Skip to main content

PRIVACY POLICY

Last updated: March 2026

One Vision Festival ("we", "us", "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the General Data Protection Regulation (GDPR) and applicable Swedish data protection legislation.

1. DATA CONTROLLER

The data controller responsible for your personal data is:

ONE VISION FESTIVAL

Kristianstad, Sweden

Email: privacy@onevisionfestival.com

Website: onevisionfestival.com

For all privacy-related inquiries, please contact us at privacy@onevisionfestival.com.

2. DATA WE COLLECT

2.1 Information You Provide

When you purchase tickets, register for our newsletter, or contact us, we may collect:

  • Identity data: Name, date of birth, gender
  • Contact data: Email address, phone number, postal address
  • Transaction data: Payment details, purchase history, ticket information
  • Communication data: Your correspondence with us, customer service inquiries
  • Preference data: Marketing preferences, communication preferences

2.2 Information Collected Automatically

When you visit our Website, we may automatically collect:

  • Technical data: IP address, browser type and version, operating system, device information
  • Usage data: Pages visited, time spent on pages, click patterns, referring websites
  • Location data: General geographic location based on IP address

2.3 Information Collected at the Event

During the Event, we may collect:

  • Entry/exit data: Ticket scans, access times
  • CCTV footage: Video recordings for security purposes
  • Photo and video content: Images and recordings for promotional purposes
  • Cashless payment data: Transaction history if using our payment systems

2.4 Information from Social Media

When you interact with our official social media accounts (Instagram, Facebook, etc.), we may collect:

  • Public profile data: Username, profile picture, and publicly visible information
  • Comments and interactions: Comments you post on our content, direct messages, and other public interactions
  • Engagement data: Likes, shares, and other engagement metrics

This data is processed through the official Instagram Graph API and Facebook API in accordance with Meta's Platform Terms and Data Policy.

4. HOW WE USE YOUR DATA

We use your personal data for the following purposes:

Purpose Legal Basis
Processing ticket orders and payments Contract
Providing Event access and services Contract
Sending order confirmations and updates Contract
Sending marketing communications Consent
Ensuring Event security (CCTV) Legitimate Interest
Creating promotional content Legitimate Interest
Improving our services Legitimate Interest
Complying with legal requirements Legal Obligation
Preventing fraud Legitimate Interest / Legal Obligation
Responding to social media comments Legitimate Interest
Managing social media engagement Legitimate Interest

5. DATA SHARING

We may share your personal data with:

5.1 Service Providers

  • Payment processors (e.g., Stripe, Klarna) for transaction processing
  • Ticketing platforms for ticket delivery and validation
  • Email service providers for communications
  • Cloud hosting providers for data storage
  • Analytics providers for website analysis
  • Security companies for Event safety
  • Social media platforms (Meta/Instagram, Facebook) for community engagement and comment management
  • AI service providers (Anthropic) for generating response suggestions to social media comments

5.2 Third Parties

  • Law enforcement agencies when required by law
  • Regulatory authorities for compliance purposes
  • Professional advisers (lawyers, accountants) where necessary

5.3 International Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When transferring data outside the EEA, we ensure appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Other approved transfer mechanisms under GDPR

5.4 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

6. DATA RETENTION

We retain personal data only for as long as necessary for the purposes for which it was collected:

Data Type Retention Period
Transaction records 7 years (Swedish accounting requirements)
Customer account data Until account deletion + 1 year
Marketing preferences Until consent is withdrawn
CCTV footage 30 days (unless required for investigation)
Website analytics 26 months
Customer service inquiries 3 years
Social media comment data 24 hours for pending responses, then deleted

7. YOUR RIGHTS

Under GDPR, you have the following rights regarding your personal data:

RIGHT OF ACCESS

You have the right to request a copy of the personal data we hold about you.

RIGHT TO RECTIFICATION

You have the right to request correction of inaccurate or incomplete data.

RIGHT TO ERASURE

You have the right to request deletion of your personal data in certain circumstances.

RIGHT TO RESTRICT PROCESSING

You have the right to request that we limit how we use your data.

RIGHT TO DATA PORTABILITY

You have the right to receive your data in a structured, commonly used format.

RIGHT TO OBJECT

You have the right to object to processing based on legitimate interests or for marketing purposes.

RIGHT TO WITHDRAW CONSENT

Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at privacy@onevisionfestival.com. We will respond within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY):

Integritetsskyddsmyndigheten (IMY)
Box 8114, 104 20 Stockholm
Website: www.imy.se
Email: imy@imy.se

8. DATA SECURITY

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit (SSL/TLS) and at rest
  • Secure server infrastructure with access controls
  • Regular security assessments and updates
  • Employee training on data protection
  • Incident response procedures

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

9. COOKIES

Our Website uses cookies and similar technologies. Cookies are small text files stored on your device that help us improve your experience.

9.1 Types of Cookies We Use

Type Purpose
Essential Required for the Website to function (session management, security)
Functional Remember your preferences and settings
Analytics Help us understand how visitors use our Website
Marketing Used to deliver relevant advertisements

9.2 Managing Cookies

You can manage cookie preferences through our cookie consent banner or your browser settings. Note that disabling essential cookies may affect Website functionality.

10. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For significant changes, we may notify you by email or through a notice on our Website.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

11. CONTACT US

If you have any questions about this Privacy Policy or our data practices, please contact us:

PRIVACY INQUIRIES

One Vision Festival

Kristianstad, Sweden

Email: privacy@onevisionfestival.com

General inquiries: hello@onevisionfestival.com