The event organiser, Madruga Festival, has the legal responsibility to tell ticket buyers and event attendees how their personal information will be collected and used. You can find their Privacy Policy below or contact them to request it.
Madruga Ticketing Privacy Policy
Last updated: [25/10/25]
This Privacy Policy describes how ESO Music Group Ltd (“Madruga,” “we,” or “us”) collects and processes personal data when individuals purchase tickets or attend Madruga events.
1. Data Controller
ESO Music Group Ltd
Registered in England and Wales
Lockwood House, E5 9RE
Email: hello@madrugafestival.co.uk
We determine the purposes and means of personal data processing in accordance with UK GDPR and the Data Protection Act 2018.
2. Categories of Personal Data
We may collect the following personal data:
Full name and contact details (email, phone number)
Age and ID verification information for 21+ entry compliance
Ticket purchase details (transaction data, order history)
Payment information (processed securely by third-party providers)
Wristband or barcode scan data for venue entry
Communication preferences and consent records
Incident or medical information where required by safety regulations
3. How Data Is Collected
Personal data may be collected through:
Ticketing partners and payment processors
Event access systems (e.g., scanners at entry points)
Customer service communications
Forms completed for accessibility or medical support requests
4. Lawful Bases for Processing
We process personal data on the following lawful grounds:
Contract performance: issuing and managing ticket access
Legal obligation: licensing compliance, safety, and age verification
Legitimate interests: event security, fraud prevention, operational analytics
Consent: email marketing or promotional communications
Consent may be withdrawn at any time using unsubscribe links or by contacting us.
5. Use of Personal Data
We use personal data only for purposes necessary to operate the Event:
Managing ticket purchases and customer queries
Providing access control and safety management
Regulatory reporting, if requested by authorities
Sending event information, updates, or service notices
Marketing communications where consent is provided
6. Sharing of Personal Data
We may share data with:
Authorised staff and operational teams
Ticketing and payment service providers
Contractors providing entry and security services
Emergency or regulatory authorities where required by law
Personal data is never sold to unrelated third parties.
7. International Transfers
If personal data is transferred outside the UK or EEA, appropriate safeguards such as Standard Contractual Clauses or similar mechanisms will be applied to ensure compliant levels of protection.
8. Data Retention
Personal data will be held only for the minimum duration necessary to fulfil transactional, safety, accounting, and legal obligations, after which it will be securely deleted or anonymised.
9. Data Security
Appropriate technical and organisational measures protect personal data against unlawful access, alteration, disclosure, or loss. We require our service partners to implement equivalent security standards.
10. Your Rights
Individuals have the following rights under UK data protection law:
Access to personal data held about them
Correction of inaccurate or incomplete data
Erasure where data is no longer required or consent is withdrawn
Restriction of processing in specific circumstances
Objection to direct marketing or certain types of processing
Data portability (where applicable)
To exercise these rights, a request can be submitted to: hello@madrugafestival.co.uk
Individuals also have the right to lodge a complaint with the ICO (www.ico.org.uk).
11. Updates to This Policy
We may modify this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. The latest version will always appear on the Madruga website.