The O2 is committed to respecting your privacy. The purpose of this Privacy Notice is to explain how we will use any personal data we collect about you, the rights you have over any personal data we hold about you, and to tell you about the policies and procedures that we have in place to respect your privacy and keep your personal data secure.
This Privacy Notice applies to you if you visit The O2, purchase a ticket for an event or service at The O2, shop at The O2, or use our products or services at The O2, over the phone, online, through our mobile applications or otherwise by using any of our websites or interacting with us on social media (our “Services”), or supply products or services to us, or enter into an agreement with us. This Privacy Notice does not apply to our processing of your personal data within the context of a past, current, or future employment relationship.
Who are we?
The O2 is one of the sports and live entertainment venues and properties owned and/or operated by Anschutz Entertainment Group, Inc. and its subsidiaries (“Our Group”).
References to The O2 include (without limitation) The O2 arena, indigo at The O2, Up at The O2, Outlet Shopping at The O2, the Quadrant and Building Six, which are operated by the following companies in Our Group:
- Anschutz Sports Holdings Limited
- Ansco Arena Limited
- Ansco Events Limited
- Ansco Management Limited
- Ansco Music Club Limited
- Ansco Piazza Building 1 Limited
- Ansco Roofwalk Limited
- Ansco Services Limited
- The Waterfront Limited Partnership
Our contact details
If you have any comments or questions about this Privacy Notice or our data processing practices, please address them to us at privacy@theo2.co.uk. You can reach our Data Protection Officer at dpo@aegeurope.com or, alternatively, send by recorded post for the attention of the Data Protection Officer at AEG Europe, 240 Blackfriars Road, London, SE1 8NW.
Categories of personal data we collect and use
We may collect and use the following categories of personal data:
- identifying information such as your name or your IP address;
- your contact information such as your phone number or your postal or email address;
- gender, date of birth, age and/or age range;
- information about any device you have used to access our Services or the websites or mobile applications of other companies in Our Group or the O2 Wifi service at The O2;
- information about visits of pages or sections on the websites or mobile applications provided by us, the other companies in Our Group or by AXS Europe Limited;
- information about the Services we provide to you;
- information about transactions you make with other companies for events and services at The O2 (including for example, what they have provided to you, when and where and, if applicable, how much you paid);
- bank account details, payment card information, and information from credit reference agencies;
- location data (for example, if you use Wi-Fi at The O2 or our mobile applications, we will record the dates and times you visited The O2 and which parts of The O2 you visited);
- your account login details, including your username and password;
- information you provide to us with when you contact us by phone, email, post, or when you communicate with us via social media;
- information you provide to us about your health (for example when you are buying tickets for wheelchair accessible spaces, when you request a sign language interpreter, or when we are investigating an accident which may have happened at The O2);
- your vehicle registration number (when you use our car parks or access The O2 back of house areas in a vehicle);
- CCTV images and bodycam audio and video when you visit The O2 and areas adjacent to The O2;
- information about electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication;
- answers you provide when you respond to competitions, votes and surveys;
- your identity, public profile, follows and likes from a social network such as Facebook (this may include your employment or education information if you include it in your public profile);
- information from specialist market research companies who provide us with additional personal data about you and your household such as income, number of children, occupation, social grade, home ownership status, the products and services you use or intend to use or purchase, and your interests; and
- other personal data which you may disclose to us when you use our Services at any time.
Sources of personal data
We will receive your personal data when you provide them to us yourself or when you use or purchase one or more of our Services.
We also receive personal data about you from third parties. Third parties who provide us with personal data about you include:
- ticket agents such as AXS, Ticketmaster and others, who transfer personal data to us when you purchase a ticket from them for an event at The O2;
- specialist market research companies, who provide us with additional personal data about you and your household;
- Facebook Inc., who, if you have consented, transfer personal data to us when you register for one of our Services using your Facebook account; and
- Telefónica UK Limited, who, if you have consented, transfer personal data to us when you use the O2 Wifi service at The O2.
We may combine any personal data about you that we receive from you, from other companies in Our Group, and from third parties to the extent permitted by current data protection laws.
How we use your personal data
All personal data that we obtain about you will be used in accordance with current data protection law and this Privacy Notice. We, or data processors acting on our behalf, may process your personal data as follows:
- As necessary, to perform a contract with you, such as a contract to process an order from you for one or more of our Services including, where applicable, taking payment and carrying out fulfilment and delivery.
- As necessary, to comply with a legal obligation imposed on us, for the following purposes:
- where yu exercise your rights under data protection law and make requests; and to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity.
- As necessary, for our legitimate interests in providing the Services and ensuring they operate safely, securely and in a commercially suitable way which is tailored to your use and interests, for the following purposes:
- to provide you with the Services;
- to verify your identity for security purposes;
- to help us to ensure our customers are genuine and to prevent fraud;
- to ensure the security of our websites, mobile applications and other technology systems;
- for the good governance of our business, including keeping financial records, to allow us to pay suppliers and to charge, invoice or refund customers;
- for internal administrative purposes within Our Group;
- to search credit reference agencies before we provide you with credit;
- to prevent and detect crime and to keep people who visit and work at The O2 safe and secure;
- to manage, record and investigate health and safety and other incidents which have happened or may have happened at The O2;
- to count the numbers of people who visit The O2 and t analyse flows of people around the building for safety and commercial purposes;
- to manage access to specific areas of The O2 (fr example, we will use lists of people and/or vehicles to allow us to manage access to backstage or VIP areas);
- to provide you with information about our Services, to contact you about administrative matters, and to manage and respond to any queries or complaints you make or any correspondence you send us;
- to help us to return lost property to its rightful owner;
- to process your competition entries and your survey or voting information;
- to market our Services and goods and services from other companies, including sending marketing communications and, where applicable, processing your registration, creating custom marketing audiences on third-party websites such as Facebook, and profiling and automated decision-making relating to our marketing;
- to “geo-fence” marketing so that you receive marketing communications or see advertisements which are relevant to your location;
- to operate competitions, including notifying you if you have won, to confirm delivery of a prize or for other related purposes; and
- for market research and statistical analysis and to analyse the use of our Services so that we can improve them.
- Based on your consent, for the following purposes:
- to send you marketing communications.
- to post some of your data on our websites or mobile application if you win a competition; and
- to share your data with third parties for marketing or promotional purposes.
- Based on your explicit consent, when you provide us with personal data about your health, for the following purposes:
- to provide you with tailored services (for example, a wheelchair accessible space or a sign language interpreter); and
- to manage and help us investigate an incident which may have taken place at The O2.
We will collect and aggregate on an anonymous basis information about you, your spending and use of our Services with information about other users of the Services in order to identify trends (“Aggregated Data”). We may pass Aggregated Data to the third parties referred to in the section below, such as partners, to give them a better understanding of our business and to bring you a better service. Aggregated Data will not contain information from which you may be personally identified.
Sharing your personal data
We will share your personal data with other companies in Our Group.
We will share your personal data with data processors and other third parties that help us to provide the Services. Any data processors and other third parties with whom we share your personal data are limited (by law and by contract) in their ability to use your personal data for any purpose other than to provide services for us. We will always ensure that any data processors and other third parties with whom we share your personal data are subject to privacy and security obligations consistent with this Privacy Notice and applicable laws.
Privacy Notice
If you have consented, we will share your personal data with other trusted third parties, for example the artists, promoters or sponsors we work with, so that they can use your personal data for marketing or promotional purposes by sending you information about related products or service that may be of interest to you.
We will also disclose your personal data to third parties in the following circumstances:
- if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if we (or substantially all of our assets) are acquired by a third party, in which case personal data held by us will be one of the transferred assets;
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity;
- in order to enforce or apply our Terms of Use or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
- to protect the rights, property, or safety of us, our customers, or other persons. This may include exchanging personal data with other organisations for the purposes of fraud protection and credit risk reduction.
Save as expressly detailed above in this section, we will never share, sell or rent any of your personal data to any third party without notifying you and/or obtaining your consent.
International transfers of your personal data
Your personal data may be transferred to, and processed in a location outside of the United Kingdom.
In particular, your personal data may also be processed by staff operating in the United States or outside the United Kingdom working for us, other members of Our Group, data processors and other third parties. Such staff may be engaged in, among other things, the provision of our Services to you, the processing of transactions and/or the provision of support services.
For some countries and territories such as the European Union, the government has issued adequacy regulations. Personal data transferred to or processed in those countries will enjoy a level of protection that is essentially equivalent to the United Kingdom.
Other countries may not have laws that protect your privacy rights as extensively the United Kingdom. However, if we do transfer your personal data to those countries, we will put in place appropriate safeguards to ensure that your personal data are properly protected and processed only in accordance with this Privacy Notice. Those safeguards may include imposing contractual obligations of adequacy, supplementary technical measures, or requiring the recipient to subscribe to or be certified with an ‘international framework’ of protection.
How long do we keep your personal data?
We will normally retain your personal data for as long as you use our Services and for up to two years after your last use of our Services or your last interaction with us (for example, the last time you opened an electronic communication from us or visited one of our websites).
However, in some circumstances we will retain your personal data for a shorter period, including:
- we will retain recorded CCTV footage and bodycam audio and video at The O2 for no longer than one month, unless we are required to retain it for longer (for example, if we are investigating an incident, or have been asked to retain specific recordings for a longer period by government or law enforcement officials); and
We will retain your personal data for longer if we believe we may need them in order to respond to any claims, to protect our rights or the rights of a third party, and we will retain your personal data for longer if we are required to retain them in order to comply with applicable laws.
Automated decision-making and profiling
We may combine any personal data about you that we receive from you, from other companies in Our Group, and from third-parties in order to create marketing profiles.
Marketing profiles include personal data such as information about Services you have used or purchased previously, information about when you have visited The O2 in the past and which parts of the building you visited or events you attended, demographic data and data from your social media profiles.
For example, we may analyse the personal data of people who have purchased tickets for a particular future event at The O2 and then compare them with other people in our database. If we identify people in our database who have similar personal data to the original purchasers, we may then target marketing about that event to the new people we have identified in our database, for example by sending direct marketing emails. We may conduct the profiling and send the direct marketing emails automatically.
We conduct these automated decision-making and profiling activities for our legitimate interests in providing the Services and ensuring they operate in a commercially suitable way which is tailored to your use and interests.
We will ensure that the automated decision-making and profiling does not produce legal effects concerning you or similarly significantly affects you.
Your rights
To the extent set out by applicable data protection laws, you may contact us by email atprivacy@theo2.co.uk at any time, to:
- request that we provide you with information about or a copy of the personal data we hold about you;
- request that we update any of your personal data which are inaccurate or incomplete;
- request that we delete any of your personal data which we are holding;
- request that we restrict the way that we process your personal data;
- request that we provide your personal data to you or a third-party provider of services in a structured, commonly-used and machine-readable format;
- object to us processing personal data based on our legitimate interests, including profiling; or
- object to us processing your personal data for direct marketing purposes.
Your request must include your name and your email address. We may request proof of your identity to ensure that these rights are only exercised by the individuals to whom the personal data belong. Please allow at least seven working days for us to process your request.
Withdrawing your consent
Where we are processing your personal data based on your consent, you may change your mind and withdraw your consent at any time.
You can withdraw your consent to receive marketing communications by clicking on the unsubscribe link in an email or by adjusting the push message settings for the mobile application.
You can also withdraw your consent to receive marketing communications or any other consent you have previously provided to us by contacting us at privacy@theo2.co.uk.
The consequence of you withdrawing consent might be that we cannot do certain things for you. Withdrawing your consent has no effect on any prior processing of your personal data.
Right to lodge a complaint with a supervisory authority
You may make a complaint to a supervisory authority for data protection matters. If you live in the United Kingdom, this would be the Information Commissioner’s Office (https://ico.org.uk/). If you live in a country that is a member of the European Economic Area, you may complain to the supervisory authority in your country. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
How do we protect your personal data?
We use industry standard technical and organisational security measures to protect your personal data. We keep your personal data secure by implementing policies, procedures and access controls so that only authorised members of our staff or authorised third parties can access your personal data. We protect our information technology systems with firewalls and anti-virus and anti-malware software and other information security technology solutions. When we transfer your personal data to third parties we use encryption.
We cannot guarantee the security of your personal data when you transmit it to us
using insecure transmission methods such as email. Once we have received your
personal data, we will use appropriate procedures and security features to prevent unauthorised access.
Where a password is required to access one of our Services, you are responsible for keeping this password confidential. When setting a password, you are responsible for choosing a secure one. We ask you not to share a password with anyone. We will never ask for your password.
Links to other websites and mobile applications
We sometimes provide you with links to other websites or mobile applications, but these websites and mobile applications may not be under our control. We are only responsible for the privacy practices and security of our Services. We are not responsible for the privacy policies, content or security of any linked websites or mobile applications. We recommend that you check the privacy and security policies of each and every website and mobile application that you visit.
Cookies and other tracking technologies
We may use cookies and web beacons on our websites. Third parties may also view, edit, or set their own cookies or place web beacons on our websites.
Cookies and web beacons are used by us and third parties for the following purposes:
- to distinguish you from other users of the website;
- to enable certain features of our websites (for example, to allow a customer to maintain a basket when they are shopping at an online store);
- to analyse the traffic to our websites (for example, we can count how many people have looked at a specific page, or see how visitors move around the website when they use it, and use this information to improve the website);
- to help target advertisements which are more likely to be of interest to you;
- to allow us carry out retargeting (this is when advertisements are presented to you for products or services which you have previously looked at on a website, but have not purchased);
- to allow you to interact with our websites on social media platforms.
The use of these technologies by such third parties is subject to their own privacy policies and is not covered by this Privacy Notice, except as required by law.
To the extent required by current data protection laws, your consent will be required before cookies and other tracking technologies are employed unless they are strictly necessary to provide the Services.
Changes to our Privacy Notice
We reserve the right to change our Privacy Notice from time to time. Any such changes will be posted on this page so that we can keep you informed about how we process your personal data. We recommend that you consult this page frequently so that you are aware of our latest Privacy Notice and can update your preferences if necessary. Your continued use of our Services shall constitute your acceptance of any revised Privacy Notice.
This Privacy Notice was last updated on 18 July 2024.