Privacy Policy

Minaret Tech Ltd

Last Updated: February 2026

1. Introduction

Minaret Tech Ltd ("we", "us", "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Minaret mobile application ("the App") and our services.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are the data controller for the purposes of data protection law.

Company Details:

● Company Name: Minaret Tech Ltd

● Company Number: 16809626

● Registered Address: Flat 21 Howard House, Barrington Road, London, England, SW9 7JY

● Website: www.minaret-app.com

● Contact Email: contact.minaret.app@gmail.com

2. Information We Collect

We collect and process the following categories of personal data:

2.1 Information You Provide Directly

● Account Information: Name, email address, phone number, and password when you create an account

● Profile Information: Any additional information you choose to add to your profile

● Payment Information: Payment card details and billing information when purchasing tickets (processed securely by our payment processor, Mollie)

● Ticket Purchases: Details of events you book, tickets ordered, number of tickets, and transaction amounts

● Communications: Messages, feedback, or correspondence you send to us

2.2 Information Collected Automatically

● Location Data: We use Apple Share My Location to collect your real-time location when you use the App. This enables us to show you events happening near you. You can control location permissions through your device settings

● Device Information: Device type, operating system, unique device identifiers, and mobile network information

● Usage Data: How you interact with the App, including pages viewed, features used, search queries, and browsing behaviour

● Technical Logs: IP addresses, access times, browser type, and referring URLs

2.3 Information from Third Parties

● Payment Processor: Transaction confirmation and payment status from Mollie

● Database Provider: We use Supabase to store and manage your data securely

3. How We Use Your Information

We process your personal data for the following purposes, based on the legal grounds specified:

3.1 To Provide Our Services (Contractual Necessity)

● Create and manage your account

● Process ticket purchases and payments

● Facilitate event discovery based on your location

● Share relevant booking information with event organisers (name, order details, date and time of purchase, ticket type, total amount paid, number of tickets, and order ID)

● Provide customer support and respond to your enquiries

3.2 For Marketing and Communications (Consent)

● Send you email notifications about events, promotions, and service updates (you can opt out during sign-up or at any time in your notification settings)

● Send push notifications about relevant events and updates (you can manage these in your device settings)

3.3 For Business Operations (Legitimate Interests)

● Improve and optimise the App's functionality and user experience

● Analyse usage patterns and trends

● Prevent fraud, abuse, and unauthorised access

● Monitor and maintain the security of our systems

3.4 For Legal Compliance (Legal Obligation)

● Maintain transaction records for tax purposes and HMRC compliance

● Comply with legal obligations and respond to lawful requests from authorities

● Enforce our terms and conditions and protect our legal rights

4. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal or similarly significant effects. We do not employ algorithms to make decisions about you without human involvement.

5. How We Share Your Information

We share your personal data only in the following circumstances:

5.1 With Event Organisers

When you purchase a ticket through the App, we share the following information with the relevant event organiser: your name, order date and time, ticket details, total amount paid, number of tickets purchased, and order ID number. This is necessary to fulfil your ticket purchase and enable the organiser to manage event attendance.

5.2 With Service Providers

● Mollie: Our payment processor handles secure payment transactions

● Supabase: Our database provider stores and manages your data

● Other Third-Party Services: Analytics providers, hosting services, and other essential platform infrastructure providers

All service providers are contractually obligated to process your data only on our instructions and to maintain appropriate security measures.

5.3 For Legal Reasons

We may disclose your information if required by law, court order, or governmental regulation, or if necessary to protect our rights, property, safety, or that of our users or the public.

5.4 Business Transfers

In the event of a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections.

6. International Data Transfers

Your personal data is primarily stored in the United Kingdom. Where our service providers (such as Supabase or Mollie) may transfer data outside the UK or European Economic Area (EEA), we ensure that:

● The transfer is to a country recognised as providing adequate data protection, or

● Appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO)

You may request further information about the safeguards we use for international transfers by contacting us at contact.minaret.app@gmail.com.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy and to comply with our legal obligations:

7.1 Account Data

● Active Accounts: We retain your account information for as long as your account remains active

● Inactive Accounts (Adults 18+): If your account remains inactive, we will delete your data within 6 years of account creation

● Inactive Accounts (Minors 13-17): For users aged 13-17, we will delete data within 1 year of account inactivity to provide enhanced protection for minors

7.2 Marketing Data

● If you do not interact with our marketing notifications within 24 months, we will remove you from our marketing list and delete your marketing preferences data

7.3 Transaction Data

● We retain transaction records (purchase history, payment details, invoices) for 6 years to comply with UK tax laws and HMRC record-keeping requirements

7.4 Technical Logs

● IP addresses and technical logs are retained for 90 days for security and troubleshooting purposes

7.5 Deletion Requests

If you request deletion of your data, we will process your request and delete your personal data within 1 month of receiving your request, except where we are legally required to retain certain information (such as transaction records for tax purposes).

8. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights:

8.1 Right of Access

You have the right to request a copy of the personal data we hold about you. This is commonly known as a "subject access request."

8.2 Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

8.3 Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected or if you withdraw consent. Please note that we may be required to retain certain data for legal compliance (e.g., transaction records for tax purposes).

8.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest its accuracy or object to processing.

8.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.

8.6 Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interests as our legal basis. You also have an absolute right to object to processing for direct marketing purposes.

8.7 Right to Withdraw Consent

Where we process your data based on consent (e.g., marketing communications), you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

8.8 How to Exercise Your Rights

To exercise any of these rights, please contact us at contact.minaret.app@gmail.com. We will respond to your request within one month. In complex cases, we may extend this period by a further two months, and we will notify you if this is necessary.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your personal data appropriately. Visit www.ico.org.uk for more information.

9. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

● Encryption of data in transit and at rest

● Secure authentication and access controls

● Regular security assessments and monitoring

● Secure payment processing through PCI DSS-compliant payment processors

● Restricted access to personal data on a need-to-know basis

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the ICO within 72 hours as required by UK GDPR.

10. Children's Privacy and Age Restrictions

10.1 Minimum Age Requirement

The App is available to users aged 13 years and older. Users under the age of 13 are not permitted to create an account or use our services. By creating an account, you confirm that you are at least 13 years old.

10.2 Protection for Minor Users (Ages 13-17)

We take additional steps to protect the privacy of users aged 13-17:

● Enhanced data retention limits: Data for inactive accounts belonging to minors is deleted within 1 year of inactivity, compared to 6 years for adult users

● Age-appropriate content and communications

● Priority handling of data deletion requests from minors or their parents/guardians

10.3 Age-Restricted Events and Venues

IMPORTANT NOTICE: Minor users aged 13-17 may purchase tickets through the App; however, they cannot attend events or enter venues that have age restrictions (such as 18+ or 21+ events).

Minaret Tech Ltd is not responsible or liable if a minor user is refused entry to an age-restricted event or venue. The responsibility for checking age restrictions before purchasing tickets rests solely with the user or their parent/guardian.

Refunds and Chargebacks: We will not process refunds or accept chargebacks for tickets purchased by minor users to age-restricted events where entry is refused due to age. By purchasing tickets through the App, you acknowledge and accept this policy.

Parents and guardians are strongly encouraged to supervise their children's use of the App and review event age restrictions before allowing ticket purchases.

11. Cookies and Tracking Technologies

We use the following tracking technologies:

11.1 Location Services

We use Apple Share My Location to access your device's location when you use the App. This enables us to show you events happening near you. You can control location permissions through your device settings at any time. Disabling location services may limit certain features of the App, such as discovering nearby events.

11.2 Analytics and Performance

We may use analytics tools to collect information about how you use the App. This helps us improve functionality and user experience. These tools may use cookies or similar technologies.

11.3 Managing Your Preferences

You can manage location services and other device permissions through your device settings. For more information on how to control these settings, please refer to your device manufacturer's instructions.

12. Third-Party Links and Services

The App may contain links to third-party websites, services, or event organisers' platforms. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make material changes, we will:

● Update the "Last Updated" date at the top of this policy

● Notify you via email or through a prominent notice in the App

● Where required by law, seek your consent for significant changes

Your continued use of the App after changes become effective constitutes your acceptance of the revised Privacy Policy. We encourage you to review this policy periodically.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

● Email: contact.minaret.app@gmail.com

● Website: www.minaret-app.com

● Postal Address: Minaret Tech Ltd, Flat 21 Howard House, Barrington Road, London, England, SW9 7JY

We aim to respond to all enquiries within one month.

15. Right to Complain to the ICO

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

● Website: www.ico.org.uk

● Helpline: 0303 123 1113

● Postal Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would appreciate the opportunity to address your concerns before you contact the ICO, so please contact us first if possible.

16. Acceptance of This Policy

By creating an account and using the Minaret App, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please do not use our services.

***

Thank you for trusting Minaret with your personal information.