Privacy Policy – Tomorrowland Academy
Updated: December 12, 2025
Table of contents
1. Scope
2. Why we process your personal data
2.1. Secure Access
2.2. Security screening
3. How do we obtain your personal data
4. How long do we keep your personal data
5. How we share your personal data with others
6. How we protect your personal data
7. Your choices and rights
This privacy policy applies to the processing of your personal data by WEAREONE.world BV a private limited company incorporated under Belgian law, having its registered office at Kattendijkdok-Westkaai 12.001, 2000 Antwerp, Belgium, and registered with the crossroads bank for enterprises under company number 0867.239.782and/or its affiliated companies within the meaning of Article 1:20 of theBelgian Code on Companies and Associations, including its acquirers and legal successors (hereinafter referred to as “we”, “us”, “our”)
Tomorrowland Academy organises and operates a DJ and producer academy that combines an online learning platform with offline activities and traineeships. This includes, among other things, an online academy, as well as bootcamps and other in-person activities for different age groups, and competitions or talent programmes that are organised solely by us or together with partners.
We process your personal data only for limited, specific and legitimate purposes. Each time we use your data, we do so on the basis of one or more legal grounds under the General Data Protection Regulation(GDPR. We don’t intentionally ask you for sensitive information such as data about your health, ethnicity or religious beliefs, unless this is clearly necessary for a specific purpose. A typical example is a bootcamp where we need to know about allergies in order to take care of you safely. We kindly ask you not to include such information if it is not requested or relevant.
Our services are open to both adults and minors. In some cases, we can only process your personal data if your parent or legal guardian has given consent or concluded the contract on your behalf.Where this is required by law, we will ask for that consent and may take reasonable steps to verify that it has been given.
When you create and use an account on theTomorrowland Academy, online academy platform, we process your personal data so that you can use the service. This means we use your identification and contactdetails, such as your name, your e-mail address and your country, to register you as a user and to communicate with you. We use your account details, such as your username, your password in encrypted form, your subscription type and your chosen plan, to manage your access. We process these data because this is necessary to perform the contract you enter into with us when you create an account or purchase access to our content.
When you register for a bootcamp or another in-person activity, we process your personal data to be able to organise that activity and to make sure that your participation is arranged safely and correctly. During registration, which may take place via a ticketing and registration partners such as Paylogic, you are asked to provide your identification and contact details, for example your name, your e-mail address and your telephone number. You are also asked to provide information about your age or date of birth so that we can place you in the correct age group.We may also ask you for practical information, for example which camp you want to attend, and for an emergency contact person whom we can reach if something goes wrong.
During the bootcamp, we may also record that you attended, which group you were assigned to and which activities you participated in. We may create photos and videos of the camp to capture impressions of the event, and we may use those images within the frame work described in our terms and any consent forms.
We process your data in this context because it is necessary to perform the contract with you or, if you are a minor, with your parent or legal guardian who registered you. When we use non-intrusive group images or similar material to document and promote our bootcamps in a way that participants can reasonably expect, we do this on the basis of our legitimate interests in promoting and improving our activities.
When you take part in a competition, such as a monthly DJ contest or a mixtape or producing competition that we organise, we process your personal data to register and manage your participation and to run the competition. When you enter, you typically provide your name, your contactdetails, your age or date of birth, your DJ or artist name and the material that forms your entry, for example a mix, a track, a video or a link to those files. You may also send us a motivation video, a short biography or links to your public profiles or pages. We store these files and links on our own systems or on the systems of processors working on our behalf.
We process your data in this context because this is necessary to perform the contract that arises when you accept the competition rules and submit an entry. To a certain extent, we also use your personal data to make public the competition, to announce winners and to show selected entries to the public. When we do so in a way that you can reasonably expect as part of a music or DJ competition, we rely on our legitimate interests in promoting the competition, building the Tomorrowland Academy community and showcasing talent. If we want to use your name, image or other personal data for promotional purposes that go beyond these reasonable expectations, we will ask for your consent and only proceed if you give it.
When you subscribe to our newsletters, register your interest through a social media campaign or indicate during a purchase or registration that you would like to receive information from TomorrowlandAcademy, we process your personal data to send you marketing communications. In this context, we use your name, your e-mail address and information about your relationship with us, such as whether you are an active online academy member, a bootcamp participant, a competition entrant or someone who has only subscribed to our newsletter.
We maintain these data in a marketing and communications database, for example on a platform which helps us to organise and segment our audience. This database typically contains a combination of paying online academy members and a larger group of other interested people, such as users who have participated in bootcamps or contests or who have signed up via our website or social channels. We use this information to inform you about new courses, bootcamps, competitions, events and other offers that could be interesting for you, and to adjust the content of our messages so that they align better with your profile and preferences.
If you are not yet a customer, we only send you marketing communications when you have given us your consent to do so, for example when you actively subscribe to a newsletter. In that case, we process your data on the basis of your consent. If you are an existing paying customer, we may use your e-mail address to send you information about similar services that we reasonably believe could interest you, based on our legitimate interests. You can always tell us that you no longer wish to receive these messages, and we will respect that choice. Whenever you withdraw your consent or object to receiving marketing communications, we will stop using your data for those purposes.
When you contact us, for example by sending us an e-mail or by filling in a contact form, we use the personal data you provide, together with the content of your message, to answer your question, handle your request and maintain our relationship with you. If you take part in livestreams, online Q&A sessions, webinars or similar formats that we host we process the information that is necessary to register you and give you access to the session. This includes your name, your e-mail address and any user account details linked to the platform we use.
We process your data here because we have a legitimate interest in communicating effectively with you and in running a safe and engaging learning community. When the livestream or Q&A session forms part of the services you have purchased, the processing is also necessary toper form our contract with you. When we want to use recordings or contributions for a separate promotional purpose that goes beyond what you can reasonably expect from participation alone, we rely on your consent.
When you buy a membership, a masterclass or another paid service from the online academy, we process your personal data in order to complete your purchase and manage your subscription. To do this, we use identification and contact details, such as your name, your e-mail address, your billing address and your country, so that we know who you are, where to send confirmations and which legal and tax rules apply. We also receive and use payment-related information from our payment and billing service providers, for example transaction identifiers, your chosen payment method and the status of your payment.
We process these data because they are necessary to perform the contract you have with us when you pay for a service.We must also keep certain information for accounting, tax and audit purposes in order to comply with legal obligations. In some cases, we use your data to prevent fraud or abuse of promotions and to handle chargebacks or disputes, which we do on the basis of our legitimate interests in protecting our business and our users.
When you visit our websites or use the online academy platform, we automatically collect certain technical information about your device and how you use the site by means of cookies, pixels and similar technologies. This may include your IP address, the type of browser and device you are using, the operating system, which pages you visit, how long you stay on them and the date and time of your visit. We use this information to make sure the site works properly, to keep it secure, to understand how visitors use our pages and where we can improve the content, the navigation and the performance of the site. In some cases, we also use cookies to remember your preferences or, where the law allows this and you have given your consent, to show you content and offers that are more relevant to you.
For cookies and similar technologies that are strictly necessary to run the site and provide core functionality, we rely on our legitimate interest in offering you a secure and user-friendly service. For other types of cookies, such as certain analytics, advertising or social media cookies that are not strictly necessary, we only use them if the law allows us to do so and, where required, after you have given your consent through the cookie banner or settings.
We obtain your personal data in several ways, depending on how you interact with Tomorrowland Academy and which services you use. In most cases, you provide your personal data directly to us. Sometimes your data are provided by someone else, such as a parent or legal guardian, a partner organisation or a service provider acting on our behalf. In some situations, we also collect data automatically when you use our websites or platforms or when you interact with our communications.
In limited cases, we obtain information about you from publicly available sources. This may happen, for example, when you provide us with a link to your public artist or DJ profile, to a social mediapage or to a platform where your music is hosted. We don’t knowingly collect personal data directly from children under the age that the law considers appropriate for online consent, which is generally thirteen years of age, without involving a parent or legal guardian.
We keep your personal data only for as long as we need it to achieve the purposes for which we collected it, or for as long as we are required to keep it by law. Once we no longer need your data, or once a legal retention period has expired, we either delete it or anonymise it so that it can no longer be linked to you. When we decide how long to keep your data, we look at the specific context in which we collected it, the type of data involved, the impact that keeping or deleting it may have on you, and the legal or regulatory obligations that apply to us, such as accounting, tax and limitation periods for legal claims.
In some situations, we may need to keep certain personal data for longer than we would normally do, for example because there is an ongoing dispute, investigation or legal procedure, or because we receive an order from a court or a public authority requiring us to retain the data. In such cases, we will keep the data only for as long as we are required to do so and we will limit access to those who strictly need it.
We only share your personal data when necessary for the purposes in this privacy policy, when required by law, or with your consent. When we do, we apply appropriate safeguards so your data stays protected and is used lawfully. Your data may be shared within the WEAREONE group, but only with employees or departments who need it to do their work (for example payments, IT services, and marketing communications). Anyone with access is bound by confidentiality obligations.
We may also share your data with service providers acting on our behalf (e.g.,website/platform hosting and maintenance, email/newsletters,livestreams/webinars, and analytics).For joint competitions, campaigns, or events with partners, we may share data as needed to run the activity, assess entries, select and announce winners, and provide prizes or follow-up opportunities. We may share data with professional advisers (e.g., lawyers, auditors, consultants) where necessary to protect our legitimate interests and support our business; they are bound by confidentiality and limited-use obligations. Finally, we may disclose data if required by law or a public authority, or where necessary to establish, exercise, or defend legal claims, and we only share what is legally required after careful review.
If we share your personal data with parties outside the European Economic Area (EEA),or if your data is stored on servers outside the EEA, we will ensure appropriate safeguards are in place before any transfer. Where the EuropeanCommission has not recognised the destination country as providing an adequate level of protection, we typically rely on contractual safeguards (such as theEuropean Commission’s Standard Contractual Clauses) and, where necessary, additional technical and organisational measures (such as encryption and strict access controls).
We apply recognised technical and organisational security measures, in particular role-based access controls, encryption of data in transit and at rest where appropriate, pseudonymisation, regular back-ups, staff confidentiality undertakings. These measures are designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.
We use commercially reasonable efforts to make sure that your personal data is securely stored and protected against loss or un authorized disclosure and use. However, you understand that security is an obligation of effort, not result, and that the outcome can never be guaranteed.
In accordance with the GDPR, you have several rights regarding the processing of your personal data. These rights apply to all individuals whose data is processed and can be exercised under the conditions and within the limits set by applicable laws.
You have the right to:
· access your personal data and receive information about how it is processed.
· request the correction of incorrect, incomplete, or outdated personal data.
· request the deletion of your personal data, under certain conditions.
· restrict the processing of your personal data in specific cases, such as when you contest its accuracy or object to its processing.
· object to the processing of your personal data, if the processing is based on our legitimate interests and you believe your situation justifies it.
· receive the personal data you provided to us in a structured, commonly used and machine-readable format, and to transmit that data to another controller, where technically feasible. This applies where the processing is based on the performance of a contract and is carried out by automated means.
You can send your request to exercise the above rights by email to dpo@tomorrowland.com. In your request, clearly state which right you wish to exercise, and if required, provide the necessary explanation. We will acknowledge receipt of your request. If your request is valid, we will grant it. If we have any doubts about your identity, we may ask you for additional information to verify your identity.
You also have the right to lodge a complaint with the Belgian data protection authority (Gegevensbeschermingsautoriteit)if you believe that we have not handled your personal data in accordance with applicable data protection law.