Privacy Policy for CTRL+ALT+FUTURE
Effective Date: 5 December 2025
This Privacy Policy describes how Events& (collectively, "we", "us", or "our") collects, uses, processes, and shares the personal information of visitors and delegates who register for and attend the CTRL+ALT+FUTURE summit (the "Event") via our website, [Your Website URL].
We are committed to protecting your privacy and handling your personal data in an open and transparent manner, in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Information We Collect
We collect and process personal data that you provide directly to us, as well as information collected automatically when you use our website.
1.1 Information You Provide Directly
This includes information provided during registration, enrolment, or when contacting us:
Identity and Contact Data: Name, email address, postal address, telephone number, job title, and the name of your school or organisation.
Delegate Data: Ticket type, dietary restrictions, accessibility requirements, and specific parallel session choices.
Financial Data: While we do not store full payment card details, we record transaction details and confirmation of payment. Payment processing is handled by a secured third-party provider (e.g., SquareUp).
Communication Data: Records of your correspondence with us, including email and chat history.
1.2 Information Collected Automatically
When you visit our website, we automatically collect certain technical and usage data:
Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting and location, operating system, and platform.
Usage Data: Information about how you use our website, including navigation paths, time spent on pages, and referring websites.
Cookies and Tracking: We use cookies and similar tracking technologies to improve site functionality and analyse web traffic.
2. How We Use Your Information (Purpose of Processing)
We process your personal data for the following purposes and rely on the legal bases outlined below:
Purpose of Processing
Legal Basis for Processing (UK GDPR)
Event Registration and Service Delivery (e.g., issuing tickets, setting up masterclasses, managing enrolment)
Contract: Processing is necessary to perform the contract with you to attend the Event.
Communication (e.g., sending pre-event logistics, safety updates, post-event feedback forms)
Legitimate Interest: Necessary for managing our relationship with you and ensuring a smooth Event experience.
Marketing (e.g., sending news about future events, promotions, or offers)
Consent: We will only send direct marketing communications where we have received your explicit, opt-in consent.
Website Improvement (e.g., analysing traffic patterns, fixing errors)
Legitimate Interest: Necessary for us to develop and improve our services and the user experience.
Legal Compliance (e.g., responding to lawful requests from authorities)
Legal Obligation: Necessary to comply with a legal duty.
3. How We Share Your Information
We only share your personal data with third parties where necessary for the operation of the Event, with your consent, or where legally required.
3.1 Service Providers and Processors
We share data with trusted third-party service providers who perform functions on our behalf, such as:
Payment Processors: To securely handle payment transactions.
Venue/Catering: To fulfil dietary and accessibility requirements (shared only as anonymised data where possible, or with necessary details).
IT and Hosting Providers: To maintain the website and data storage securely.
3.2 Event Partners and Sponsors
We do not share attendee contact details with sponsors or partners without your explicit consent. Where you opt-in, we may share basic contact information (Name, Organisation, Email) with specific, named partners.
3.3 School Group Enrolments
If you register as part of a school group, your data may be shared with the relevant school administrator for enrolment verification and safety purposes.
3.4 Legal Disclosure
We may disclose your personal data if required to do so by law, court order, or governmental authority.
4. International Data Transfers
As our Event may involve international speakers or service providers, your personal data may be transferred and stored outside of the UK and the European Economic Area (EEA). Where this occurs, we ensure that appropriate safeguards are in place (such as standard contractual clauses or adherence to approved mechanisms) to protect your data to the standards required by UK GDPR.
5. Your Rights (UK GDPR)
Under UK GDPR, you have the following rights concerning your personal data:
Right of Access: To request a copy of the personal data we hold about you.
Right to Rectification: To request that we correct any inaccurate or incomplete data we hold about you.
Right to Erasure (Right to be Forgotten): To request that we delete your personal data, subject to certain legal obligations.
Right to Restrict Processing: To request that we limit the way we use your personal data.
Right to Object: To object to our processing of your personal data where we rely on legitimate interest as the legal basis.
Right to Data Portability: To request that we transfer your personal data to another party.
If you wish to exercise any of these rights, please contact us using the details in Section 7. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
6. Data Security
We have implemented robust security measures designed to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. We limit access to your personal data to employees, agents, contractors, and other third parties on a strict need-to-know basis.
7. Contact Information
If you have any questions about this Privacy Policy or our data handling practices, please contact us:
Data Protection Officer Events& Email: privacy@ctrlaltfuture.co.uk