Data Processing Agreement

Effective Date: 28/03/2026
Last Updated: 28/03/2026

​

1. Parties

This Data Processing Agreement (“DPA”) forms part of the Terms between:

• SHOWE Ltd (“SHOWE”)

• The Venue / Producer / Organisation using the platform (“Venue”)

 

2. Purpose

This DPA governs the processing of personal data in connection with the Venue’s use of the SHOWE platform.

 

3. Roles of the Parties

3.1 SHOWE acts as a Data Controller in relation to personal data collected through the platform, including user interaction data, engagement data, and platform usage data.

3.2 The Venue acts as an independent Data Controller in relation to any personal data it receives and processes for its own purposes.

3.3 The parties are not joint controllers unless explicitly agreed in writing.

3.4 SHOWE does not process personal data on behalf of the Venue as a data processor, except where explicitly agreed in writing.

 

4. Nature of Data Processed

SHOWE may process the following categories of personal data:

• account and contact information

• device and technical data

• usage and interaction data

• behavioural engagement data (e.g. responses to polls, reactions, and event interactions)

 

5. Purpose of Processing

Personal data is processed for:

• delivery of digital programmes

• enabling user interaction and engagement

• platform functionality and improvement

• analytics and aggregated reporting

• security and fraud prevention

 

6. Data Sharing with Venues

6.1 SHOWE may share aggregated and anonymised data with Venues, including:

• engagement metrics

• interaction rates

• usage trends

6.2 SHOWE will not share personally identifiable user data with Venues unless:

• the user has given explicit consent, or

• it is required to deliver a specific service requested by the user

 

7. Venue Responsibilities

The Venue agrees:

• to process any personal data received in compliance with applicable data protection laws

• not to attempt to re-identify anonymised data

• not to use data for unsolicited marketing without user consent

• to implement appropriate security measures

 

8. Subprocessors

SHOWE may use third-party service providers to process personal data, including:

• cloud hosting providers

• analytics services

• payment processors

SHOWE ensures such providers implement appropriate safeguards.

 

9. Data Security

SHOWE implements appropriate technical and organisational measures to protect personal data, including:

• access controls

• encryption where appropriate

• secure infrastructure

 

10. Data Retention

SHOWE retains personal data only as long as necessary for:

• platform operation

• legal and regulatory requirements

• legitimate business purposes

 

11. Data Subject Rights

SHOWE is responsible for responding to user data requests relating to data it controls.

Where requests relate to Venue-held data, the Venue is responsible for responding.

 

12. International Transfers

Where personal data is transferred outside the UK, SHOWE ensures appropriate safeguards are in place, including standard contractual clauses where required.

 

13. Liability

Each party is responsible for its own compliance with data protection laws.

 

14. Changes to this DPA

SHOWE may update this DPA from time to time. Continued use of the platform constitutes acceptance of the updated terms.