You are here: Home

Privacy Policy

Privacy Notice

Introduction

AEG Europe is committed to respecting your privacy. The purpose of this Privacy Notice is to explain how we will process any personal data we collect about you, the rights you have in relation to that data, and to tell you about the policies and procedures that we have in place to respect your privacy and keep your personal data secure.

This Privacy Notice applies to you if you visit a venue, event, tour, or festival promoted or organised by AEG Europe (our “Venues and Events”), purchase a ticket for one of our Events, purchase one of our services, or use our products or services, over the phone, online, through our mobile applications or otherwise by using any of our websites or interacting with us on social media (our “Services”) or supply products or services to us, or enter into an agreement with us.

This Privacy Notice does not apply to our processing of your personal data within the context of a past, current, or future employment relationship.

 

Who are we?

AEG Europe owns, operates, and manages live entertainment venues and sports teams and promotes tours, festivals, and events. AEG Europe consists of a group of companies based in Europe and owned by Anschutz Entertainment Group, Inc. and its subsidiaries (“Our Group”).

The table below shows the relevant controllers for the AEG Europe venues and events:

Venues Controller
Eventim Apollo Hammersmith Apollo Limited
Indigo at The O2 Ansco Music Club Limited
The O2 Arena
Outlets at The O2		 Ansco Arena Limited
Up at The O2 Ansco Roof Walk Limited
British Airways Arc Ansco Music Club 2 Limited
University of Wolverhampton at The Halls AEG Presents Limited
Watford Colosseum Ansco Music Club Limited
Accor Arena La Société Anonyme d’Exploitation du Palais Omnisports de Paris-Bercy (aka SAE POPB)
Adidas Arena La Société Anonyme d’Exploitation du Palais Omnisports de Paris-Bercy (aka SAE POPB)
Bataclan La Société Anonyme d’Exploitation du Palais Omnisports de Paris-Bercy (aka SAE POPB)
Barclays Arena Anschutz Entertainment Group Arena Hamburg GmbH
Uber Eats Music Hall Anschutz Entertainment Group Real Estate GmbH & Co. KG
Anschutz Entertainment Group Development GmbH
Anschutz Entertainment Group Operations GmbH
Uber Arena Anschutz Entertainment Group Arena GmbH
Anschutz Entertainment Group Development GmbH
Anschutz Entertainment Group Operations GmbH
Festivals Controller
American Express Presents BST Hyde Park
Country 2 Country
Eden Sessions presented by Volvo
Forwards
All Points East
LIDO powered by SumUp
American Express Presents Roundhay Festival
Rock en Seine
Piknik i Parken		 AEG Presents Limited

 

Our contact details

If you have any comments or questions about this Privacy Notice or our data processing practices, please email them to us at privacy@aegeurope.com. You can reach the Data Protection Officer by email at dpo@aegeurope.com or, alternatively, send by recorded post for the attention of our Data Protection Officer at:

UK: AEG Europe, 240 Blackfriars Road, London SE1 8NW

France: AEG Presents France, 29 Boulevard des Italiens, Paris Île-de-France, 75002, France

Germany: Anschutz Entertainment Group Development GmbH, Uber-Platz 2, 10243 Berlin, Germany

Norway: AEG Presents Norway, Gøteborggata 27B, 0566 Oslo, Norway

 

Categories of personal data we collect and use

We may collect and use the following categories of personal data:

  • identifying information such as your name or your IP address;
  • your contact information such as your phone number or your postal or email address;
  • gender, date of birth, age and/or age range;
  • information about any device you have used to access our Services or the websites or mobile applications of other companies in Our Group or the websites of AXS Europe Limited (axs.com), or to access the public Wi-Fi service at our Venues and Events;
  • information about visits of pages or sections on the websites or mobile applications provided by us, the other companies in Our Group or by AXS Europe Limited;
  • information about the Services we provide to you;
  • information about transactions you make with other companies in connection with our Events and Venues (including for example, what they have provided to you, when and where and, if applicable, how much you paid);
  • information about you, and any tickets you have purchased through third parties such as AXS or Ticketmaster;
  • bank account details, payment card information, and information from credit reference agencies;
  • location data (for example, if you use Wi-Fi or our mobile applications at one of our Venues or Events, we will record the dates and times you attended and locations you visited at our Venues and Events);
  • your account login details, including your username and password;
  • information you provide us with when you contact us by phone, email, post, chat, or when you communicate with us via social media;
  • information you provide to us about your health (for example when you are buying tickets for wheelchair accessible spaces, when you request a sign language interpreter, or when we are investigating an accident which may have happened at one of our Venues or Events);
  • your vehicle registration number (for example, when you access our site, back of house areas or parking structures in a vehicle or attend one of our outdoor events where parking is available);
  • CCTV images and bodycam audio and video when you visit one of our Venues or Events;
  • information about electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication;
  • answers you provide when you respond to competitions, votes and surveys;
  • your identity, public profile, follows and likes from social media platforms such as Facebook (this may include your employment or education information if you include it in your public profile);
  • information from specialist market research companies who provide us with additional personal data about you and your household such as income, number of children, occupation, social grade, home ownership status, the products and services you use or intend to use or purchase, and your interests; and
  • other personal data which you may disclose to us when you use our Services at any time.

 

Sources of personal data

We will receive your personal data when you provide them to us yourself or when you use or purchase one or more of our Services.

We also receive personal data about you from third parties. Third parties who provide us with personal data about you include:

  • ticket agents such as AXS, Ticketmaster and others, who transfer personal data to us when you purchase a ticket from them for our Events;
  • specialist market research companies, who provide us with additional personal data about you and your household; and
  • Facebook Inc., who, if you have consented, transfer personal data to us when you register for one of our Services using your Facebook account.
  • Telefónica UK Limited, who, if you have consented, transfer personal data to us when you our Wi-Fi service at The O2.

We may combine any personal data about you that we receive from you, from other companies in Our Group, and from third parties to the extent permitted by current data protection laws.

 

How we use your personal data

All personal data that we obtain about you will be used in accordance with current data protection law and this Privacy Notice. We, or processors acting on our behalf, may process your personal data as follows:

  • As necessary, to perform a contract with you, such as a contract to process an order from you for one or more of our Services including, where applicable, taking payment, carrying out fulfilment and delivery, and providing admission to our Venues and Events.
  • As necessary, to comply with a legal obligation imposed on us, for the following purposes:
    • where you exercise your rights under data protection law and make requests; and
    • to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity.
  • As necessary, for our legitimate interests in providing the Services and ensuring they operate safely, securely and in a commercially suitable way which is tailored to your use and interests, for the following purposes:
    • to provide you with the Services;
    • to verify your identity for security purposes;
    • to help us to ensure our customers are genuine and to prevent fraud;
    • to ensure the security of our websites, mobile applications and other technology systems;
    • for the good governance of our business, including keeping financial records, to allow us to pay suppliers and to charge, invoice or refund customers;
    • for internal administrative purposes within Our Group;
    • to search credit reference agencies before we provide you with credit;
    • to prevent and detect crime and to keep people who visit and work at our Venues and Events safe and secure;
    • to manage, record and investigate health and safety and other incidents which have happened or may have happened at one of our Venues or Events;
    • to count the numbers of people who visit our Venues and Events, and to analyse flows of people around our Venues and Events for safety and commercial purposes;
    • to manage access to specific areas at our Venues and Events (for example, we will use lists of people and/or vehicles to allow us to manage access to backstage, VIP or premium viewing areas);
    • to provide you with information about our Services, to contact you about administrative matters, and to manage and respond to any queries or complaints you make or any correspondence you send us;
    • to help us to return lost property to its rightful owner;
    • to process your competition entries and your survey information;
    • to market our Services and goods and services from other companies, including sending marketing communications and, where applicable, processing your registration, creating custom marketing audiences on third-party websites such as Facebook, and profiling and automated decision-making relating to our marketing;
    • to “geo-fence” marketing so that you receive marketing communications or see advertisements which are relevant to your location;
    • to operate competitions, including notifying you if you have won, to confirm delivery of a prize or for other related purposes;
    • for market research and statistical analysis and to analyse the use of our Services so that we can improve them. and
    • to establish, exercise or defend legal claims.
  • Based on your consent, for the following purposes:
    • to send you marketing communications;
    • to post some of your data on our websites or mobile application if you win a competition; and
    • to share your data with third parties for marketing or promotional purposes.
    • to capture and sell photographs of your participation in attractions, such as Up @ the O2
    • to target customers with personalised advertising on social media platforms.
    • in promotional content created at events for marketing future shows and tours
  • Based on your explicit consent, when you provide us with personal data about your health, for the following purposes:
    • to provide you with tailored services (for example, a wheelchair accessible space or a sign language interpreter); and
    • to manage and help us investigate an incident which may have taken place at one of our Venues or Events.
    • to verify eligibility for accessible facilities at events, including reviewing supporting documentation.

We will collect and aggregate on an anonymous basis information about you, your spending and use of our Services with information about other users of the Services in order to identify trends (“Aggregated Data”). We may pass Aggregated Data to the third parties referred to in the section below, such as partners, to give them a better understanding of our business and to bring you a better service. Aggregated Data will not contain information from which you may be personally identified.

 

Sharing your personal data

We may share your personal data with other companies in Our Group.

We may share your personal data with processors and other third parties that help us to provide the Services. Any processors and other third parties with whom we share your personal data are limited (by law and by contract) in their ability to use your personal data for any purpose other than to provide services for us. We will always ensure that any processors and other third parties with whom we share your personal data are subject to privacy and security obligations consistent with this Privacy Notice and applicable laws.

If you have consented, we will share your personal data with other trusted third parties, for example the artists, promoters or sponsors we work with, so that they can use your personal data for marketing or promotional purposes by sending you information about related products or service that may be of interest to you.

We may also disclose your personal data to third parties in the following circumstances:

  • if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if we (or substantially all of our assets) are acquired by a third party, in which case personal data held by us will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity;
  • in order to enforce or apply our Terms of Use or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
  • to protect the rights, property, or safety of us, our customers or other persons. This may include exchanging personal data with other organisations for the purposes of fraud protection and credit risk reduction.

Save as expressly detailed above in this section, we will never share, sell or rent any of your personal data to any third party without notifying you and/or obtaining your consent.

 

International transfers of your personal data

Your personal data may be transferred to, and processed in, a location outside of the United Kingdom.

In particular, your personal data may also be processed by staff operating in the United States or in the European Union working for us, other members of Our Group, processors and other third parties. Such staff may be engaged in, among other things, the provision of our Services to you, the processing of transactions and/or the provision of support services.

For some countries and territories such as the European Union, the government has issued adequacy regulations. Personal data transferred to or processed in those countries will enjoy a level of protection that is essentially equivalent to the United Kingdom.

Other countries may not have laws that protect your privacy rights as extensively as United Kingdom. However, if we do transfer your personal data to those countries, we will put in place appropriate safeguards to ensure that your personal data are properly protected and processed only in accordance with this Privacy Notice. Those safeguards may include imposing contractual obligations of adequacy, supplementary technical measures, or requiring the recipient to subscribe to or be certified with an ‘international framework’ of protection.

You can obtain more information about the safeguards we put in place by contacting us at privacy@aegeurope.com.

 

How long do we keep your personal data?

We will normally retain your personal data for as long as necessary to fulfil the purposes for which they are being processed. This will generally be as long as you use our Services and for up to two years after your last use of our Services or your last interaction with us (for example, the last time you opened an electronic communication from us or visited one of our websites).

However, in some circumstances we will retain your personal data for a shorter period, including:

  • we will retain recorded CCTV footage and bodycam audio and video from our Venues and Events for no longer than one month, unless we are required to retain it for longer (for example, if we are investigating an incident, or have been asked to retain specific CCTV footage for a longer period by government or law enforcement officials).

We will retain your personal data for longer if we believe we may need them in order to respond to any claims, to protect our rights or the rights of a third party, and we will retain your personal data for longer if we are required to retain them in order to comply with applicable laws.

 

Automated decision-making and profiling

We may combine any personal data about you that we receive from you, from other companies in Our Group, and from third parties in order to create marketing profiles.

Marketing profiles include personal data such as information about Services you have used or purchased previously, information about when you have visited one of our Events in the past, demographic data and data from your social media profiles.

For example, we may analyse the personal data of people who have purchased tickets for a particular future event that we are promoting or organising and then compare them with other people in our database. If we identify people in our database who have similar personal data to the original purchasers, we may then target marketing about that event to the new people we have identified in our database, for example by sending direct marketing emails. We may conduct the profiling and send the direct marketing emails automatically.

We conduct these automated decision-making and profiling activities for our legitimate interests in providing the Services and ensuring they operate in a commercially suitable way which is tailored to your use and interests.

We will ensure that the automated decision-making and profiling does not produce legal effects concerning you or similarly significantly affects you.

 

Your rights

To the extent set out by applicable data protection laws, you may contact us at any time by emailing privacy@aegeurope.com to:

  • request that we provide you with information about or a copy of the personal data which we hold about you;
  • request that we update any of your personal data which are inaccurate or incomplete;
  • request that we delete any of your personal data which we are holding;
  • request that we restrict the way that we process your personal data;
  • request that we provide your personal data to you or a third-party provider of services in a structured, commonly-used and machine-readable format;
  • object to us processing personal data based on our legitimate interests, including profiling; or
  • object to us processing your personal data for direct marketing purposes.

Your request should include your name and your email address. We may request proof of your identity to ensure that these rights are only exercised by the individuals to whom the personal data belong.

 

CCTV Access Requests

These relate specifically to CCTV footage captured at our Venues and Events. If you want to request access to CCTV images of yourself, please use our dedicated form: Privacy Web Form.

When submitting a request, please complete all fields. We may ask for proof of identity to ensure these rights are exercised by the correct person.

 

Withdrawing your consent

Where we are processing your personal data based on your consent, you may change your mind and withdraw your consent at any time.

You can withdraw your consent to receive marketing communications by clicking on the unsubscribe link in an email or by adjusting the push message settings for the mobile application.

You can also withdraw your consent to receive marketing communications or any other consent you have previously provided to us by contacting us at privacy@aegeurope.com.

The consequence of you withdrawing consent might be that we cannot do certain things for you. Withdrawing your consent has no effect on any prior processing of your personal data.

 

Right to lodge a complaint with a supervisory authority

You may make a complaint to a supervisory authority for data protection matters:

United Kingdom: Information Commissioner’s Office (https://ico.org.uk/)

France: Commission nationale de l’informatique et des libertés (https://www.cnil.fr/en)

Germany: Federal Commissioner for Data Protection and Freedom of Information (https://www.bfdi.bund.de/EN/Home/home_node.html)

Norway: Datatilsynet (https://www.datatilsynet.no/en/)

If you live in a country that is a member of the European Union, you may complain to the supervisory authority in your country. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.

 

How do we protect your personal data?

We use industry standard technical and organisational security measures to protect your personal data. We keep your personal data secure by implementing policies, procedures and access controls so that only authorised members of our staff or authorised third parties can access your personal data. We protect our information technology systems with firewalls, anti-virus and anti-malware software and other information security technology solutions. When we transfer your personal data to third parties we use encryption tools to keep your personal data secure.

We cannot guarantee the security of your personal data when you transmit it to us using insecure transmission methods such as email. Once we have received your personal data, we will use appropriate procedures and security features to prevent unauthorised access.

Where a password is required to access one of our Services, you are responsible for keeping this password confidential. When setting a password, you are responsible for choosing a secure one. We ask you not to share a password with anyone. We will never ask for your password.

 

Links to other websites and mobile applications

We sometimes provide you with links to other websites or mobile applications, but these websites and mobile applications may not be under our control. We are only responsible for the privacy practices and security of our Services. We are not responsible for the privacy policies, content or security of any linked websites or mobile applications. We recommend that you check the privacy and security policies of each website and each mobile application that you visit.

 

Cookies and other tracking technologies

We may use cookies and web beacons on our websites. Third parties may also view, edit, or set their own cookies or place web beacons on our websites.

Cookies and web beacons are used by us and third parties for the following purposes:

  • to distinguish you from other users of the website;
  • to enable certain features of our websites (for example, to allow a customer to maintain a basket when they are shopping at an online store);
  • to analyse the traffic to our websites (for example, we can count how many people have looked at a specific page, or see how visitors move around the website when they use it, and use this information to improve the website);
  • to help target advertisements which are more likely to be of interest to you;
  • to allow us carry out retargeting (this is when advertisements are presented to you for products or services which you have previously looked at on a website, but have not purchased);
  • to allow you to interact with our websites on social media platforms.

The use of these technologies by such third parties is subject to their own privacy policies and is not covered by this Privacy Notice, except as required by law.

 

Changes to our Privacy Notice

We reserve the right to change our Privacy Notice from time to time. Any such changes will be posted on this page so that we can keep you informed about how we process your personal data. We recommend that you consult this page frequently so that you are aware of our latest Privacy Notice and can update your preferences if necessary.

This Privacy Notice was last updated on 20 November 2025.