1. Introduction

Welcome to The Aras Music Festival ("ARMF," "we," "us," "our"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:

• Visit our website at www.armf.in

• Purchase tickets for our events

• Create an account with us

• Attend our events

• Interact with us on social media

• Use any of our services (collectively, "Services")
  

By using our Services, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services.

2. Information We Collect

We collect several types of information from and about you, including:

2.1 Personal Information You Provide to Us

When you interact with our Services, we may collect personal information that you voluntarily provide, including:

Account Registration:

• Full name

• Email address

• Phone number

• Date of birth (for age verification)

• Password (encrypted)

• Profile picture (optional)
  

Ticket Purchase:

• Name of ticket holder

• Email address

• Phone number

• Date of birth (for age verification)

• Billing address

• Payment information (processed by third-party payment processors)
  

Event Attendance:

• Government-issued photo ID information (for age verification at venue)

• Emergency contact information (optional)

• Medical information (only if voluntarily provided for emergency purposes)
  

Communications:

• Information you provide when contacting customer support

• Feedback, reviews, or survey responses

• Messages sent through our contact forms or email
  

Job Applications:

• Resume/CV

• Cover letter

• Educational background

• Work experience

• References

• Portfolio or work samples
  

Contests, Promotions, or Giveaways:

• Information required for entry (name, email, social media handles)

• User-generated content (photos, videos, captions)
  

2.2 Information Automatically Collected

When you access our Services, we automatically collect certain information about your device and usage, including:

Device Information:

• IP address

• Browser type and version

• Operating system

• Device type (mobile, tablet, desktop)

• Unique device identifiers
  

Usage Information:

• Pages visited on our website

• Time and date of visits

• Time spent on pages

• Referring website or source

• Click-through data

• Search queries
  

Location Information:

• General location data based on IP address

• Precise location data (only if you grant permission through your device)
  

Cookies and Tracking Technologies:

• We use cookies, web beacons, and similar technologies to enhance your experience (see Section 7 for details)
  

2.3 Information from Third Parties

We may receive information about you from third-party sources, including:

Payment Processors:

• Transaction confirmation data

• Payment status information

• (We do not store your full payment card details)
  

Social Media Platforms:

• If you interact with us on social media (Instagram, Facebook, Twitter), we may collect your public profile information, posts, comments, and engagement data
  

Marketing Partners:

• If you participate in co-branded promotions or partnerships, we may receive information from our partners
  

Publicly Available Sources:

• Information available on public websites or social media profiles (only for verification or security purposes)
  

2.4 Event Photography and Videography

When you attend ARMF events:

• You may be photographed or filmed by our professional photographers/videographers

• Your image, likeness, and voice may be captured in photos, videos, and recordings

• This media may be used for promotional, marketing, or commercial purposes (see Section 4.6)
  

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide and Improve Our Services

• Process ticket purchases and send confirmation emails

• Create and manage your account

• Verify your age and identity at events (21+ requirement)

• Provide customer support and respond to inquiries

• Facilitate event entry and check-in

• Improve our website, app, and services

• Analyze usage patterns and trends
  

3.2 To Communicate with You

• Send booking confirmations and e-tickets

• Send event updates, reminders, and important announcements

• Respond to your questions, requests, or complaints

• Send administrative information (policy updates, security alerts)

• Provide customer service and support
  

3.3 For Marketing and Promotional Purposes

• Send newsletters and promotional emails about upcoming events

• Notify you about special offers, discounts, and early bird tickets

• Share content related to ARMF events and the entertainment industry

• Invite you to participate in surveys, contests, or giveaways

• Display targeted advertisements (with your consent where required)
  

You can opt out of marketing communications at any time (see Section 10).

3.4 To Ensure Safety and Security

• Verify identities and prevent fraud

• Detect and prevent unauthorized access or illegal activities

• Enforce our Terms and Conditions

• Protect the safety of attendees, staff, and property

• Comply with legal obligations and respond to legal requests
  

3.5 For Event Operations

• Manage event logistics (catering, transportation, accommodations)

• Coordinate with vendors, partners, and venues

• Conduct post-event analysis and reporting

• Track attendance and capacity
  

3.6 For Business Development

• Analyze market trends and customer preferences

• Develop new products, services, and event concepts

• Build partnerships and sponsorship opportunities

• Evaluate job applications and hire staff
  

3.7 For Legal Compliance

• Comply with applicable laws and regulations

• Respond to legal processes (subpoenas, court orders)

• Establish, exercise, or defend legal claims

• Prevent harm to individuals or property
  

4. How We Share Your Information

We do not sell your personal information to third parties. However, we may share your information with the following parties under specific circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our business, including:

Payment Processors:

• To process ticket purchases securely (e.g., Razorpay, Paytm, Stripe)

• Payment processors handle your payment information in accordance with PCI-DSS standards
  

Email Service Providers:

• To send transactional and marketing emails (e.g., Mailchimp, SendGrid)
  

Website Hosting and Infrastructure:

• To host and maintain our website and databases (e.g., Hostinger, AWS)
  

Analytics Providers:

• To analyze website traffic and user behavior (e.g., Google Analytics)
  

Customer Support Tools:

• To provide customer service (e.g., WhatsApp Business, email platforms)
  

SMS/Communication Services:

• To send event reminders and updates via SMS

All service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Event Venues and Partners

We may share necessary information with:

• Event venues (for security, capacity management, and logistics)

• Vendors (caterers, transportation providers, equipment suppliers)

• Security personnel (for safety and access control)

• Accommodation partners (for hotel booking discounts)
  

We share only the minimum information necessary to facilitate event operations.

4.3 Sponsors and Marketing Partners

With your consent, we may share limited information with:

• Event sponsors (for brand activations or promotional offers)

• Co-marketing partners (for joint promotions or contests)
  

You can opt out of such sharing at any time.

4.4 Social Media Platforms

When you interact with us on social media or share content about our events:

• Your public posts, comments, and tags may be visible to us and others

• We may repost or share your content (with attribution) for promotional purposes

• Social media platforms may collect information about your interactions (governed by their privacy policies)
  

4.5 Legal and Regulatory Authorities

We may disclose your information to government authorities, law enforcement, or other third parties if required by law or if we believe in good faith that such disclosure is necessary to:

• Comply with legal obligations (subpoenas, court orders, tax requirements)

• Protect our rights, property, or safety

• Protect the rights, property, or safety of our users or the public

• Investigate or prevent fraud, illegal activities, or violations of our Terms
  

4.6 Promotional Use of Media

Photos, videos, and recordings taken at ARMF events may be:

• Shared on our website, social media, and marketing materials

• Used in promotional campaigns and advertisements

• Provided to media outlets or press (for event coverage)
  

By attending our events, you consent to such use (as outlined in our Terms and Conditions).

4.7 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring entity or successor. We will notify you of any such change and how it affects your information.

4.8 With Your Consent

We may share your information with other parties if you explicitly consent to such sharing.

5. Data Retention

5.1 How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Account Information:

• Retained as long as your account is active

• After account deletion, retained for up to 12 months for legal and audit purposes
  

Ticket Purchase Data:

• Retained for up to 7 years for tax, accounting, and legal compliance
  

Event Photography/Video:

• Retained indefinitely for promotional purposes (you may request removal, see Section 10.4)
  

Marketing Communications:

• Retained until you opt out or we determine the information is no longer useful
  

Legal Records:

• Retained as required by applicable laws (e.g., tax records, contracts)
  

5.2 Deletion of Data

After the retention period expires, we will:

• Delete or anonymize your personal information

• Securely destroy physical records

• Remove data from our active databases (backups may be retained for disaster recovery)
  

6. Data Security

6.1 Our Security Measures

We take the security of your personal information seriously and implement appropriate technical and organizational measures, including:

Technical Safeguards:

• Encryption of sensitive data (SSL/TLS for data transmission)

• Secure servers and databases with restricted access

• Regular security audits and vulnerability assessments

• Firewalls and intrusion detection systems
  

Organizational Safeguards:

• Access controls (only authorized personnel can access personal data)

• Employee training on data protection and privacy

• Confidentiality agreements with employees and contractors

• Incident response procedures for data breaches
  

Payment Security:

• We do not store your full credit/debit card information

• Payment processing is handled by PCI-DSS compliant third-party processors
  

6.2 Your Responsibility

While we take security seriously, no system is 100% secure. You are responsible for:

• Keeping your account password confidential

• Using a strong, unique password

• Logging out of your account on shared devices

• Notifying us immediately of any unauthorized access
  

6.3 Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

• Investigate the incident promptly

• Notify affected users via email within 72 hours (as required by law)

• Report the breach to relevant authorities if required

• Take steps to mitigate harm and prevent future breaches
  

7. Cookies and Tracking Technologies

7.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help us recognize your device, remember your preferences, and improve your experience.

7.2 Types of Cookies We Use

Essential Cookies:

• Required for the website to function properly

• Enable features like shopping cart, account login, and payment processing

• Cannot be disabled without affecting website functionality
  

Performance Cookies:

• Collect anonymous data on how visitors use our website

• Help us analyze traffic, identify popular pages, and improve performance

• Example: Google Analytics
  

Functionality Cookies:

• Remember your preferences and settings (language, location, login status)

• Enhance your user experience
  

Targeting/Advertising Cookies:

• Track your browsing activity across websites

• Used to deliver personalized ads based on your interests

• May be placed by third-party advertising networks (e.g., Google Ads, Facebook Pixel)
  

7.3 Managing Cookies

You can control and manage cookies through your browser settings:

• Accept all cookies: Default setting for most browsers

• Reject all cookies: May limit website functionality

• Delete cookies: Clear existing cookies from your device

• Block third-party cookies: Prevent tracking by external advertisers
  

Note: Disabling essential cookies may prevent you from using certain features of our website (e.g., purchasing tickets).

7.4 Third-Party Tracking

We use third-party services that may place cookies on your device:

• Google Analytics: Tracks website usage and traffic sources

• Facebook Pixel: Tracks conversions and enables targeted ads

• Google Ads: Delivers personalized advertisements
  

These services have their own privacy policies. We recommend reviewing them:

• Google Privacy Policy: https://policies.google.com/privacy

• Facebook Data Policy: https://www.facebook.com/policy.php
  

7.5 Do Not Track (DNT)

Some browsers support "Do Not Track" signals. Currently, our website does not respond to DNT signals, but you can disable cookies as described above.

8. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

8.1 Right to Access

You have the right to request:

• Confirmation of whether we hold your personal information

• A copy of your personal information

• Details about how we use and share your information
  

How to exercise: Email us at contact@armf.in with "Access Request" in the subject line.

8.2 Right to Correction

You have the right to:

• Correct inaccurate or incomplete personal information

• Update your account details at any time
  

How to exercise: Log in to your account and update your information, or contact us at contact@armf.in.

8.3 Right to Deletion

You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, ongoing transactions).

How to exercise: Email us at contact@armf.in with "Deletion Request" in the subject line.

Note: Deleting your account may prevent you from accessing past ticket purchases or attending future events.

8.4 Right to Object or Restrict Processing

You have the right to:

• Object to processing of your personal information for marketing purposes

• Restrict how we process your information under certain circumstances

How to exercise: Contact us at contact@armf.in.

8.5 Right to Data Portability

You have the right to:

• Receive your personal information in a structured, commonly used format

• Transfer your information to another service provider

How to exercise: Email us at contact@armf.in with "Portability Request" in the subject line.

8.6 Right to Withdraw Consent

If we process your information based on consent, you have the right to withdraw that consent at any time.

How to exercise: Contact us at contact@armf.in or use the unsubscribe link in marketing emails.

8.7 Right to Opt Out of Marketing

You can opt out of marketing communications at any time by:

• Clicking the "Unsubscribe" link in any marketing email

• Updating your communication preferences in your account settings

• Emailing us at contact@armf.inwith "Unsubscribe" in the subject line
  

Note: You will still receive transactional emails (ticket confirmations, event updates, account notifications).

8.8 Right to Lodge a Complaint

If you believe we have violated your privacy rights, you have the right to lodge a complaint with:

• Our Data Protection Officer: contact@armf.in

• Relevant Data Protection Authority in India (if applicable in the future)
  

8.9 Response Time

We will respond to your requests within:

• 30 days for most requests

• 60 days for complex requests (we will notify you if we need additional time)
  

We may ask you to verify your identity before fulfilling your request to ensure security.

9. Children's Privacy

9.1 Age Restriction

ARMF events and services are intended for individuals 21 years of age and older. We do not knowingly collect personal information from individuals under 21.

9.2 Parental Consent

If we discover that we have collected personal information from someone under 21 without proper verification, we will delete that information immediately.

9.3 Parental Rights

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at contact@armf.in.

10. International Data Transfers

10.1 Data Location

Your personal information is primarily stored and processed in India. However, we may transfer data to service providers located in other countries (e.g., cloud hosting providers in the United States or Europe).

10.2 Safeguards

When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by data protection authorities

• Ensuring the recipient country has adequate data protection laws

• Obtaining your explicit consent where required
  

10.3 Your Rights

If your data is transferred outside India, you retain all rights outlined in Section 8.

11. Third-Party Links

11.1 External Websites

Our website and communications may contain links to third-party websites, including:

• Social media platforms (Instagram, Facebook, Twitter)

• Accommodation booking sites

• Partner websites

• Sponsor websites
  

We are not responsible for the privacy practices or content of these third-party sites.

11.2 Recommendation

We encourage you to review the privacy policies of any third-party websites you visit. This Privacy Policy applies only to ARMF services.

12. Changes to This Privacy Policy

12.1 Right to Modify

We reserve the right to update or modify this Privacy Policy at any time to reflect:

• Changes in our practices

• Legal or regulatory requirements

• New features or services
  

12.2 Notification of Changes

If we make material changes to this Privacy Policy, we will notify you by:

• Posting a prominent notice on our website

• Sending an email to the address associated with your account

• Displaying a notification when you log in to your account
  

12.3 Effective Date

Changes will be effective immediately upon posting the updated Privacy Policy on our website. The "Last Updated" date at the top of this policy indicates when it was last revised.

12.4 Your Acceptance

Your continued use of our Services after changes are posted constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, please discontinue use of our Services.

13. Data Protection Officer

ARMF has designated a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy and applicable data protection laws.

Contact our DPO:

📧 Email: contact@armf.in
📧 Subject Line: "Attention: Data Protection Officer"

Our DPO will respond to your inquiries regarding:

• How we collect, use, and protect your information

• Your privacy rights and how to exercise them

• Data breaches or security concerns

• Complaints or concerns about our privacy practices
  

14. Legal Basis for Processing (For Users in India and EU)

We process your personal information based on the following legal grounds:

14.1 Contractual Necessity

• To fulfill our contract with you (ticket purchase, event attendance)

• To provide services you have requested
  

14.2 Consent

• Marketing communications (you can withdraw consent anytime)

• Use of your photos/videos for promotional purposes

• Cookies and tracking technologies (where required)
  

14.3 Legitimate Interests

• To improve our services and user experience

• To prevent fraud and ensure security

• To analyze business performance
  

14.4 Legal Obligations

• To comply with tax, accounting, and legal requirements

• To respond to legal requests or court orders
  

15. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

15.1 Right to Know

You have the right to request details about the personal information we collect, use, and share.

15.2 Right to Delete

You have the right to request deletion of your personal information (subject to exceptions).

15.3 Right to Opt Out of Sale

We do not sell your personal information to third parties. If our practices change, we will provide an opt-out mechanism.

15.4 Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights (e.g., denying services or charging different prices).

How to Exercise Your Rights: Email us at contact@armf.in with "CCPA Request" in the subject line.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

The Aras Music Festival (ARMF)

📧 Privacy Inquiries, General Support, Data Protection Officer: contact@armf.in

📱 Phone/WhatsApp: +91-79021-93326
⏰ Available: Monday-Sunday, 10:00 AM - 8:00 PM IST

🌐 Website: www.armf.in
📷 Instagram: @arasfestival
📘 Facebook: The Aras Music Festival

17. Acknowledgment

By using our Services, you acknowledge that:

• You have read and understood this Privacy Policy

• You consent to the collection, use, and sharing of your information as described

• You understand your rights and how to exercise them

• You agree to receive communications from us in accordance with this policy
  

Thank you for trusting The Aras Music Festival with your personal information. Your privacy matters to us!

Last Updated: October 25, 2025
Version: 1.0

END OF PRIVACY POLICY