UNUM Festival – Privacy & GDPR Policy

Effective Date: 01.01.2025
Last Updated: 23.08.2025

UNUM Festival (“we,” “our,” “us”), operated by OPS Group LTD, is committed to protecting your personal data and respecting your privacy. This Privacy & GDPR Policy explains how we collect, use, store, and share your personal information when you purchase tickets, attend our events, or interact with our platforms.

 

1. Data Controller & Ownership

The data controller responsible for your personal data is:

OPS Group LTD / UNUM Festival
 Shëngjin, Albania
Email: info@unumfestival.com

All personal data collected in connection with UNUM Festival is the property of OPS Group LTD and UNUM Festival.

 

2. Data We Collect

We may collect the following categories of personal data:

  • Identity Data: Name, date of birth, nationality, ID/passport details (where required for entry).
  • Contact Data: Email address, phone number, postal address.
  • Payment Data: Payment card details (processed securely by third-party payment providers).
  • Ticketing Data: Ticket purchases, booking history, wristband/entry codes.
  • Marketing Data: Preferences, survey responses, mailing list sign-ups.
  • Event Participation Data: Photos, video, or audio recordings from the festival for promotional purposes (with appropriate notice and consent).
  • Technical Data: IP address, device information, browsing behavior on our website.

 

3. How We Use Your Data

We process your data to:

  • Manage ticket sales and provide customer support.
  • Verify your identity for event access.
  • Ensure health, safety, and security at the festival.
  • Send you important updates about the event.
  • Provide marketing communications (if you have consented).
  • Improve our website and customer experience.
  • Comply with legal obligations.
  • Commercial purposes, including sharing or selling data to selected third parties (see Section 5).

 

4. Legal Basis for Processing

We process your personal data under the following legal grounds:

  • Contractual necessity – to deliver the services you purchase (e.g., tickets).
  • Legal obligations – to comply with Albanian and EU laws (e.g., tax, safety).
  • Legitimate interests – for event management, security, limited marketing, and responsible commercial partnerships.
  • Consent – for marketing communications, promotional use of images, and where legally required for data sharing.

 

5. Data Sharing & Third Parties

We may share or sell your personal data with:

  • Payment providers & ticketing partners (for secure payments and ticket delivery).
  • Security & health services (to ensure event safety).
  • Marketing and commercial partners (for promotions, collaborations, and targeted offers).
  • Selected third parties – OPS Group LTD and UNUM Festival reserve the right to share or sell customer data to trusted partners for legitimate business purposes, including marketing, analytics, and sponsorship agreements.
  • Public authorities (when legally required).

We ensure that third parties comply with GDPR and apply safeguards when handling your data.

 

6. Data Transfers

Since UNUM Festival is based in Albania, your data may be processed outside the European Economic Area (EEA). We ensure appropriate safeguards (e.g., standard contractual clauses) are in place when transferring data internationally.

 

7. Data Retention

We retain your data only as long as necessary:

  • Ticketing and payment records: up to 7 years (for tax and legal compliance).
  • Marketing data: until you withdraw consent or unsubscribe.
  • Photos/videos: retained for promotional archives unless you request removal.
  • Commercial data shared with partners: retained in accordance with third-party partner policies.

 

8. Your Rights (Under GDPR)

You have the following rights:

  • Access – Request a copy of your personal data.
  • Rectification – Correct inaccurate or incomplete data.
  • Erasure (“Right to be Forgotten”) – Request deletion of your data, unless required for legal or contractual purposes.
  • Restriction – Limit how your data is processed.
  • Data portability – Receive your data in a transferable format.
  • Object – To processing based on legitimate interest or direct marketing.
  • Withdraw consent – At any time for marketing or optional services.

To exercise your rights, contact us at [Insert Contact Email].

 

9. Security

We implement technical and organizational measures to safeguard your data, including encryption, secure servers, and access restrictions. However, no system is 100% secure.

 

10. Cookies & Tracking

Our website uses cookies and tracking technologies to improve your browsing experience. You can manage cookie preferences in your browser.

 

11. Children

Our festival and services are not directed at children under 16. We do not knowingly collect data from minors without parental consent.

 

12. Contact & Complaints

If you have questions or wish to exercise your rights:

Email: info@unumfestival.com
Address: UNUM Festival, Shëngjin, Albania

If you are based in the EU, you may also lodge a complaint with your local Data Protection Authority (DPA).