This policy is intended to clearly communicate how Convention Data Services collects, uses, protects, and otherwise handles your Personally Identifiable Information on behalf of the event organizer who has contracted with CDS to provide registration and lead retrieval services.
What is Convention Data Services?
Convention Data Services (or CDS) is a software and services company specializing in registration and lead retrieval for the events industry. We process event registrations on behalf of tradeshows, associations, and corporations that manage live events and conventions. We also contract with exhibitors at those events to help them learn about and connect with attendees.
Convention Data Services, LLC (CDS) is committed to respecting the privacy of our customers and all visitors to our websites. It is our belief that individuals ultimately have the right to understand and control how their personal data is used. We have instituted policies and procedures to ensure your privacy rights are protected.
Convention Data Services will, so far as is reasonably practical, comply with the privacy and data protection principles of all countries and with all laws within the United States to ensure that all data is:
- Fairly and lawfully processed
- Obtained and used for specific and clearly stated purposes
- Adequate, relevant, and not excessive
- Accurate and up to date
- Not kept for longer than necessary
- Processed in accordance with your rights
- Not transferred to other countries without adequate protection
What is “Personally Identifiable Information (PII)?”
Personally identifiable information, or PII, as described in US privacy laws, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual. You can be identified from information such as your name, email address, phone number, home address, driver’s license number, and passport number. You may also be identified from information such as an online identifier, IP address, unique device ID, or website cookie; this type of information becomes PII when combined with information that further identifies who you are.
When Do We Collect Information?
Generally, those who wish to attend conventions, conferences, trade shows, or similar events will register for those events online or over the telephone. During the process of that registration, you share with us personal information about yourself which generally includes contact information, demographics pertaining to your trade or profession, and payment information. Alternatively, we may collect association membership data directly from the organization to which you belong.
It is CDS policy not to accept or store personally identifiable information from children under 16 years of age without parental consent.
What Information Do We Collect?
Our registration websites are somewhat different depending on requirements of show management, but we typically collect your contact information required for attendance at an event, including:
- Email Address
- Phone Number
Additionally, we collect what is known as “demographic” information. Demographics vary widely from event to event, but in general are consist of information useful to exhibitors with whom you may wish to exchange information at the show. Examples include:
- Your role at your company
- Credentials for certain industries
- Whether you are able to purchase on behalf of your employer
- Product areas of interest to you
We also collect payment information to process payments, but we do not store credit card numbers.
How Convention Data Services Uses Your Data
We may use the information we collect from you when you register, make a purchase, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- Email advance notice of and/or invitation to events
- Send email to confirm your registration
- Personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested
- Look up and print your physical badge for an event
- Generate certificates of attendance, credentials, etc. as may be applicable for your event
- Track attendance to event courses or sessions, where applicable
- Process your payment transactions
- Ask for ratings and reviews of services or products
- Administer a contest, promotion, survey, or other site feature
- Follow up with you after correspondence (live chat, email, or phone inquiries)
- Allow us to better service you in responding to your customer service requests
How Convention Data Services May Share Your Data
- Share with the event organizer (trade association, etc.).
- Share with third parties involved in the event process at the request of event organizers (e.g., hotel booking companies).
- Potentially share with exhibitors and sponsors at the event through badge scanning onsite at the event. You control the access by physically presenting your badge for scanning.
- Share with exhibitors and sponsors you interact with in the virtual event.
- Some shows employ tools (Attendee List and Exhibitor Emails) which allow event exhibitors to send you email and/or direct mail. These applications generally do not allow exhibitors direct access to your contact information, and you may opt out of inclusion in these marketing lists during the registration process.
- Invite-a-Colleague/Customer Referral Programs – This service allows you to invite colleagues and customers by providing their name and email address. Convention Data Services will receive and store this information and use it to send an invitation on the attendee/exhibitor’s behalf.
- The Registration Resource Center allows other attendees to contact you within the application itself. Limited information such as name and company are shown.
- Some applications (Registration Resource Center, Geo Attendance Map, etc.) may provide limited information to other attendees, including name, title, company, and city.
Once your data has been shared with a third party, CDS no longer has direct control over that information, but we require our partners to agree to follow all state and country privacy laws.
When you visit our websites, we may automatically collect statistics about your visit. This information does not identify you personally, but rather about your visit to our website. We may monitor statistics such as how many people visit our site, which pages people visit, from which domains our visitors come, and which browsers people use. We use these statistics about your visit for aggregation purposes, not to track what specific individuals are doing on our sites. We do this for many reasons, including the following:
- To recognize new visitors to our websites
- To recognize past visitors
- To present more personalized content, to improve your website experience, optimize your browser experience, and provide site and service enhancements
- So we can better understand our audience, our customers, our website visitors, and their respective interests
We recognize that all personal information you submit to Convention Data Services belongs to the you, and that we use your data only with your permission. You have the following specific rights:
- Informed: We will tell you exactly how we use your data in clear, plain language.
- Consent: Convention Data Services will not store or use your data without your consent. If we get your data from a membership organization or another source, we will ensure through a contract that they are also compliant with GDPR consent regulations.
- Access and Portability: View and download all personal data Convention Data Services may store.
- Modification: Request changes or updates to any personal data Convention Data Services stores.
- Erasure: Request that Convention Data Services purge all personal identifying information at any time.
How We Protect Your Personal Information
We implement a variety of security measures to maintain the safety of your personal information. Specific data security measures include:
- No sensitive personal information (SPI) such as credit card numbers, bank account numbers, passport, and social security numbers is stored on CDS servers. Transactions involving credit cards are processed directly through a payment gateway such as PayPal and full credit card numbers are not stored.
- All personal data is stored on physically secure hardware behind network firewalls.
- Access to the data requires login credentials.
- All data processed through websites is encrypted in transit and at rest.
- In the unlikely event of a data breach, Convention Data Services has policies in place to notify affected parties.
- Data security is regularly audited by third parties.
Other Third-Party Websites and Links
Adherence to Privacy Laws and Practices
Convention Data Services recognizes principles and requirements of international and domestic privacy acts including but not limited to General Data Protection Regulation (GDPR), California Consumer Privacy Act, CAN SPAM, Mexico, Canadian Anti-Spam Law, OPPA, Fair Information Practices, Nevada privacy laws and Personal Information Protection Law of the People’s Republic of China (PIPL) through our Privacy and Data Protection Policy.
Convention Data Services
7 Technology Park Drive
Bourne, Massachusetts 02532
Should you wish to view, modify, or erase your data, or need to know with whom CDS has shared or sold your data, you can make that request by sending an email to firstname.lastname@example.org. Convention Data Services will respond to any requests for information or erasure within 30 days.
Changes to This Policy
You May Opt-Out of CDS Analytics Tracking
You may opt-out of individual tracking and still receive information and promotions from CDS via email and our websites. Click the link below and we will remove you from our individual tracking program. Aggregated, anonymous information—like campaign names—will still be tracked when you opt out of individual tracking.