Secret Group Ltd (“Secret Group”, “we”, “us”, “our”, “our site”) respects your privacy and is committed to protecting your personal data, as we take data protection very seriously.

This Privacy Notice will tell you how we look after your personal data when you visit our websites, purchase tickets for our events, attend our events, subscribe to our newsletters, or follow us on social media, and will tell you about your rights to privacy and how the law protects you.

If you don’t understand the meaning of some of the terms used, please take a look at the glossary first.

By engaging with Our Site, you acknowledge you have read, understood and agree to this Privacy Policy..

Our Terms and Conditions also cover your use of our Sites and Services; so please make sure you read them carefully.


Personal Data

Personal data means any information relating to an individual person who can be identified directly or indirectly, by an identifier such as a name, an identification number, location data, and online identifier or to one or more factors specific to the individual’s physical, physiological, genetic, mental, economic, cultural or social identity.

Lawful Basis

As a company we must have a valid lawful basis in order to process your personal data. There are six available lawful bases for processing and most require that the processing is ‘necessary’ for a specific purpose.


Contract is one of the lawful bases we use for processing personal data. This means that the processing is necessary for a contract Secret Group Ltd has with you, or because you have asked us to take specific steps before entering into a contract. A contract could be purchasing a ticket for one of our shows.

Legitimate Interests

Legitimate Interests is one of the lawful bases we use for processing personal data. This means the processing is necessary for our legitimate interests or the legitimate interests of a third party, and your interests or fundamental rights and freedoms which require protection of Personal Data do not override our legitimate interests.


Cookies are small text files that are placed on your computer by websites that you visit. We use them in order to make our websites work and work more efficiently, as well as providing us with information on how you use our websites. For more information on our Cookies, take a look at our Cookie Policy.

The Information We Collect About You

Information you give us

  • This is information about you that you give us directly when you interact with us.
  • Information (such as your name, email address, postal address, and telephone number) that you provide by completing forms on Our Site, including if you register as a user of Our Site, subscribe to any service, upload or submit any material via Our Site, request any information, or enter into any competition or promotion we may sponsor;
  • In connection with an account sign-in facility, your log-in and password details;
  • Details of any transactions made by you through Our Site;
  • Communications you send to us, for example, to report a problem or to submit queries, concerns or comments regarding Our Site or its content; and
  • Information from surveys that we may, from time to time, run on Our Site for research purposes, if you choose to respond to or participate in, them. You are under no obligation to provide any such information. However, if you should choose to withhold the requested information, we may not be able to provide you with certain services.

Information we collect about you from using Our Site

  • When you visit Our Site, we may automatically collect additional information about you, such as the type of internet browser or mobile device you use, any website from which you have come to Our Site and your IP address (the unique address which identifies your computer or mobile device on the internet) and your operating system, which are automatically recognised by our web server. You cannot be personally identified from this information, and it is only used to assist us in providing an effective service on Our Site and to collect broad demographic information for aggregate use.
  • We collect geographical local data, but only on a broad basis from your IP address, browser or device locale, or your choice of location, in order to provide services accurate to your location.

The legal bases we rely on:

The law on data protection sets out a number of different reasons for which we may collect and process your personal data in certain circumstances, including:


We can collect and process your data with your consent.  

  • For example, if you have given your consent to receiving marketing material from us at the point we collected your information.

Contractual obligations:

We need your personal data to comply with our contractual obligations.

  • For example, where you have provided us with your email address to receive our services, we will use this information in order to effectively deliver and communicate our services.

Legal compliance:

If the law requires us to, we may need to collect and process your data.

  • For example, we can pass on details of people involved in fraud or other criminal activity affecting us to applicable law enforcement.

Legitimate interest:

We may require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.  

  • For example, it is in our legitimate interests to ensure that content from Our Site is presented in the most effective manner for you and your computer and we provide you with the information, products and services that you request from us.

How We Use Your Information

We will use this information in our legitimate interests, where we have considered these are not overridden by your
rights, to:

  • Enable us to process your orders (by sharing your information with theatre venues) and to provide you with the services and information offered through Our Site and which you request;
  • Administer your account with us;
  • Verify and carry out financial transactions in relation to payments you make online;
  • Audit the downloading of data from Our Site;
  • Improve the layout and/or content of the pages of Our Site and customise them for users;
  • Identify visitors to Our Site; and
  • Carry out research on our users' demographics and tracking of sales data.

Our Promotional Updates and Communications

Where permitted by one of the legal bases above, we will use your personal information for marketing analysis and to provide you with promotional update communications by email, SMS, WhatsApp, and letter about our products/services and those of carefully selected third parties.

We will not send you any marketing material unless you have given your consent. Once consent has been given, you can change your mind at any time by contacting us. The easiest way to do so is by selecting the unsubscribe option in the emails you receive.

If you link to a social media site and consent to receive marketing through that site, we will share your email address with that site to enable them to provide marketing messages.  

The social media sites that you can link to and with whom we may share your Personal Data are:

  • Facebook
  • Instagram
  • Hootsuite
  • Snapchat
  • Twitter
  • TikTok
  • Vimeo
  • Flickr

We are not responsible for how they process your Personal Data, but we do receive data from them (see below for more information). Please click on each link to see their Privacy Policies on how they will handle your data.

You can object to further marketing at any time either, at the point such information is collected on our site by contacting us at info@secretcinema.com

Opting out of Social Media Ads

We use online adverts to promote our events and services to social media users on Facebook, Instagram, Twitter, and Snapchat. We do not promote online adverts to children under the age of 18.  See the section below, which deals specifically with data of children.

If you prefer not to see our adverts on these social media platforms, you can withdraw the consent you have given. You can also opt-out by visiting the social media site and adjusting your ad preference.

Please note that if you also change your mind and wish to opt out of receiving marketing emails directly from Secret Group Ltd, you will need to use the unsubscribe link in the footer of our emails.


Children are not allowed to purchase tickets to any Secret Cinema events. In order to buy tickets, you must declare that you are aged 18 and above. We do this to ensure that we do not collect Personal Data of children and so that under-18s are not contacted with marketing messages, surveys and feedback requests.

For Secret Cinema events that are not age-restricted, the ticket buyer must be 18+ and it is the ticket buyer's responsibility to buy tickets for those under 18.

The ticket buyer is responsible for sharing all necessary ticket information with the under-18 ticket holder. To improve the under-18 ticket holder’s experience, the adult ticket holder can create their own account and interact with the show website, and therefore the personal data they enter will be processed by us, but if a user states their age is under 18 they will be blocked from creating an account.

Other than as set out here, Secret Group Ltd does not intentionally collect data from children or target under 18’s with marketing messages, and personal data of children should not be provided.


We use cookies (small text files which are transferred to your browser by our websites) to identify data traffic patterns, personalise contents and support security. The cookies we use are described in more detail in our cookie statement.

The cookies don’t provide any information directly disclosing the identity of a specific person, but they may potentially identify your computer, your browser, your internet settings, and you (in conjunction with other information available to us).

When you go onto one of our websites, you will see a Cookie Banner where you can accept or deny additional cookies we set.

You may change the storing of cookies in your browser settings at any time by selecting the function “accept no cookies”. However, disabling essential cookies may result in you no longer being able to use the entire functionality of our websites.

Google Analytics Cookies

Google Analytics, a web analytics service provided by Google, Inc. (“Google”) also places cookies on your computer, to enable Google to provide us with reports relating to activity on our websites.

Google uses this data only to provide us with information on how users use our websites and does not associate your IP address with any other data held by Google.

The information generated by Google cookies (including your IP address) will be transmitted to and stored by Google on servers in the United States.

You may refuse these cookies by selecting the appropriate settings on your browser or by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.

Customers and Account Holders / Investors

When you purchase tickets for one of our events, or if you are an Investor, you will be sent information to create an account for you to access more information about that event or the Investor Portal.

Additionally, if you have opted to create a single Secret Cinema account to manage all your Secret Cinema activities, we will collect all your past and future event information in that single account.

We collect the following personal data during this process:


Booking process and Investor portal (collected directly)

Data Collected

Phone Number
Postal Address
Email Address

Lawful basis
Necessary to comply with a contract to provide the services you have purchased

Data Uses
For the administration of your purchases and our events, as part of the user experience, and to contact you about your purchase (for example with details on your tickets and your attendance);
To create a personal account for so you can manage your account and your preferences securely;
To contact you with marketing messages which you have requested or agreed to receive from us (for example via a branded newsletter);
To contact you with surveys and feedback requests (for example relating to a show you attended).

Using our websites (collected automatically)

Data Collected
IP address
Date and time of visit
Pages accessed
Access status/HTTP status code
Operating System and Interface
Version of browser software

Lawful Basis
Necessary for our legitimate interests to operate our websites and provide you with access to the pages and functionality you wish to access

Data Uses
To analyse the way our customers use our websites in order to improve functionality and development.

Suppliers (collected indirectly)

Data Collected
Purchase History

Lawful Basis
Necessary to comply with a legal obligation, necessary for our legitimate interests in knowing more about our customers to grow our business

Data Uses

Show Guests

If you attend our shows and sign up to the show website we will collect the following data:

Website registration process (collected directly)

Data Collected
Postal Address
Email Address

Lawful basis

Necessary to comply with a contract to provide the services you have purchased

Data Uses
To contact you about your attendance (for example with your arrival time);
To enable you to securely manage your account you have created;
To contact you with future event marketing messages where you have consented to receive the same (for example with branded newsletters or an advertisement on Facebook);
To send you surveys or feedback requests (for example after you attended an event)

Website registration process (collected indirectly)

Data Collected
Attendance History

Lawful basis
Necessary for our legitimate interests to analyse our guests attendance history and to develop our future offerings

Data Uses
To improve our services, offerings and the guest user experience generally, and to provide marketing specific to the requirements of those guests who have given consent to receive marketing of future events (for example by analysing your attendance history).

Social Media Followers

If you follow one of our social media accounts and in doing so have given consent to receive targeted advertising, we receive the following personal data about you depending on each site:

Social Media (collected indirectly)

Data Collected
General Interests
Most active times
Top subtitles
Top CC languages
Traffic Source
Source URL
Source Breakdown

Lawful basis
Necessary for our legitimate interests in providing social media and marketing content that is of interest to our followers on social media

Data Uses
To provide bespoke social media content (for example by analysing your general interests);To create targeted advertising across all our social media channels (for example by analysing responses to posts and existing advertisements);To find out more about our digital community (for example by analysing the age ranges of our followers).

Website Visitors

If you visit one of our websites we will collect the following data:

Website visits (collected indirectly)

Data Collected
Site Referrals
Browsing Pattern
Browser Type
General Interests
IP Address
Date and time of visit
Pages accessed
Access status/HTTP status code
Operating System Interface
Version of browser software

Lawful basis
Necessary for our legitimate interests in operating our websites, providing you with access to the pages you wish to access, understanding the interests of our potential customers and providing you with relevant information about our services.

Data Uses
To provide you with bespoke and appropriate website content (for example by analysing our site visitors’ age ranges where this data is available);
To gain insight into your behaviour and preferences (for example by analysing the website pages you visit);
To create bespoke marketing messages where you have given consent for us to do so (for example by analysing the click- throughs on our Sites);
To re-target our website visitors with relevant marketing messages where you have given consent for us to do so (for example by using cookies hosted on our websites);
To collect aggregated site statistics.

For more information please see our Cookie Statement.

Recipients of personal data

We use third-party processors to collect, export, process, and store Personal Data on our behalf. If you would like to see a full list of the processors we use please contact us at support@secretcinema.org for further information. We will aim to respond in 5 working days.

We use third-party processors to collect, export, process, and store Personal Data on our behalf:

  • Ticket Sellers: Located in the US, Canada, and EEA
  • Payment Processors: Located in the US and EEA
  • CRM Tools: Located in the US
  • E-Commerce Tools: Located in Canada
  • Cloud Storage: Located in the US and the EEA
  • Social Media Platforms: Located in the US
  • Web Management Tools: Located in the US, EEA, and UK
  • Fulfilment Services: Located in the EEA

We may disclose your Personal Data to professional advisors, when requested by you, to law enforcement or government and regulatory agencies.

Data Sharing

Secret Group will not sell your information. We will not share your information with any third party except as stated in this Privacy Notice or as required to operate our websites, provide our services to you and administer your account or otherwise as required or permitted by law.  

International Data Transfers of Personal Data of EU Citizens

We use data processors located outside the European Economic Area only after taking such steps as are required to ensure that Personal Data they process on our behalf receives protection equivalent to that provided in the EEA, and/or under an agreement that includes the EU’s Standard Contractual Clauses with any additional necessary protections as may be determined appropriate.

EU Residents

For EU residents and those in the United Kingdom; Secret Group Limited is the Data Controller in respect of any Personal Data that you submit to us or that we collect from or about you. This means that the we are responsible for deciding how we hold and use personal data about you. This Privacy Policy provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) (GDPR).

We are a limited company registered in England and Wales (registered no. 05071764) with registered offices at 5 New Street Square, London, EC4A 3TW, United Kingdom.

California Residents

For California residents; “Do Not Track” (DNT) has been promoted by US regulatory authorities for the internet industry to develop and implement a mechanism that allows internet users to control the tracking of their online activities across websites.

Secret Group currently does not respond to DNT browser signals.

Data Security

We keep your Personal Data safe. We do this by maintaining technical and physical safeguards that are designed to protect the security and integrity of your Personal Data, and to guard it against accidental or unauthorised access, use, alteration or disclosure to anyone who shouldn’t have it.

These measures include device encryption, firewalls, and virus-checking procedures.

Where we keep Personal Data files on local devices these devices are only used by those with a specific purpose for having access to this information, and the devices are password protected and accessible only to authorised Secret Group employees.

We regularly review our security systems to ensure that your Personal Data remains safe and secure.

Duration of Storage

We will maintain records of your Personal Data for as long as:

You remain a registered account holder, subscriber to our mailing list, or a registered user of any of our websites;

You have completed a purchase with Secret Group in the last 36 months; or

It is necessary for us to provide our services to you.

If you have not opened any email communication from a Secret Group brand or interacted in any other way with our brands for 36 months, we will regard you as an inactive subscriber and delete your details from our records except where retention is necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees.

Your Rights

You have the right under certain circumstances

  • to be provided with a copy of your personal data held by us;
  • to request the rectification or erasure of your personal data held by us;
  • to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
  • to object to the further processing of your personal data, including the right to object to marketing (as mentioned in 'our promotional updates and communications' section);
  • to request that you're provided personal data be moved to a third party.

Your right to withdraw consent

  • Where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us at support@secretcinema.org.
  • You can also change your marketing preferences at any time as described in 'our promotional updates and communications' section;

You can exercise the Rights listed above at any time by contacting us at support@secretcinema.org

If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority, (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html ).

The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.  

The ICO’s address is:

Information Commissioner’s Office

Wycliffe House

Water Lane




Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk  

Account Deletion

If you want to delete your Secret Cinema account please email support@secretcinema.org with your name and email address and we will remove your account.

If you submit a data subject request to exercise one of your rights, we have one month to respond to you and in some circumstances, this can be extended by 2 months.

Please also contact us at if you wish to make a request about the personal data we hold about you. We may require you to provide identification to prove your identity before we deal with your request.

You can also complain to the ICO if you are unhappy with how we have used your data, although in the first instance, you should contact us and we will do our best to resolve your query.

Changes to our Privacy Notice

We will update this Privacy Policy from time to time to reflect changes in our business. All such changes will be posted to our websites, and if we consider it to be appropriate, we will notify subscribers of any material changes by email.

Contacting us

If you would like to know what information we hold about you or if you have any other queries or complaints in relation to this Privacy Notice, or our websites, our contact details are as follows: info@secretcinema.com