Privacy Policy
Last updated: 8 June 2026
1. Who we are and what this policy covers
1.1 The Entrepreneur Festival Limited (“we”, “us” or “our”) is a company registered in England and Wales under company number 16669636 with registered address at Arthington Hall, Arthington Lane, Arthington, Otley, LS21 1PH. We organise business trade conferences and events (each an “Event”) and operate the website at www.the-entrepreneur-festival.com (the “Website”).
1.2 We are usually the “controller” of the personal data we collect about you. That means we decide why and how your personal data is used, and we are responsible for looking after it.
1.3 This policy provides information about the personal data we collect about you, how and why we use it, who we may share it with, and the rights you have. It applies when you visit the Website, register for or attend an Event, buy a ticket, download Resources, sign up to our communications, or otherwise deal with us.
1.4 We process personal data in accordance with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (“PECR”) for cookies and electronic marketing.
1.5 If you have any questions about this policy or about how we use your data, please contact us at info@the-entrepreneur-festival.com or write to us at the address above, marked for the attention of Sam Kearsley.
2. The personal data we collect
2.1 Depending on how you interact with us, we may collect and use the following types of personal data:
- Identity and contact data – your name, job title, employer or organisation, email address, telephone numbers, and postal or billing address.
- Account data – your username, a securely stored password, and your settings and preferences.
- Booking and transaction data – the tickets and services you order, your order history, invoice details and confirmation of payment. Your card details are entered directly with our payment provider, Stripe – we do not collect or store your full card number (see clause 6).
- Event participation data – the sessions you register for or attend, badge scans, meetings and networking requests, and any feedback you give us.
- Speaker, sponsor and exhibitor details – If you speak, sponsor or exhibit at one of our events, we may process your biography, photograph, presentation materials, professional profile, social media handle, session details, company information and logistical requirements.
- Dietary and accessibility requirements – if you tell us about these so we can support you at an Event. This can be more sensitive information (“special category data”) because it may reveal details about your health or beliefs, so we only use it where you have given your explicit consent by providing it for that purpose, and only to make arrangements for you.
- Marketing and communications data – your marketing preferences, survey responses, and any correspondence you have with us.
- Website and technical data – your IP address, device and browser type, and information about how you use the Website, collected through cookies and similar technologies (see our Cookie Policy for further details).
- Images and recordings – photographs, video or audio that may be captured at our Events (see clause 5.5).
2.2 We do not knowingly collect special category data (such as data about health, race, religion, or political opinions) other than the dietary and accessibility information described above, which you choose to provide.
3. How we collect your data
3.1 We collect personal data in three main ways:
- Directly from you – when you register, create an account, buy a ticket or partnership package, download a Resource, complete a form, attend an Event, or otherwise contact or interact with us.
- Automatically – as you use the Website, through cookies and similar technologies and our server logs.
- From third parties – for example our event registration and ticketing partners, sponsors who introduce you to us, analytics providers, publicly available sources such as professional networking sites, and specialist third party providers such as data brokers.
4. How and why we use your personal data
4.1 Data protection law requires us to have a “lawful basis” for using your personal data. The table below sets out what we use your data for and the lawful basis we rely on. Where we rely on our “legitimate interests”, this means our interest in running and growing our events business in a way that does not override your rights.
| What we use your data for | Our lawful basis |
| To verify your identity | Performance of our contract with you; our legitimate interests (to protect against unlawful activities such as identify fraud) |
| To operate our business and provide you with the services you have ordered | Performance of our contract |
| To take and confirm payment (via Stripe) | Performance of our contract; and compliance with a legal obligation (accounting and tax) |
| To create and manage your account | Performance of our contract; our legitimate interests (to manage our relationship with you) |
| To correspond with you, including service messages about your booking or account and dealing with any enquiry or complaint you may have | Performance of our contract; our legitimate interests (to manage our relationship with you) |
| To send you marketing communications | Our legitimate interests: to provide you with information about our services (including future events) which we think will be of interest to you. Please note, we only send email marketing communications to our Corporate Contacts and any marketing email that you receive from us will allow you to unsubscribe from further marketing communications |
| To contact you in connection with user/customer/member surveys and to use any information you choose to submit in response | Our legitimate interests: to ask you to provide feedback on our website and services to help us improve them |
| To plan, run and administer our Events and other services, including badge scanning and networking features | Performance of our contract; and our legitimate interests in delivering the best quality events and services to you |
| To make dietary and accessibility arrangements you ask for | Your explicit consent (for the sensitive element); performance of our contract; our legitimate interests in delivering the best quality events to you |
| To collate and share delegate lists (this is limited to name, job title, company name and company email/telephone number only) and to create a delegate profile on our delegate directory | Performance of our contract; our legitimate interests: to monitor and manage attendance at our events |
| To share your personal data with our conference sponsors and other associated businesses in our corporate group so that they may send you marketing communications | Our legitimate interests: to allow our conference sponsors to provide you with information about their services which they think will be of interest to you. Please note, we only share personal data of our Corporate Contacts and any marketing email that you receive from them will allow you to unsubscribe from further marketing communications |
| To confirm visitor numbers and interest at exhibition stands and other content at the Event | Our legitimate interests: to help us monitor attendance and interests at our events |
| To anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes. | Our legitimate Interests: to help us improve our website and deliver the best quality of services to you |
| To provide the website and make Resources available to you | Our legitimate interests (operating and improving our Website) |
| To understand how the Website is used and improve it | Your consent (for non-essential cookies); our legitimate interests |
| To keep our business and the Website secure and prevent fraud | Our legitimate interests; compliance with a legal obligation |
| To allow you to use any interactive features on the website or as part of a service provided to you | Performance of our contract; and our legitimate interests in delivering the best quality services to you |
| To transfer our business or assets (see clause 7.2) | Our legitimate interests in running our business |
| To comply with our legal and regulatory obligations | Compliance with a legal obligation |
| To establish, exercise or defend legal claims | Our legitimate interests in protecting our business |
4.2 If we need to use your personal data for a purpose that is not compatible with those above, we will tell you and, where the law requires, ask for your consent.
5. Attending our Events
5.1 When you attend an Event we may issue you with a badge and use badge scanning to manage entry, attendance, and access to event sessions and other content.
5.2 Networking and meeting features are optional. Where you use them, you choose what to share and who to connect with.
5.3 Our Events are supported by sponsors and exhibitors. If you scan your badge at a stand, attend a sponsored session, enter a prize draw, or otherwise choose to engage with a sponsor or exhibitor, your contact details may be shared with them so they can follow up with you. That sponsor or exhibitor will then be a separate controller of your data and will use it under its own privacy policy. You do not have to take part.
5.4 We will tell you before an Event how to manage what is shared, and you can ask us not to pass your details to sponsors or exhibitors.
5.5 Photography and filming. We may photograph, film or record our Events for our own records and for marketing purposes. We rely on our legitimate interests in promoting our Events. You can ask our staff not to be photographed or ask us to remove an identifiable image of you from our promotional materials, which we will do where it is reasonable to do so.
6. Payments
6.1 Card payments are processed by Stripe Payments UK Ltd (“Stripe”), a third-party payment provider. When you pay, your card details are provided directly to Stripe and are handled under Stripe’s own terms and privacy policy.
6.2 We do not collect or store your full card details. We receive confirmation of payment and limited transaction information so that we can fulfil and account for your order.
7. Who we share your data with
7.1 We may share personal data with the following types of recipient, only as far as is necessary:
- Our employees and agents and other businesses in our corporate group
- Service providers acting on our behalf (“processors”) – including Stripe (payments), our website hosting and IT providers, our event registration, ticketing and badge-scanning platforms, our email and CRM providers, and analytics providers. They may only use your data on our instructions and must keep it secure.
- Event sponsors and exhibitors – where you choose to engage with them, as explained in clause 5.3.
- Event delegates, sponsors and exhibitors – via a delegate profile on our delegate directory (this is limited to name, job title, company name and company email/telephone number only).
- Event venues – for access, security and health and safety.
- Speakers and other delegates –where you use networking features and choose to share your details.
- Our professional advisers – such as our lawyers, accountants, auditors and insurers.
- Authorities and regulators – where we are required to share data by law, or to protect our rights, property or safety.
7.2 Business transfers. If we sell or reorganise our business, or transfer our assets, we may disclose your data to the prospective buyer or new operator, who will be required to use it in line with this policy.
8. Sending data outside the UK
8.1 Some of our suppliers are based outside the UK, so your data may be transferred internationally. Where it is, we make sure it is protected to a standard equivalent to UK law by relying on one of the following: a UK “adequacy” decision for the country concerned; the UK’s International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses; or another safeguard permitted by law.
8.2 You can ask us for more detail about the safeguards we use by contacting us at info@the-entrepreneur-festival.com.
9. How long we keep your data
9.1 We keep your personal data only for as long as we need it for the purposes set out in this policy, and to meet our legal and accounting obligations. As a guide:
| Type of data | How long we keep it |
| Booking, transaction and accounting records | 6 years after the end of the relevant financial year (tax and accounting requirements) |
| Account data | While your account is active, and then for 3 years of inactivity before we delete or anonymise it |
| Marketing preferences and suppression data | Until you opt out; we then keep a minimal record so we can honour your choice |
| Enquiries and general correspondence | 2 years after our last contact with you |
| Event photographs and recordings used for marketing | 5 years, or until you ask us to stop using an identifiable image of you |
| Website usage and cookie data | As set out in the Cookie Policy |
10. Your rights
10.1 You have the following rights over your personal data. In most cases you will not have to pay a fee, however, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We will respond to requests within one month.
- Access – ask for a copy of the data we hold about you (commonly known as a “data subject access request”).
- Correction – ask us to correct data that is wrong or incomplete.
- Erasure – ask us to delete your data in certain circumstances.
- Restriction – ask us to pause our use of your data while a concern is resolved.
- Portability – ask us to provide certain data to you, or another provider, in a reusable format.
- Objection – object to us using your data where we rely on legitimate interests; and object to direct marketing at any time, which we will always honour.
- Withdraw consent – where we rely on your consent, you may withdraw it at any time (this does not affect anything we did before you withdrew it).
10.2 We do not make decisions about you using solely automated means that have a legal or similarly significant effect.
10.3 To exercise any of these rights, contact us at info@the-entrepreneur-festival.com. We may need to confirm your identity first. If we cannot agree to a request, we will explain why.
11. Keeping your data secure
11.1 We use appropriate technical and organisational measures to protect your personal data, including access controls, encryption in transit, and limiting access to staff and suppliers who need it.
11.2 No system is completely secure. If a personal data breach occurs that is likely to put your rights at risk, we will notify the ICO, and you (where required), in line with our legal obligations.
12. Children
12.1 The Website and our Events are intended for business users only. You must be at least 18 to buy a ticket. We do not knowingly collect data from children under 18.
13. Third Party Links
13.1 Our Website may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy policy of every website you visit before you submit any personal data to such websites.
14. Changes to this policy
14.1 We may update this policy from time to time. The “Last updated” date at the top shows when. Where a change is significant, we will take reasonable steps to bring it to your attention.
15. How to contact us and complain
15.1 If you have any questions or concerns, please contact us first at info@the-entrepreneur-festival.com or The Entrepreneur Festival, 4240 Park Approach, Thorpe Park, Leeds, LS15 8GB – we will do our best to help.
15.2 You also have the right to complain to the Information Commissioner’s Office (ICO), the UK regulator for data protection:
- Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
- Helpline: 0303 123 1113
- Website: ico.org.uk
15.3 We would, though, appreciate the chance to resolve your concern before you approach the ICO.