Privacy Policy

Last updated: 06/01/2026

1. Who Is the Data Controller?

This website is used to promote and sell tickets for events organised by different legal entities.

Depending on the service, event, or interaction, your personal data may be processed by one of the following entities, each acting as an independent data controller under the General Data Protection Regulation (GDPR):

• Wise Dreams BV
  Roosje Vosplantsoen 38, 2135 NM Hoofddorp, The Netherlands
• Zeppelin Entertainment Ltd
  211, Station Road, HA1 2TP, Harrow, United Kingdom
• Serious Time Pass Limited
  211, Station Road, HA1 2TP, Harrow, United Kingdom
• Aura on Stage Limited
  211, Station Road, HA1 2TP, Harrow, United Kingdom

The specific data controller will be identified on the relevant event page, booking confirmation, invoice, or contractual communication.

These entities operate closely together and may share operational systems and service providers. However, each entity remains independently responsible for compliance with applicable data protection laws.

For questions about this policy or to exercise your data protection rights, you may contact us at: admin@zeppelinentertainment.com

---

2. What Personal Data We Collect

Depending on your interaction with us, we may collect the following categories of personal data:

• Name
• Email address
• Phone number
• Booking and ticketing details
• Date of birth
• City of residence
• Event attendance information
• Customer communications and support messages
• Business contact details of artists, partners, and vendors
• Invoice-related information (name, email, reference details)

We do not process payment card details or bank credentials.

---

3. Why We Process Personal Data (Purposes)

We process personal data for the following purposes:

• • Managing event bookings and ticketing
  • Communicating with customers and attendees
  • Providing customer support
  • Coordinating events, venues, artists, and partners
  • Event-related accounting and financial coordination
  • Internal reporting and business analytics (aggregated data)

---

4. Legal Bases for Processing (GDPR Article 6)

We process personal data based on one or more of the following legal grounds:

• Performance of a contract – to manage bookings, events, and services you request
• Legal obligation – to comply with applicable tax, accounting, and regulatory laws
• Legitimate interests – to operate, improve, and secure our business and services
• Consent – where required by law (e.g. optional marketing communications)

Where processing is based on consent, you may withdraw your consent at any time.

---

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations.

In particular:

• Booking, invoicing, and accounting data is retained for up to 7 years
• Customer support and communication data is retained for up to 2 years after the last interaction
• Aggregated or anonymised data may be retained longer for analytical purposes

---

6. Use of Service Providers

We work with carefully selected service providers who process personal data on our behalf, including for:

• Customer support
• Event operations and coordination
• Administrative and accounting support

These service providers are contractually bound to:

• Process personal data only on our documented instructions
• Implement appropriate technical and organisational measures
• Comply with applicable data protection laws

---

7. International Data Transfers

To operate our services efficiently, we may engage trusted service providers located outside the European Economic Area (EEA), including in India.

Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, including EU Standard Contractual Clauses approved by the European Commission, to ensure your personal data remains protected in accordance with the GDPR.

---

8. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

• Restricted access to authorised personnel
• Secure, password-protected systems
• Confidentiality obligations for staff
• Prohibition of unauthorised data storage or sharing

---

9. Your Rights Under GDPR

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing
• Request data portability
• Withdraw consent (where applicable)

To exercise your rights, please contact us using the details above.

---

10. Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the relevant supervisory authority:

• Netherlands:
  Autoriteit Persoonsgegevens
  https://autoriteitpersoonsgegevens.nl
• United Kingdom:
  Information Commissioner’s Office (ICO)
  https://ico.org.uk

---

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
The most recent version will always be available on our website.