Privacy policy
Privacy policy ROCKFEST

Last revised on 16 May 2018

1. General
ROCKFEST (“ROCKFEST”, “we”, “us”) collects data when you have purchased a ticket to attend an event, when you create an account (“Account”), when you send us an e-mail and/or when you use our website [] (“Website”), apps or social media (“Services”).

You may not always be aware of it, but using our Website implies sharing personal data. According to the legal definition, personal data means any information relating to an identified or an identifiable natural person (“Personal Data”). It is sufficient to be regarded as Personal Data if the data allows us to make a direct or indirect link between one or more data on the one hand and a natural person on the other hand.

We believe the protection of your privacy is very important and would like to provide clarity, and, hence, we have prepared this privacy policy (“Privacy Policy”). ROCKFEST will only use your Personal Data for the purposes stated in this Privacy Policy and we will not disclose your Personal Data to any natural person, legal person, or entity (other than ROCKFEST (“Third Party”)), unless set out in section 3 of this Privacy Policy.

The collection and processing of Personal Data is subject to strict legal conditions to give you, as a user, the necessary guarantees that your Personal Data will not be publicly disclosed in an unauthorized manner or to unauthorized people or entities.

Each processing will therefore always be done in compliance with the applicable privacy legislation, more specifically (a) through 24 May 2018, the Finnish privacy legislation of 523/1999, and (b) as of 25 May 2018, the European Regulation on the protection of personal data (the “Privacy Legislation”).

This Privacy Policy applies to the relationship between you and ROCKFEST. ROCKFEST will only process, store and use your Personal Data in accordance with this Privacy Policy and in accordance with the provisions of the Privacy Legislation.

We assume that you have read this Privacy Policy before using our Services, as well as given your consent to the collection and processing of the Personal Data by ROCKFEST in accordance with this Privacy Policy.

2. Personal data that we collect
We may collect various types of Personal Data and keep it on our servers, including among others:

• Contact details (e.g. your name, place of residence, telephone number, date of birth, sex, e-mail address);
• Payment details (e.g. your bank card number, credit card number);
• Data related to expenditure, consumption and location facilities on the festival sites;
• Videos, images and other media that can identify you on the festival sites;
• Data on the use of the Website (e.g. browser and IP address);
• Data on the use of apps (e.g. GPS location, or the unique identification code of the device);
• Data of e-mails (e.g. number of times the e-mail was opened); and/or
• In the case of crew registration: national register numbers.

We will only store your Personal Data on servers that are located in the European Economic Area and these service providers have made an agreement with us to comply with these terms.

3. What are the purposes of data collection and processing?
Your Personal Data may be used for the following purposes (collectively, the “Purpose”):

• Informative purposes related to the use of the Website;
• Re-sending tickets to your e-mail address;
• Commercial purposes related to the purchase of your tickets, such as vouchers for restaurants, parking options and transport information;
• Transport to and from the festival sites or to and from hotels or other places of residence;
• Sending of informative e-mails;
• Processing of payments;
• Ensuring safety and health on the festivals sites;
• Printing tickets or wristbands to grant access to the festival sites;
• Customer service from the ROCKFEST and its external partners;
• Registration of the crew, guests, artists and all other acquaintances who have access to the festival sites; and/or
• Carrying out of electronic payments, electronic top-ups, and electronic refunds.

During the provision of services, ROCKFEST may rely on Third Parties which take over a part of the aforementioned Purpose. In such case, ROCKFEST may rely on Third Parties which are active as payment processors, printing companies, ticketing companies, transport companies, healthcare providers etc. and we have made agreements to ensure that they will comply our Data Protection Policy.

Furthermore, ROCKFEST has free access to your Personal Data, and may freely save and publish your Personal Data in the following cases:

• to comply with applicable laws or regulations like accounting and tax legislation;
• if a law enforcement authority or other government agency so requests;
• to maintain its general Terms and Conditions;
• for investigating suspicious or fraudulent or illegal activities; and/or
• to protect security and/or your rights or ROCKFEST.

4. User registration
To use the Website, ROCKFEST requires that you create an Account. You remain in control of all information, data, messages and images that you upload on the Website or on your Account, including Personal Data (“Data”) in accordance with the general Terms and Conditions.

You can register on the Website by logging in via your e-mail.

5. Safety
ROCKFEST shall take reasonable administrative, technical and organizational measures against unauthorized or illegal processing of Personal Data or unintentional loss, destruction or damage, unauthorized or illegal access, disclosure or use of Personal Data. In some cases, your Personal Data will be shared with Third Parties, which must also take reasonable administrative, technical and organizational measures to protect the Personal Data.

Access to Personal Data and processing of Personal Data may also take place outside the European Union.

In the event and as a result of the discovery or notification of an infringement on the safety of the Personal Data, or access thereto by an unauthorized person, ROCKFEST is legally obliged to notify you, if the infringement is likely to violate your privacy.

6. Cookies
When using the Website, we collect certain information through automated systems, including cookies (small text files stored in your browser) and similar technologies, including mobile app identifiers, to increase security, measure use and effectiveness of the Website, identify problems and then resolve them. We may also use cookies and other automated systems for other purposes including the management of the Website and other aspects of the commercialization of our company.

The information we collect in this way includes the IP address, browser properties, device properties, version of the operating system, information about actions taken on our Website (including use, activity logs and click-throughs), and dates and times of the visits to the website. Data logs are deleted on a regular basis.

You can check the use of cookies through your browser settings and other tools. You can configure your browser to disable, reset or block (the use of) cookies or similar technologies. In some cases, it is possible that without our use of cookies, some technical features of our website our Website may not work properly, or that not all features of the Website are available.

Third Parties may also use cookies to gather information about your activities on our Website in order to understand and continuously improve the functioning of the Website. For more information about the use of cookies by Third Parties, we refer you to the website of the relevant Third Party, as they will use cookies in accordance with their own cookie policy, which may differ from our own policy.

By continuing to use the Website you accept the use of cookies in your browser in accordance with this Privacy Policy.

7. Notification to Third Parties
Unless this Privacy Policy provides otherwise, we will not sell, transfer or in any other manner disclose your Personal Data to Third Parties, without your prior explicit consent, unless this is necessary for the Purpose as set out in this Privacy Policy, or unless we are legally obliged to do so.

8. What are my rights as a data subject?
We want to guarantee a safe and lawful processing of Personal Data, and we assure you that your Personal Data will be processed in a straightforward and lawful way. This implies that the Personal Data will only be processed for the aforementioned, explicitly stated and legal Purpose. ROCKFEST furthermore assures that the Personal Data will always be processed in an adequate, relevant and non-excessive manner.

My right for information
If you have questions or suggestions with regard to the processing of your Personal Data, provided you are able to prove your identity, you have the right to request information concerning the processing. We will then provide you with access to your Personal Data that we process as well as the source of these Personal Data. You can contact us at info (at)

My right of rectification or erasure
You have the right to have your Personal Data rectified, erased or amended, free of charge, to correct inaccuracies, in the event these Personal Data is incomplete or incorrect, or is being processed in an unlawful manner. You have the right to request the erasure of incorrect data or data that is not relevant in such manner. You can contact us at info (at)

You have the right to have your Personal Data erased without undue delay, free of charge, unless the Personal Data has to remain stored in accordance with a legal provision. The erasure is predominantly related to visibility, which entails the possibility that the erased Personal Data will remain stored temporarily. However, ROCKFEST will take any and all reasonable measures to erase all your Personal Data as fully and extensively as possible.

In case you fully exercise your right of erasure, notwithstanding the fact that you own a ticket for a future event, this ticket will be cancelled without reimbursement.

My right of transferability of Personal Data
You have the right to request your Personal Data transferred in a structured format.

My right to object or restrict the processing
You can, at all times, object to the processing of your Personal Data, or request to restrict the processing of your Personal Data.

9. Storage and removal of Data
We may store your Personal Data as long as reasonably required to provide you with the Services, and for the Purpose as described in this Privacy Policy. Afterwards, your Personal Data will be erased.

Receipt from your purchase and the data involved will store as long as accounting legislation requires and that is at the moment purchasing year and 6 years.

If you register an Account, we will store your Personal Data, even if you temporarily stop using your Account, until the moment you permanently remove your Account. Until you remove your Account, we are allowed to store and use your Personal Data.

10. Websites or applications of Third Parties
You acknowledge and accept that by using the Website or the Account you can gain access to certain content or services provided by Third Parties. In such case, a separate privacy policy of such a Third Party may apply. ROCKFEST is not responsible for the privacy policy of Third Parties, nor for compliance therewith.

11. Updates or changes to our Privacy Policy
If required, this Privacy Policy may be modified or updated to allow ROCKFEST to process your previously collected Personal Data for new purposes. In such case, you will be informed about this via a notification on our Website that the Privacy Policy has been amended and you will be requested to agree to this.

Responsible for processing:

TEL : +358 40 1952262