Last Updated: June 5, 2019
1. What personal data do we collect from you?
Personal data you provide to us
When using Event360, you may provide us with personal data. Personal data includes all personally identifiable information (“PII”) and data that directly or indirectly identifies you such as: your name, email address, phone number, location data, emergency contact information,passport information, credit card information, frequent flier airline number, hotel rewards number, and social media accounts. The data you provide is used specifically for the services and logistics for the event. Event360 is customized per event with collecting all or a subset of your personally identifiable information (PII) data. Each event will only collect the data needed to provide the contracted service for the event. At no time will Enterprise Events share this data with 3rd parties or other marketing firms. Once the event is completed Enterprise Events group will follow the applicable laws on data removal/deletion as well.
Personal data we collect through your use of Event360 or Website
We collect limited personal data from you through your use of Event360 or Website. The only data we actively collect from you beyond that which you choose to provide are your IP address, browser software, operating system, and the time and date on which you visited Event360 or Website. In addition, we may also track your usage of Event360 for statistical and research purposes by means of cookies.
2. For what purpose do we use or process your personal data?
We process your personal data for the following purposes:
- Providing you with information about the event that you are attending;
- Performing our services;
- Enabling Event360 features such as “check-ins”, surveys/polls, messaging, channels, agenda sessions, exhibitors, recommendations, speakers and locations;
- Prepopulating Event360 fields such as conference agendas, attendee lists, speaker lists, exhibitor lists, and location information;
- Sending emails or notifications in relation to the event; and,
- Processing complaints or customer service inquiries, handling disputes, performing audits and meeting statutory requirements.
3. With whom do we share your personal data?
We do not share your personal data with third parties, unless we have a good reason to do so.
We do not share your personal data with other attendees.
Authorized Partners and Vendors
We could possibly collect and share your data with authorized partners and vendors for the expressed use for the event. This data could include: your name, email address, company name, phone number, location data, passport information, credit card information, frequent flier airline number, hotel rewards number, and social media accounts.
We may share some of information with authorized partners and vendors. This data could include: your name, email address, company name, phone number, location data, and social media accounts. We may also allow authorized partners and vendors to scan your contact information at the event. This data could include: your name, email address, company name, phone number, location data, and social media accounts.
Please note, the authorized partners and vendors are contracted to complete services for the specific event and at no time will Enterprise Events share this data with non event contracted 3rd parties or other marketing firms.
Enterprise Events Group and the Event360 platform retained payment information is only for the services/payments for the event.
Event360 Classic product line payment information is completely managed with the Force.com sites on Salesforce.com. Any payment data is encrypted both in transit and at rest. https://trust.salesforce.com contains real-time status and security information that Enterprise Events Group leverages for highest level industry security standards for the Classic product line.
Event360 Genesis product line payment information is completely managed by Azure Platform as a Service (PaaS). Any payment data is encrypted both in transit and at rest. https://status.azure.com contains real-time status and security information that Enterprise Events Group leverages for highest level industry security standards for the Genesis product line.
Legal Requirements and Law Enforcement
We will share personal information where we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request; detect, prevent, or otherwise address fraud, security or technical issues; or protect against harm to the rights, property or safety of Enterprise Events Group, our users or the public as required or permitted by law.
4. Security of your personal information
In accordance with the applicable laws and regulations, we have taken adequate technical and organizational measures to safeguard the security of your personal information. We store the personal information that we process on a secure database that is protected by technical access controls. We periodically review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
We restrict access to personal information to employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
5. What are your rights?
In compliance with the General Data Protection Regulation (EU) 2016/679, Enterprise Events Group commits to resolving complaints about our collection or use of your personal information. European Union, Swiss, or other covered individuals with inquiries or complaints should first contact Enterprise Events Group by email by including your full name and sending it to email@example.com. We will contact you within thirty (30) business days after receipt of a request to review, change, or remove your personal data.
If the complaint cannot be resolved through Enterprise Events Group’s internal processes, it will be referred to Judicial Arbitration and Mediation Services, Inc., (JAMS) under the JAMS International Mediation Rules, which are accessible on the JAMS website at https://www.jamsadr.com/adr-rules-procedures. JAMS mediation may also be commenced as provided for in the JAMS International Mediation Rules. You may also submit a claim directly to JAMS through the following site, which is maintained by JAMS: https://www.jamsadr.com/about/submit-a-case. Finally, you will also have the possibility to invoke binding arbitration under certain conditions.
If applicable, under EU or Swiss law, You may: withdraw consent for processing your personal information at any time; object to or restrict processing; or request Enterprise Events Group to provide you a copy of your personal information, information about processing, or a correction or deletion of your personal information.
6. Cookies and similar technologies
At this time we do not respond to browser ‘do not track’ signals, as we await the development of industry standards for how such signals should be interpreted.
Appendix 1 lists the types of Cookies we use and their purpose.
7. Additional Information and Contacts
Children Under the Age of 13
Depending on the event, we do knowingly collect information for children under 13 years of age based upon consent from the authorized individual providing the data. If you wish to have this information removed please contact firstname.lastname@example.org.
California Privacy Rights
California Civil Code Section 1798.83 permits our users who are California residents to request and obtain from us, once a year, free of charge, information about the personal information we disclosed to third parties for direct marketing purposes in the preceding calendar year. If you are a California resident and would like to make such a request, please submit your request to us in writing.
If you have questions about our use of your personal data, please contact us at:
Enterprise Events Group
Data Protection Officer
950 Northgate Drive, Suite 100
San Rafael, CA 94903
8. Additional Terms Applicable to EU Residents
1. Legal bases for processing Personal Information
In processing your Personal Information in connection with the purposes set out in this Policy, we will rely on one or more of the following legal bases, depending on the circumstances:
- Consent: we have obtained your prior express consent to the processing (this legal basis is only used in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way);
- Contractual necessity: the processing is necessary in connection with any contract that you may enter into with us;
- Compliance with applicable law: the processing is required by applicable law;
- Vital interests: the processing is necessary to protect the vital interests of any individual; or
- Legitimate interests: we have a legitimate interest in carrying out the processing for the purpose of managing, operating or promoting our business (i.e., the services and logistics for the event you are attending), and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.
2. Legal bases for processing sensitive information
Where it becomes necessary to process your sensitive information for any reason, we rely on one of the following legal bases:
- Compliance with applicable law: the processing is required or permitted by applicable law (e.g., to comply with our diversity reporting obligations);
- Detection and prevention of crime: the processing is necessary for the detection or prevention of crime (e.g., the prevention of fraud);
- Establishment, exercise or defense of legal rights: the processing is necessary for the establishment, exercise or defense of legal rights; or
- Consent: we have, in accordance with applicable law, obtained your prior, express consent prior to processing your sensitive information (this legal basis is only used in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way).
3. Third party processors
Where we engage a third-party processor to process your Personal Information, the processor will be subject to binding contractual obligations to: (i) only process the Personal Information in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the Personal Information; together with any additional requirements under applicable law.
4. International transfer of Personal Information
Because of the international nature of our business, we transfer Personal Information within Enterprise Events Group, and to third parties, in connection with the purposes set out in this Policy. For this reason, we transfer Personal Information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.
When you provide your Personal Information to us from the country in which you are located, you are initiating a transfer of your Personal Information to the United States.
5. Data Retention
We take every reasonable step to ensure that your Personal Information is only processed for the minimum period necessary for the purposes set out in this Policy. The criteria for determining the duration for which we will retain your Personal Information are as follows:
We will retain Personal Information in a form that permits identification only for as long as:
- we maintain an ongoing relationship with you (e.g., where you are a customer of our services, or you are lawfully included in our mailing list and have not unsubscribed); or
- your Personal Information is necessary in connection with the lawful purposes set out in this Policy, for which we have a valid legal basis (e.g., where your Personal Information is included in a contract between us and you and we have a legitimate interest in fulfilling our obligations under that contract; or where we have a legal obligation to retain your Personal Information);
plus the duration of:
- any applicable limitation period under applicable law (i.e., any period during which any person could bring a legal claim against us in connection with your Personal Information, or to which your Personal Information is relevant); and
- an additional three (3) month period following the end of such applicable limitation period (so that, if a person brings a claim at the end of the limitation period, we are still afforded a reasonable amount of time in which to identify any Personal Information that is relevant to that claim);
- and, in addition, if any relevant legal claims are brought, we continue to process Personal Information for such additional periods as are necessary in connection with that claim.
During the periods noted in paragraphs 5(b)(i) and 5(b)(ii) above, we will restrict our processing of your Personal Information to storage of, and maintaining the security of, that Personal Information, except to the extent that that Personal Information needs to be reviewed in connection with any legal claim, or any obligation under applicable law.
Once the periods in paragraphs 5(a)-(c) above, as applicable, have concluded, we will either permanently delete or destroy the relevant Personal Information; or anonymize the relevant Personal Information.
6. Accuracy & Minimization
From time to time we may ask you to confirm the accuracy of your Personal Information. We take every reasonable step to ensure that:
- your Personal Information that we process is accurate and, where necessary, kept up to date;
- any of your Personal Information that we process that is inaccurate (having regard to the purposes for which they are processed) is erased or rectified without delay; and
- your Personal Information that we process is limited to the Personal Information reasonably necessary in connection with the purposes set out in this Policy.
7. You Legal Rights
Subject to applicable law, you may have the following rights regarding the processing of your Personal Information:
- the right not to provide your Personal Information to us (however, please note that we will be unable to provide you with the full benefit of our websites, products, or services, if you do not provide us with certain Personal Information – e.g., we might not be able to process your requests without the necessary details);
- the right to request access to, or copies of, your Personal Information, together with information regarding the nature, processing and disclosure of that Personal Information; (please contact email@example.com)
- the right to request rectification of any inaccuracies in your Personal Information; (please contact firstname.lastname@example.org)
- the right to request, on legitimate grounds, (i) erasure of your Personal Information or (ii) restriction of processing of your Personal Information; (please contact email@example.com)
- the right to have certain Personal Information transferred to another controller, in a structured, commonly used and machine-readable format, to the extent applicable;
- where we process your Personal Information on the basis of your consent, the right to withdraw that consent (noting that such withdrawal does not affect the lawfulness of any processing performed prior to the date on which we receive notice of such withdrawal, and does not prevent the processing of your Personal Information in reliance upon any other available legal bases); and
- the right to lodge complaints regarding the processing of your Personal Information with a data protection authority (in particular, the data protection authority of the EU Member State in which you live, or in which you work, or in which the alleged infringement occurred, each if applicable).
Subject to applicable law, you may also have the following additional rights regarding the processing of your Personal Information:
- the right to object, on grounds relating to your particular situation, to the processing of your Personal Information by us or on our behalf; and
- the right to object to the processing of your Personal Information by us or on our behalf for direct marketing purposes.
This Policy does not affect your statutory rights. To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our processing of your Personal Information, please contact firstname.lastname@example.org. Please note that:
- in some cases it will be necessary to provide evidence of your identity before we can give effect to these rights; and
- where your request requires the establishment of additional facts (e.g., a determination of whether any processing is non-compliant with applicable law) we will investigate your request reasonably promptly, before deciding what action to take.
Appendix 1: Cookies and Purpose
Cookie Type: Essential operation
Purpose: These cookies are necessary in order for you to move around the service as you request. It allows us to recognize what type of attendee, exhibitor, or other subscriber you are so that we can then accordingly provide services
Cookie Type: Functional
Purpose: These cookies allow us to use certain features of the service in accordance with the choices that you make. These cookies mean that if you continue to use the services or return to the services, we can then provide services tailored for you based on the choices you have made or asked us to hold like your username or your customizations.
Cookie Type: Performance and Analysis
Purpose: We use performance cookies to help us provide a better user experience for you based on optimizing the services and constantly optimizing the features and performance. We may also obtain information from features that you open or access or click on. This information tells us about the effectiveness of certain features and helps ensure that the content and features we provide are optimized for your interests.
Cookie Type: Third Party