond to lawful requests from authorities and to maintain appropriate financial records and tax records.

For our legitimate interests

  • To operate a safe and successful event, including site security, crowd management, incident investigation, lost property returns, and service improvement.
  • To prevent fraud, misuse and unauthorised resale.
  • To run customer surveys, competitions, and marketing that is tailored to your interests where permitted by law. You can opt out at any time.
  • To capture event atmosphere through official photography and video for documentation and promotion of Halo Festival. You can object where your privacy rights override our interests.

With your consent

  • To send you electronic direct marketing where consent is required.
  • To place non essential cookies or similar technologies. See Cookies.
  • To process special category data you choose to provide for accessibility or health related adjustments.

Sharing your data

We share personal data where needed with trusted recipients, subject to contracts that protect your information:

  • Ticketing and resale partner: Skiddle for ticketing, resale, access control and customer support.
  • Operational suppliers: for example customer support tools, email and messaging providers such as Customer.io, web hosting, analytics and advertising platforms, security and medical providers, merchandise and cashless systems.
  • Public authorities and emergency services: where required for safety, licensing or by law.
  • Professional advisers and insurers.
    We do not sell your personal data.

International transfers

Some suppliers and platforms may process your data outside the United Kingdom. Where this happens, we ensure appropriate safeguards are in place, for example UK adequacy regulations, standard contractual clauses, and additional security measures.

Retention

We keep personal data only for as long as needed for the purposes above.

  • Ticketing and customer service records – up to 7 years for tax and accounting.
  • Marketing contact data – up to 24 months after your last interaction, unless you withdraw consent or object earlier.
  • CCTV and body worn camera footage – normally up to 30 days unless required longer for an investigation or legal claim.
  • Accessibility requests and supporting evidence – normally up to 6 months after the event unless needed longer for legal or safeguarding reasons.
  • Incident, safety and insurance records – kept as required by law and industry guidance.
    When data are no longer needed, we delete or anonymise them.

Your rights

You have rights under UK data protection law, including the right to request access, correction, deletion, restriction, portability and to object to processing based on legitimate interests or for direct marketing. Where we rely on consent, you can withdraw it at any time.

To exercise your rights, contact FestivalSupport@imaginehalo.com. We may need to verify your identity. You also have the right to complain to the Information Commissioner’s Office at ico.org.uk.

Marketing

You can opt out of marketing emails at any time by using the unsubscribe link or by contacting us. With your consent, we may send you updates about Halo Festival and other Halo Service Solutions products, services and events. We may also use audience tools on platforms to reach people with similar interests. We will only use custom audiences where permitted by law and you can object or opt out at any time via platform settings or by contacting us.

Cookies and similar technologies

We aim to operate without non-essential cookies. Our festival website only uses cookies and similar technologies that are strictly necessary to deliver the site, keep it secure, and remember limited settings. At the time of publication, we do not set analytics, advertising, or social media tracking cookies. If this changes, we will update this notice and introduce a consent banner before setting any non-essential cookies. You can manage cookies via your browser settings.

Children

Halo Festival permits attendance by under 18s only when accompanied by an adult. We do not knowingly send direct marketing to children. If you believe a child has provided us with personal data without appropriate consent, please contact us so we can delete it.

Security

We use administrative, technical and physical safeguards to protect personal data. Despite our efforts, no security controls are perfect and we cannot guarantee absolute security of information transmitted over the internet.

Photography, filming and CCTV

CCTV operates across the Site for safety and security. Security teams may also use body worn video. Official event photographers and videographers may capture images for documentation and promotion. If you have concerns, speak to a steward or contact us. We will consider reasonable requests to avoid or remove identifiable uses where feasible.

Event Wi-Fi

A free Wi-Fi zone may be available at the event, provided by us or our supplier. When you connect, we collect device identifiers, connection times, bandwidth use and pages visited on the captive portal for security and service management. You may be asked to provide basic details to log in. Additional terms and a privacy notice may be presented on the Wi-Fi splash page. Connection logs are normally kept for up to 12 months unless required longer by law or for an investigation.

Links to other sites

Our websites may contain links to sites that we do not control. We are not responsible for the privacy practices of those sites. Check their privacy policies before you submit personal data.

Changes to this notice

We may update this Privacy Notice from time to time. The latest version will always be posted on our website with the date shown above.

Scroll to Top