Latest update: May 20th, 2018

Headfirst want you to make informed decisions about your the information you share with us, so we have prepared this privacy statement in response to the new General Data Protection Regulation (GDPR).

If you have any questions please contact: [email protected]

1. Introduction

This Privacy Policy explains:

By using our website or our app (collectively ‘The Platform’), you consent to our collection and use of your Information as described in this policy. Headfirst may occasionally update this policy - we will prompt you to re-read this policy whenever you make a purchase or any time we request additional data.

2. What information do we collect?

We try to collect the minimum amount of data required to provide a tailored but respectful service. We will collect and request this information in a variety of ways:

2.1 Information required to make a purchase

In order to process your order, it is necessary for us to collect some data. For example:

2.2 Information we collect through your use of our services

A cookie is a small file which is stored by the browser on your computer's hard drive. Cookies store some basic information that helps us:



Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Displaying content from external platforms The Platform uses content from external media platforms like Spotify, SoundCloud, YouTube, Vimeo and event location information from Google Maps. These services might still collect cookies and usage data for the pages where the service is installed, even when Users do not use it.

Please remember that when you use a link to go from our website or our app to another website, our Policy no longer applies. We do not control any Third-Party Sites, and is not responsible for any information they may collect.

3. How we use your information

In general, we use your Information as necessary or appropriate for our business purposes. These include:

4. Can I find out what information you are storing on me?

Users have know about their personal information, to verify its accuracy and to have it updated or corrected. You will not be charged for data requests under new GDPR regulations. Any requests of this nature should be sent to the Data Controller: [email protected] We are not responsible for updating or removing your Information contained in the lists or databases of third parties who have been provided with Information as permitted by this Policy.

5. When we disclose information to third parties

We are extremely careful to share as little information with third parties as possible. There are however situations when this is necessary, for example:

5.1 Sharing your information with promoters

When you buy a ticket from Headfirst, it is necessary to share some of your personal information with that event’s promoter.

5.2 Sharing your financial information with our card processor

When you make a purchase on Headfirst, your consent is given to provide your financial or personal information to those third parties necessary to process your transactions with us.

Although users can submit credit card or other payment card information to pay for a service through Headfirst, we do not receive this information itself. Payment card information is transmitted directly to a third-party payment card processor, Stripe. Stripe's privacy policy is available here.

5.3 Legal requests

We may be required to reveal personal data upon request of public authorities. In these cases, your personal data may be used for legal purposes by us in court or in the stages leading to possible legal action arising from improper use of our services.

6. Where we store your information

The information that we collect from you may be transferred to and stored (typically on remote and backup servers) outside the European Economic Area. By submitting information to us, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Policy and the Act.

6.1 Methods of processing

We process your data in a proper manner and take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of it. In addition to our data controller, in some cases, the data will be accessible to staff involved with the operation of the site (administration, sales, marketing, legal, system administration). The updated list of these persons may be requested from us at any time: [email protected]

6.2 Retention time

The data is kept for the time necessary to provide the service, you can contact us at any time and request your data is destroyed.

7. Data security

We have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. You may choose to restrict the collection or use of your personal information in the following ways: whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by emailing us.

If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible: [email protected]