Privacy Policy
Effective Date: 24 March 2026
Castlemills Events Limited ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you interact with us, including through our website, ticket sales, events, marketing, and other services.
We are a limited company registered in Ireland under company number 811205, with our registered office at Ormonde Mills, Canal Walk, Kilkenny, Ireland.
For the purposes of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, Castlemills Events Limited is the data controller of your personal data.
1. Information We Collect
We may collect the following categories of personal data:
Contact and Identity Information: Name, email address, phone number, postal address, date of birth (where relevant for age-restricted events).
Ticket and Booking Information: Details of tickets purchased, payment information (processed securely by third-party providers), booking references, and event attendance data.
Event-Related Data: Dietary requirements, accessibility needs, health information (only where you voluntarily provide it for safety or reasonable adjustments), photos or videos taken at our events (where you are identifiable).
Technical and Usage Data: IP address, browser type, device information, cookies, and analytics data when you visit our website or use our online services.
Marketing and Communication Preferences: Information about how you prefer to receive updates from us.
We do not knowingly collect data from children under 16 without appropriate parental consent.
2. How We Collect Your Data
We collect data directly from you when you:
Purchase tickets or register for an event
Sign up for our newsletter or marketing communications
Contact us via email, phone, social media, or our website
Participate in surveys, competitions, or feedback forms
Attend our events (including through CCTV or event photography/videography)
We may also receive data indirectly from authorised third parties such as ticket platforms, payment processors, or co-promoters.
3. Legal Basis for Processing Your Data
We process your personal data on the following lawful bases under the GDPR:
Performance of a contract: To process your ticket purchase, deliver event services, and communicate with you about your booking.
Legitimate interests: To improve our services, conduct analytics, and ensure the safety and security of our events. We will only send marketing where permitted under ePrivacy rules.
Consent: For direct marketing emails/SMS, non-essential cookies, and certain photography/videography uses. You can withdraw consent at any time.
Legal obligation: To comply with tax, accounting, health & safety, or other regulatory requirements.
Vital interests or public interest (rarely): In emergency situations affecting attendee safety.
4. How We Use Your Personal Data
We use your data to:
Process and manage ticket sales and event bookings
Provide you with event information, updates, and changes
Send marketing communications (only with your consent or where permitted by law)
Improve our website and services through analytics
Ensure security and prevent fraud at our events
Comply with legal and regulatory obligations
Respond to your enquiries and provide customer support
5. Sharing Your Personal Data
We may share your personal data with:
Service providers: Ticket platforms, payment processors, venue operators, security companies, and marketing agencies who process data on our behalf (under strict data processing agreements).
Professional advisers: Lawyers, accountants, or auditors when required.
Law enforcement or regulators: Where we are legally obliged to do so.
Event partners/sponsors: Limited data (e.g., name and email) only where you have explicitly consented or it is necessary for the event.
We do not sell your personal data to third parties.
International transfers of data (outside the EEA) will only occur where appropriate safeguards are in place (e.g., Standard Contractual Clauses or adequacy decisions).
6. Data Security
We implement appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration, or disclosure. These include encryption, access controls, and regular security reviews.
7. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Typically:
Ticket/booking records: up to 7 years for accounting and legal purposes.
Marketing consent records: for as long as you remain opted in.
Event photos/videos: as long as they remain relevant for promotional use (subject to your rights).
8. Your Rights
Under the GDPR, you have the following rights (subject to certain conditions):
Right to access your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing (including for marketing)
Right to withdraw consent at any time
To exercise any of these rights, please contact us using the details below. We will respond within one month (or longer if permitted by law).
You also have the right to lodge a complaint with the Data Protection Commission (Ireland's supervisory authority): Website: www.dataprotection.ie Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28
9. Cookies and Website Tracking
Our website uses cookies and similar technologies. For full details, please see our separate Cookie Policy [link to be added].
10. Changes to This Privacy Policy
We may update this policy from time to time. The latest version will always be available on our website, and we will notify you of significant changes where required.
11. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us:
Protection Contact:
Castlemills Events Limited
Ormonde Mills, Canal Walk
Kilkenny, Ireland
Email: info@castlemills.ie