Privacy Policy

Privacy Policy:

Click here to see SMG Privacy Policy.

SMG Europe Group Privacy Policy

SMG takes your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on:

  • The personal information we collect about you;
  • What we do with your information; and
  • Who your information might be shared with.

This privacy notice explains how we use your personal data in order to improve our services to you, and what choices you have about how we use that data. This privacy notice has been written to comply with the new privacy laws, known as the ‘GDPR’ (General Data Protection Regulation).

When we refer to ‘we’ or ‘us’ or ‘SMG’ in this notice, we mean the venue operating entities of the SMG Europe Group, including SMG (UK) Limited and SMG Europe Holdings Limited, and their respective parent and subsidiary companies (“the Group”). The venues we operate, and their respective contact details are listed in the Appendix at the end of this policy

The information we gather

As a Group we may gather certain information about you when you register with us, purchase products or services from us, when you contact us, send us feedback, post material to our websites or social media channels, complete customer surveys or take part in promotions or competitions run by us. This information may also be shared with and/or used by certain other parties in connection with the event, such as our ticketing agents, social media agency, website hosting companies, security provider and event promoters, promoter ticket agents and affiliates. In addition, and provided you consent, your information may be shared with certain other parties for the purpose of marketing goods and/or services to you. These parties may include event promoters, resident orchestras (please see The Bridgewater Hall section in the Appendix for further information), venue sponsors, our social media agency, mailing houses and email server providers.

We will not sell any of your personal information to third parties, nor will we transfer your personal data outside of the European Union without your prior consent.

Information that we gather about you may include (without limitation) your name, contact details, date of birth, payment details, and accessibility and dietary requirements.

We may also obtain information about you from third parties, such as credit reference agencies, ticketing agencies, event promoters and Venue sponsors. Please be aware that our website and social media platforms contain links to third party websites and social media platforms. We are not responsible for the security or privacy policies of those third party sites and recommend that you review those parties’ privacy notices before sharing your personal data on those platforms.

Data retention

We will retain your personal data in accordance with your instructions and as required by applicable law. We may also retain certain information in order to conduct audits, comply with our legal obligations (and to demonstrate compliance) and to resolve disputes. However, we will not retain your personal data for longer than reasonably necessary.

Information about third parties

Information we process, as described in this notice, may also include information about third parties such as your spouse or children or employees, directors and other officers whose details you supply to us. If you give us information on behalf of someone else, you confirm that the other person has agreed that you can:

  • Give consent on his/ her behalf to the processing of his/ her personal data;
  • Receive on his / her behalf data protection notices; and
  • Give consent to the processing of his/ her potentially sensitive personal data (e.g. any health issues relating to accessibility or dietary requirements or dietary requirements).

Systems used to process data

We gather information directly from you and also via our website and other systems. These may include, for example:

  • Our computer networks and connections;
  • Our email and instant messaging systems;
  • Internet facilities;
  • Our telephones, voicemail, mobile phone records;
  • Third party systems including Eventim, Ticketmaster, Tessitura, Way Fresh and Exact Target.


When you use our websites we may gather information about you through Internet access logs, cookies and other technical means. ‘Cookies’ are text files placed on your computer to collect Internet log information and user behaviour information. These are used to track website usage and monitor website activity and for other data processing reasons set out below.

You will see a cookie notice when you access our websites. Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site will not work.

The majority of web browsers (including Firefox, Internet Explorer, Google Chrome, Opera and Safari) will allow you to block cookies from being installed on your device, or delete selected or all cookies currently installed on your device, via your browsing settings. Depending on your browser, further information can be obtained via the following websites: Firefox, Internet Explorer, Google Chrome, Opera or Safari. Mobile phone users may have to refer to their handset manual for details on how to block or delete cookies using their mobile browser. Please be aware that restricting the use of cookies may impact on the functionality of our website.

Reasons for processing

We process information about you for the following reasons:

  • providing services to you;
  • carrying out customer profiling and analysis of purchasing preferences;
  • marketing our business and service and those of our partners which we believe will be of interest to you;
  • operational reasons, such as recording transactions, training and quality control;
  • improving our services
  • providing customer service;
  • analysing customer feedback;
  • investigating complaints;
  • ensuring business policies are adhered to;
  • tracking activity on our website and social media channels;
  • to contact you in the event any products or services you requested are unavailable or to notify you in the event of any changes to an event;
  • to personalise and improve your experience on our website and social media channels;
  • to personalise any communications to you;
  • compliance with legal, regulatory and corporate governance obligations and good practice; and
  • gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests.

When you use our website and social media channels we may also collect certain information about you and your visit to help us to improve your experiences on those platforms. This may include:

  • your journey through our website and social media channels;
  • what content you like or share;
  • which pop up or push messages you saw and responded to;
  • your IP address; and
  • your browser type and operating system.

We may also collect personal information when you purchase a ticket for any of our events from our ticketing partner in order to assist us with event planning activities and to enable us to contact you with details of any changes to the scheduled event. We may keep a record of your name address, delivery details, email address, telephone number and bank details. In addition, we record CCTV images of you when you are at the venue or within its vicinity for your safety and security. CCTV images may be shared with the police for the purposes of crime prevention and detection.

Disclosures and exchange of information

We may disclose and exchange information with group companies, credit reference agencies, ticketing agencies, promoters, service providers, representatives and agents, as well as with law enforcement agencies and regulatory bodies for the above reasons.
Information may be held at our offices and those of our group companies, ticketing agents, promoters and third party credit reference agencies, service providers, representatives and agents as described above.
Some of the third parties with whom we share your data may be based outside the United Kingdom or European Union. If we do transfer your personal data outside the EU, we will take proper steps to ensure your personal data is transferred and held securely and in accordance with this privacy policy.


On occasion we may collect limited personal data relating to children under the age of 16, for instance the names of attendees or participants in Learning and Participation or other educational events at certain venues. If you are a parent or guardian of a child under the age of 16 and think that we may have information relating to that child, please contact us at the relevant venue, using the details provided in the Appendix to this document. We will ask you to prove your relationship to the child but if you do so you may (subject to applicable law) request access to and deletion of that child’s personal data.

Sensitive personal data

You may also supply us with sensitive personal data relating to your physical health which is gathered for the purposes of ensuring easy access to our venue (in the case of people with accessibility requirements) or compliance with food safety (in the case of strict dietary requirements).

Keeping your data secure

We have appropriate security measures in place to prevent your personal information being accidentally lost, or used or accessed in an unauthorised way. We also limit access to your personal information to those who have a genuine business need to know it. Some of the technical and organisational measures we use to safeguard your personal data are:

  • storing your personal data, in all forms, in a secure environment;
  • training our staff on the importance of data protection measures;
  • employing SSL (secure sockets layer) encryption on every domain owned by us – this allows us to encrypt any passwords and debit/ credit card information to prevent unauthorised access or disclosure;
  • securing our network by an advanced firewall supported by industry standard anti-virus software.

We also have policies and procedures in place to deal with any suspected data breach so that we can act quickly to minimise any potential damage.

Your rights

Under the GDPR you have a number of important rights. Those include:

  • Right to fair processing of information and transparency over how we use your personal information– we are required to inform you why we want to gather your personal information, what we will do with it, who it will be shared with and how long it will be kept for. That information is set out in this privacy notice, but if you require any further information please don’t hesitate to contact us.
  • Right to request a copy of your information– you can request a copy of your information which we hold (this is known as a ‘subject access request’). If you would like a copy of some or all of this information please contact us with proof of your identity and let us know what information you would like. We must provide this information to you in a commonly used and machine readable format.
  • Right to require us to correct any mistakes in your information– you can require us to correct any information which we hold. If you would like to do this, please contact us to let us know the information that is incorrect and what is should be replaced with.
  • Right to ask us to stop contacting you with direct marketing – you can ask us to stop contacting you for direct marketing purposes at any time. If you would like to do this, please contact us and let us know what method of contact (one or all) you are not happy with.
  • Right to restrict processing– you can ask us to suspend the processing of your personal data in certain circumstances, for example, if you have notified us there is a mistake in the information we hold about you, you may ask us to suspend processing until that mistake is rectified.
  • Right to erasure– otherwise known as ‘the right to be forgotten’ – you can ask us to delete or remove your personal data from our systems where there is no compelling reason for us to continue processing it.

If you want to exercise any of these rights, please write to us at the relevant venue, using the details provided in the Appendix to this document, and provide us with enough information to enable us to confirm your identity. We may also require proof of your identity, such as a copy of your driving license, passport and a recent utility bill or bank statement, to be sure that we are not releasing any of your personal data to anyone other than you.

Changes to this privacy notice

This privacy notice was first published on 30 April 2018 and last updated on that date.

Your privacy is important to us and we are constantly reviewing our policies and procedures to ensure we are meeting the high standards we set ourselves. As a result, we may amend this privacy notice from time to time, and we recommend that you check this page periodically to review any changes that may have been made.

How to contact us

If you have any questions or concerns about this privacy notice or the information we hold about you, please do not hesitate to contact the relevant venue, as detailed in the Appendix, or SMG Europe Group by one of the following methods:

  • By post: Privacy Enquiries, SMG Europe Holdings Limited, Manchester Arena, Hunts Bank Approach, Manchester, M3 1AR
  • By e mail: [email protected]
  • By phone: +44 (0)161 950 5114

If you would like this notice in another format (for example, audio, large print, braille) please contact us using any of the methods above.

If you have a complaint, we hope that we can resolve any issues you have by contacting us via one of the methods above. However, you also have the right to lodge a complaint with the Information Commissioners Office who may be contacted at or via the helpline: 0303 123 1113.


The following is a list of the venues currently operated by the SMG Europe Group. If you have any questions or concerns about the information one of our venues may hold about you, please do not hesitate to contact them using any of the methods also listed below.

Venues operated by SMG Europe Holdings Limited (registered number: 5558259):

The Aberdeen Exhibition & Conference Centre

How to contact Aberdeen Exhibition & Conference Centre:
By post: AECC, Bridge of Don, Aberdeen, Scotland, AB23 8BL
By e mail: [email protected]
By phone: 01224 824824

Bonus Arena

How to contact Hull Venue
By post: Hull Venue, Waterhouse Lane, Hull, East Yorkshire, HU1 2QA
By e mail: [email protected]
By phone: 01724 290 641

Bridgewater Hall

The Bridgewater Hall has three resident orchestras: the Hallé, the BBC Philharmonic and Manchester Camerata. We sell tickets on behalf of our Resident Orchestras, and we share our customer relationship database with them. If you buy a ticket from us for a Resident Orchestra’s performance at The Bridgewater Hall, your name, contact details and record of the tickets you have bought will be visible to that orchestra. The orchestra will use your data for customer service and analysis. Provided you consent, the Resident Orchestra may additionally contact you for marketing purposes.

How to contact The Bridgewater Hall:
By post: The Bridgewater Hall, Lower Mosley Street, Manchester, M2 3WS
By e mail: [email protected]
By phone: 0161 950 0000

The Whitley Bay Playhouse

How to contact The Whitley Bay Playhouse:
By post: PLAYHOUSE Whitley Bay, Marine Avenue, Whitley Bay, Tyne and Wear, NE26 1LZ
By e mail: [email protected]
By phone: 0191 643 2643
Venues operated by SMG (UK) Limited (registered number 821116):

Manchester Arena

How to contact Manchester Arena:
By post: Enquiries, Manchester Arena, Victoria Station, Manchester, M3 1AR
By e mail: [email protected]
By phone: 0161 950 5000

Utilita Arena

How to contact Utilita Arena:
By post: Utilita Arena, Arena Way, Newcastle. NE4 7NA
By e mail: [email protected]
By phone: 0191 260 5000

first direct arena

How to contact first direct arena:
By post: first direct arena, Arena Way, Leeds, LS2 8BY
By e mail: [email protected]
By phone: 0113 3863600

The Baths Hall

How to contact The Baths Hall:
By post: The Baths Hall, Doncaster Road, Scunthorpe, North Lincolnshire, DN15 7RG
By e mail: [email protected]
By phone: 01724 290640

The Plowright Theatre

How to contact The Plowright Theatre:
By post: The Plowright Theatre, Laneham Street, Scunthorpe, North Lincolnshire, DN15 6JP
By e mail: [email protected]
By phone: 01724 290640

The York Barbican

How to contact The York Barbican:
By post: York Barbican, Paragon St, York, North Yorkshire, YO10 4AH
By e mail: [email protected]
By phone: 0844 8542757


Click here to see APCOA's Privacy Policy.

APCOA Parking UK and Ireland 


APCOA Parking (UK) Limited is the main operating company of the UK and Ireland APCOA Parking group of companies. In addition to APCOA Parking (UK) Limited, these companies are APCOA Parking Holdings (UK) Limited, APCOA Parking Services (UK) Limited, APCOA Facilities Management (UK) Limited, APCOA Facilities Management (Harrow) Limited and APCOA Parking Ireland Limited. This policy applies to each of these companies. Therefore ‘APCOA’ and ‘we’ are used throughout to refer to all the companies in the Group and each to each one of those companies as it applies to that company.

APCOA takes its obligations with regard to your personal information seriously and is committed to ensuring your personal data is protected.  This privacy notice describes how APCOA, in its various roles as both a Controller and Processor, collects, uses and protects your information. APCOA is registered with the Information Commissioner’s Office (ICO).

How we collect your information

The information we hold about you comes from the way you engage with us such as through your participation and contribution in APCOA related activities, taking part in customer research and surveys or product trials. We also collect your personal data if you enquire about our services through our websites, when purchasing, registering or subscribing to an APCOA service or product, or become one of our business partners.  We may collect information about you through our website, via email, the post, over the phone or from discussions with you or from information received from you relating to car park bookings, Parking Charge Notice (PCN) payments, a season ticket, parking permits our provision of a Car Park Management Services or other services to our clients or when applying for an APCOA advertised vacancy.  

We may also collect details of your visits to our website, including traffic data, location data, weblogs and other communication data and the resources that you access. type of information we hold

The information we hold may include name, address, contact telephone numbers, email addresses, business name, twitter, Facebook and LinkedIn account, vehicle registration mark (VRM), ANPR and CCTV related images of your vehicle, credit card details, bank details and transaction history.  In some cases we may also hold special category data (sensitive data).

How we use your information

We lawfully process your information to fulfil the contract we have with you (for example of your car space booking or use), to allow you to benefit from offers we have available, as a business partner, or as a potential employee, and to enforce non-compliance of our car parking Terms & Conditions.  We use your information in the following ways:

  • To provide you with the information or service you have requested.
  • To process your payments
  • To process a job application
  • To process car parking permits
  • To process a PCN
  • To create an account
  • Where you have not opted-out, we will use your information for the legitimate business interest of sending you information about other APCOA products and services, but we will always offer you the right to opt-out of future communications

Who we will share your information with       

We will not sell or share personal information about you with third parties without your consent unless the law allows us to.  We are required by law, to pass on some of your personal data to:

  • The DVLA to request details of the registered keeper of the vehicle in order to enforce non-compliance of our car parking Terms & Conditions
  • Third parties such as, POPLA (at your request), and Debt Collection Agencies, Baliffs and Courts in relation to unpaid Penalty Charge Notices.
  • Our service providers who manage some of our Marketing, Car park bookings, the processing of our Penalty Charge Notices, Web services and Group Procurement scheme
  • Business partners where we need to exchange the information to fulfil a parking contract arranged through them or through APCOA
  • Law Enforcement Agencies in circumstances where we have reason to think a criminal act may have been committed

 Our third party providers are bound by UK privacy law and the terms of the contracts we have with them.


Use of cookies and other tracking technologies

Cookies are small text files placed on your computer by websites you visit. They are used to make websites work, or work better and can be used to provide information to the owners of the site. The table below lists the cookies we use on our sites. Not all cookies are used on all sites. 




 Cookie   preference


 This cookie is used to remember a user’s choice about   cookies on the website. Where users have previously   indicated a preference, that user’s preference will be   stored in this cookie. This preference expires after 1   month.

 GDPR notice


 This cookie is used to remember whether a user     has been shown a GDPR information message on the   website. Where users have previously accepted the   notice, that user’s preference will be stored in this   cookie. This preference expires after 1 month.

 Universal   Analytics   (Google)

 _ga *
 _gali *
 _gat *
 _gid *

 These cookies are used to collect information about   how visitors use the website. We use the information to   help improve the website. The cookies collect   information in an anonymous form, this may include   the number of visitors, where visitors have come from   and the pages they visited.

 Facebook   Pixel

 This Cookie is placed by Facebook. It enables   measurement and optimization of audiences for   advertising campaigns served on Facebook ensuring   that advertising is seen by the users most likely to be   interested in such advertising. 

 User session   cookie         


 This cookie is used to maintain an anonymized user   session by the web server and to allow storage of user   data relevant to that session.

 Security   verification   token


 This cookie is used where file uploads to the website   are permitted or required. It is used to verify the   upload source for security reasons.

 Temporary   message   handling   (failure)


 This cookie is used to allow communication of   temporary messages to the user, for example login   status. This cookie expires after 30 minutes.

 Temporary   message   handling   (confirmation)


 This cookie is used to allow communication of   temporary messages to the user, for example login   status. This cookie expires after 30 minutes.

 Language   preference


 This cookie is used to store the user’s language   preference and allow this to be reused without a choice   having to be made for each visit to the website.

 User group   access code


 This cookie is used to store a user supplied string of   text which may be used to display specific   offers/discounts to that user in certain circumstances.

How do I change my cookie settings?

Most web browsers allow some control of cookies through the browser settings. To find out more about cookies and how to see what cookies have been set visit or

Find out how to manage cookies on popular browsers:

Google Chrome

Mozilla Firefox

Microsoft Internet Explorer 

Apple Safari

APCOA Parking UK and Ireland 

Camera Monitoring Privacy Notice


APCOA currently uses CCTV cameras and other camera related surveillance systems such as ANPR and body worn cameras to view and record individuals or vehicles on and around our premises and the areas we have agreed to manage for our clients.  In this Notice we will refer to the CCTV, ANPR and other camera related surveillance systems collectively as ‘Camera Monitoring’ This Notice outlines why we use Camera Monitoring, how we will use that data and how we will process data recorded by such devices to ensure we are compliant with data protection law and best practice.  This Notice also explains how to make a subject access request in respect of personal data created by Camera Monitoring.

Reasons for the use of Camera Monitoring

We currently use Camera Monitoring in and around our premises and the areas we have agreed to manage for our clients as outlined below.  We believe that such use is necessary for legitimate business purposes, including:

  • to prevent crime and protect buildings and assets from damage, disruption, vandalism and other malicious acts
  • for the personal safety of staff, visitors and other members of the public and to act as a deterrent against crime including fraud;
  • to support law enforcement  bodies in the prevention, detection and prosecution of crime;
  • to assist in ensuring the health and safety of staff and others

This list is not exhaustive and other purposes may be or may become relevant. 


Images are only viewed by authorised personnel. All staff using Camera Monitoring are given appropriate training to ensure they understand and observe the legal requirements related to the processing of the data that has been collected.

How we use data gathered by Camera Related Surveillance Systems

In order to ensure that the rights of individuals recorded by our Camera Monitoring are protected, we will ensure that data gathered is stored in a way that maintains its integrity and security.

Given the large amount of data generated by Camera Monitoring, we may store video footage using a cloud computing system.  We will take all reasonable steps to ensure that any cloud service provider maintain the security of our information, in accordance with industry standards.

Where we engage data processors to process data on our behalf, we ensure reasonable contractual safeguards are in place to protect the security and integrity of the data.

Disclosure of Data Gathered by Camera Monitoring

We may share data with our group companies and other associated companies or organisations, for example, our clients and/or shared services partners where we consider that this reasonably necessary for any other the legitimate purposes set out above.

No images from our Camera Monitoring will be disclosed to any other third party, without express permission being given by our DPO.  Data will not normally be released unless satisfactory evidence that it is required for legal proceedings or under a court order has been produced.  In other appropriate circumstances, we may allow law enforcement agencies to view copy or remove the data where this is required in the detection or prosecution of crime.

We will maintain a record of all disclosures of such data.  No images from our Camera Monitoring will ever be posted online or disclosed to the media.

APCOA Parking UK and Ireland 

Privacy Notice – General Information

Certain information applies to both sections of the Privacy Notice and these matters are dealt with here.

Retention and Storage of your information

We will retain your personal information in accordance with legal and regulatory requirements.  We will only retain your information while we are actively engaged with you.  Where we have had no interaction with for a period of 6 years, will delete your data.  We will also delete personal information after a period of 6 years for related contracts that have been inactive.

In respect of job applications, a successful candidate will be given information about retention periods once appointed; unsuccessful applicants will be given the option to allow their information to retained should similar opportunities arise in the following 12 months and if not it will be deleted 6 months after the end of the relevant recruitment process. 

Data from Camera Monitoring will not be retained indefinitely but will be permanently deleted once there is no reason to retain the recorded information.   Exactly how long images will be retained for will vary according to the purpose for which they are being recorded.  For example, where images are being recorded for crime prevention purposes, data will be kept long enough only for incidents to come to light.  Where the images are being used to regulate and enforce parking conditions, the images will be retained until any parking charge has been settled. In all other cases, recorded images will be kept for no longer than 30 days.  The Site Manager or designated senior employee will maintain a log of when data is deleted.

At the end of their useful life and in accordance with our retention policy, all images stored in whatever format will be erased permanently and securely.  Any physical matter such as tapes or discs will be disposed of as confidential waste.  Any still photographs and hard copy prints will be disposed of as confidential waste.

Your personal information will be stored on systems owned or operated by APCOA or those of our specific suppliers and will only be stored inside the European Economic Area (EEA), or a country approved by the EU. You should be aware, however, that where payments are made using credit or debit card transactions, those payments are governed by the terms of your agreement with your card issuer.

Within APCOA, your information will be stored on our secured systems in accordance with APCOA’s Information Security Policy.

Your Rights

You have the right to:

  • object to processing of personal data that is likely to cause you, or is causing you, damage or distress;
  • have inaccurate personal data about you rectified.
  • request your information be deleted or destroyed and if we can we will, but sometimes we must maintain some records for legal reasons.

If you are not happy how we are using your information or how we have responded to your request, you have the right to complain to the Information Commissioner’s Office at Or in Ireland you should contact the Information Data Protection Commissioner at

Requests to prevent processing

We recognise that, in rare circumstances, individuals may have a legal right to prevent processing likely to cause substantial and unwarranted damage.  For further information regarding this, please contact the Data Protection Officer at [email protected]

If you are not happy how we are using your information or how we have responded to your request, you have the right to complain to the Information Commissioner’s Office at Or in Ireland you should contact the Information Data Protection Commissioner at

How we will tell you about future changes to this privacy notice

Any changes we make to our privacy notice will be put on our website.  Please check for updates from time to time so you are always fully aware of what information is collected and how it is used.

How you can access your information

You have the right to request access the information we hold about you.  To make a request for your personal information, please contact the Data Protection Officer at [email protected] . 

In respect of Camera Monitoring data, please note that we reserve the right to obscure images or mute sounds of third parties when disclosing such data as part of a subject access request, where we consider it necessary to do so to protect the rights of others.

How to contact us

If you have any questions or concerns about our use of your personal information, please contact the Data Protection Officer at [email protected]