top of page

Privacy Policy

​

Privacy Policy (Nat20 Fest)

​

Last updated: 9 January 2026

Nat20 Fest (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what we collect, how we use it, and your rights.

​

This policy is intended to meet the transparency requirements of UK data protection law (UK GDPR and the Data Protection Act 2018). (GOV.UK)

​

1) Who we are (Data Controller)
​

Data Controller: Nat20 Fest
Email: privacy@nat20fest.com
 

If you have any questions about this policy or how we handle your data, contact us using the details above.

​

2) What personal data we collect
​

When you use our website, we may collect:

  • Identity data: your name

  • Contact data: your email address

  • Message data: anything you write in a contact form 

​

3) How we collect your data
​

We collect your data when you:

  • Fill in a form on our website (e.g., “join the list”, newsletter signup, contact form)

  • Email us directly

  • Interact with our emails (e.g., open/click tracking), if enabled by our email provider

​

4) Why we use your data (and our lawful basis)
​

We use your data for the purposes below:

​

A) To send you updates (e.g., announcements, ticket news)

​

  • What we use: name, email

  • Why: to email you information you asked for

  • Lawful basis: consent (you can withdraw at any time by unsubscribing or contacting us) 

​

B) To respond to enquiries

​

  • What we use: name, email, message content

  • Why: to reply to messages you send us

  • Lawful basis: legitimate interests (running and supporting our event and communications)

​

C) To operate and improve the website 

​

  • What we use: basic technical/usage data

  • Why: to keep the site secure, working properly, and understand what pages are useful

  • Lawful basis: legitimate interests and/or consent (depending on the type of cookies used)

​

5) Marketing preferences
​

We will only send marketing-style emails (updates, announcements, offers) if you have opted in (or where another lawful route applies). You can unsubscribe at any time by contacting us. 

​

6) Do you have to provide your data?
​

You do not have to provide your name or email address, but if you don’t, we may be unable to:

  • add you to our mailing list, or

  • respond to your enquiry.

​

7) Who we share your data with
​

We do not sell your personal data.

We may share your data with trusted service providers who help us run the website and send emails, such as:

  • Website hosting / website platform (e.g., Wix)

  • Email marketing provider (e.g., Mailchimp / Klaviyo / Wix Email Marketing)

  • IT and security providers (as needed to keep the site secure)

These providers act as data processors and are only allowed to use your data to provide services to us.

​

8) International transfers
​

Some of our service providers may store or process data outside the UK. Where this happens, we ensure appropriate safeguards are in place (for example, approved contractual protections) to protect your data.

​

9) How long we keep your data
​

We keep your data only as long as necessary:

  • Mailing list signups: until you unsubscribe, or until we stop running the mailing list

  • Enquiries: typically up to [12–24] months after the conversation ends, unless we need to keep it longer for legal/record-keeping reasons

​

10) How we keep your data safe
​

We use reasonable administrative and technical measures to protect your data, including access controls and using reputable service providers. No method of transmission over the internet is completely secure, but we work to protect your information.

​

11) Your data protection rights
​

You have rights under UK GDPR, including the right to:

  • be informed about how your data is used

  • access your data

  • correct inaccurate data

  • request deletion of your data

  • restrict processing

  • object to processing (in certain cases)

  • data portability (in certain cases)

  • withdraw consent at any time (where consent is the lawful basis)

We will respond to valid requests in line with applicable law. (ICO)

​

12) Complaints
​

If you have concerns, please contact us first and we’ll do our best to resolve it.

You also have the right to complain to the Information Commissioner’s Office (ICO), the UK regulator for data protection. (ICO)

​

13) Children’s privacy
​

Our website is not intended for children to submit personal data without a parent/guardian’s consent. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps.

​

14) Changes to this policy
​

We may update this Privacy Policy from time to time. The latest version will always be posted on this page with the “Last updated” date.

I

bottom of page