Event Privacy

We are the Egress Software Technologies Group. More information about our group can be found at www.egress.com/about. For us privacy is not just about our software. It is about the experience that we give our customers, prospects, users, employees and visitors however they engage with us.

That includes the experience that we give those who we meet at events. Below you can find details of the information we collect, how we get it, how we use it and how we may share it when we meet you, or when you give us information about you, at events.

Your information will be held for and on behalf of the relevant group entity set out at the bottom of this policy and its group companies.  This policy sets out how we and they will look after information that you give us, or that we get about you at an event or other sources, or learn about you through our relationship with you.

If you have any questions we would be happy to answer them.  Just get in touch at DPO@egress.com.

This policy was last updated on 9 May 2024.

The information we collect and how we get it

We collect information about you in a number of ways. We may combine the information that we receive from these various sources with other information that we collect or receive. We set out further below how we use this information.

Security

The security and confidentiality of your personal information is very important to us. We have implemented commercially reasonable technical and organizational safeguards to appropriately protect your personal information against accidental, unauthorized, or unlawful access, use, loss, destruction or damage. The measures that we utilize are administrative--[such as the training of employees on privacy and information security-related activities], technical--[such as pseudonymization or encryption techniques, and network firewalls], and physical--[such as locks and video surveillance].

We limit access to your personal information to those employees, agents, contractors and other third-parties who have a business need to know.  They will only process your personal data on our instructions and they are subject to a duty of confidentiality. 

Still, no system can be guaranteed to be 100% secure. If you have questions about the security of your personal information, or if you have reason to believe that the personal information that we hold about you is no longer secure, please contact us immediately as described in this Privacy Notice.

From	How we obtain or receive it	Examples of the types of information
You	- filling out electronic or paper records at an event - registering for our webinars - registering to download whitepapers - scanning your event pass - correspondence prior to the event	-  Personal contact information (e.g. business cards or info collected on forms or from scanning your card) -  Photograph (e.g. of our stand or other presence at an event)
Third parties	-  companies or individuals that introduce you to us -  conference or event organisers -  pre-event research, including third party data provides who we purchase information from (e.g. name, email address, telephone number, job role, employer, market sector/industry, country)	-  Personal contact information -  Company information -  information sent by or received from third parties -  open data and public records -  records provided by third parties

How we use the data that we collect

What we use it for	Our reasons	Our lawful basis	Information type
Manage, track and develop our relationship with you	We may use information gained from you and your visit to our stands, or a record of that interaction as part of the information that we retain and refer to in the management of our relationship with you or your business. This may include storage of information on our CRM platform or other relevant internal systems. The uses of that information are set out in our Service Privacy Policy and Website Privacy Policy.	Legitimate interests	Personal contact information, visual images
Sending you electronic marketing information	We may use the information to conduct marketing, promotional and other advertising activities in order to grow our brand and the awareness of our products and services.	Legitimate interests, Consent	Personal contact information
Exercising our rights	We may need to process certain information (including personal data) in order to exercise or enforce our rights under this and any other relevant policies.	Legitimate interests, Legal Obligation	Personal contact information
Responding to and actioning any request by you in exercising your legal rights in relation to your personal data	Processing may be required to provide confirmation of information to you (e.g. if you make a data subject access or data portability request) or in order to action a request that you make (e.g. correction, deletion, erasure or restriction).	Legitimate Interests, Legal Obligation	Personal contact information

Marketing

You may complete a hard copy or online web form to provide us with your personal contact information (including your email address) directly. When giving us these details you will be presented with a data privacy notice. Depending on the data privacy notice, we will either request your consent to send you emails about our latest news, products and services or otherwise rely on our legitimate interests in doing so (e.g. where permitted in line with regulatory and industry guidelines in respect of B2B marketing activity).

Where you give your details to an event organiser, you may give them permission to pass your details on to event attendees such as ourselves in accordance with the event organiser’s terms and conditions and/or privacy notice provided to you.  We may be provided with this information either by the event organiser directly, or as a result of you scanning your badge or pass at our stand.  In this situation, we will rely on our legitimate interests when contacting you (e.g. where permitted in line with regulatory and industry guidelines in respect of B2B marketing activity)

In each of the above situations, where permitted we may use the information that we hold about you to send you information about us, our software and services by email or other electronic means available to us in the future. We may use certain information available to us (e.g. your company name and market sector) in order to tailor the communications we send to you.

If you receive direct marketing emails from us and no longer wish to do so, the easiest way to let us know if to click on the unsubscribe link at the bottom of our group marketing emails that you may receive.  If you receive a personal marketing email from one of our Sales team, just respond to let them know you do not want to receive any more communications.  We are looking to introduce tools to help you manage your marketing preferences with us (e.g. if you would still like to receive information, but only on certain topics). Once this is available, you will find links to it at the bottom of our group marketing emails as well.

Who we may share your information with

To operate our group effectively we use shared systems, resources and sub-processors and so the information that we collect may be transferred, shared and processed within our group and to and by these third-parties. We use a number of providers including Microsoft, Salesforce and Marketo for internal communications, CRM and marketing purposes and the information that we collect may be stored on and processed using these systems. They do not have a right to use it for their own purposes.  You can find out more information about these companies at www.egress.com/subcontractors.  Any third party sub-processors are only authorised to use your personal information as necessary to provide the services to us that we request from them and must abide by data privacy and security obligations set out in applicable law.

Transfer of rights: We reserve the right to transfer our obligations, rights and permissions in the data that you provide or that we collect to any organisation to which we may transfer our business or assets (including if we, or a relevant part of us or our assets, are proposed to be purchased or acquired by a third party).

Selling your information: We will not, and do not, sell or rent your information to third-parties for: (i) valuable consideration (as defined in the California Consumer Privacy Act) or for their direct marketing purposes; or (ii) monetary consideration for the person to license or sell it to additional persons (as defined in Nevada Senate Bill 220 and any other applicable State legislation). Your information may be shared with third parties as set out above for our business purposes.

Applicable law: We reserve the right to disclose the data that you provide or that we collect in order to comply with national, EU or Member State law to which we’re subject, including to meet any national security and law enforcement requirements. You can find out more on our approach here.

Partners: Where we co-host events such as webinars, the contact information you provide may be shared with our trusted partners. We will ask for your consent where required.

Sending information outside the country you are located in

To operate our group effectively we use shared systems, resources and sub-processors and so the information that we collect may be transferred, shared and processed within our group and to and by these third-parties. This may involve the storage, transfer and processing of this information outside the UK, the EEA, the United States or the country where you or your business are located. Where this happens, we will ensure that any such transfer or processing is subject to appropriate legal and technical safeguards.

How long we will keep your information for

We will keep your information only for as long as necessary for the purpose that we collected or obtained it (which will include sending electronic marketing information to you where you have either consented or we have a legitimate interest in doing so (e.g. where permitted in line with regulatory and industry guidelines in respect of B2B marketing activity)). 

Your rights as an individual

As an individual you may have certain rights by law in respect of the personal data that we hold about you. These rights may not always apply as your location and the basis on which we are processing your personal data may affect their availability. You can find out more information about them and our Data Protection Officer at http://www.egress.com/legal/your-rights.

If you ever have a complaint relating to the delivery of our services, or our processing of your personal information, you can find details on how to raise this in our Complaints Policy at https://www.egress.com/legal/your-rights .

Data Privacy Framework

Egress Software Technologies Limited complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Egress Software Technologies Limited has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Egress Software Technologies Ltd has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

The Federal Trade Commission has jurisdiction over Egress Software Technology’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Egress Software Technologies Ltd commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship. This is provided at no cost to you.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Egress Software Technologies Ltd commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to PrivacyTrust, an alternative dispute resolution provider based in the United Kingdom.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://privacytrust.com/services/data-privacy-framework/dispute-resolution/ for more information or to file a complaint.  The services of Privacy Trust are provided at no cost to you.

You have the right, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. Further details may be found in the DPF Annex I.

Egress Software Technologies Limited shall remain liable under the DPF Principles if we or our third parties transfer or process such personal information in a manner inconsistent with the DPF Principles.

Changes to this policy

We can change this policy from time to time. You (and, if you are a business, your users) should check the website periodically to make sure that you, or they, have read our most recent policy. When we do make changes, we will change the date at the top of this document.

EU Representative

Egress Software Technologies Limited (a foreign company registered on the Dutch Chamber of Commerce) further identified in the section below is our EU representative.

About us and applicable law

We are the Egress Software Technologies Group. You can find out more details about us at www.egress.com/about and you can contact us at info@egress.com. When contacting us we strongly recommend you do not email us confidential or personal information. If you do, it is at your own risk although the terms of this policy will apply to our use of that information.

Where you are resident	Who we are	Governing law	Courts with exclusive jurisdiction	Special Terms
United States	Egress Software Technologies, Inc., a Massachusetts corporation. Office: Level 7, Industrious, 22 Boston Wharf Road, Boston, 02210, United States	State of Delaware (without regard to its conflict of law principles).	State or federal courts in and for Boston, Massachusetts	Where applicable, each of us hereby waives its respective rights to a jury trial of any claim or cause of action relating to or arising out of this policy. This waiver is intended to encompass all disputes that may be filed in any court and that relate to the subject matter of this policy (including contract, tort, breach of duty and all other common law and statutory claims).
Canada	Egress Software Technologies Inc., an Ontario corporation Office: 30 Via Renzo Drive, Suite 200, Richmond Hill, ON L4S, 0B8, Canada	Province of Ontario	Province of Ontario	N/A
European Union or European Economic Area	Egress Software Technologies Limited. A Foreign Entity registered on the Dutch Chamber of Commerce (number 74110462) Office: Herengracht 420, 1017 BZ, The Netherlands	Dutch Law	NCC District Court and NCC Court of Appeal Chamber	All proceedings will be in English.  In the event that the NCC District Court and/or the NCC Court of Appeal Chamber are incompetent for any reason, the Courts of Amsterdam, The Netherlands shall have exclusive jurisdiction.
Australia, New Zealand, and Singapore	Egress Software Technologies Pty Ltd (CAN: 667 428 971), Suite 902, Level 9, 146 Arthur Street, North Sydney, NSW 2060, Australia	Federal laws of Australia and the State of NSW	Sydney, NSW, Australia	N/A
Rest of the World	Egress Software Technologies Limited. Registered in England and Wales (number 06393598). Registered office: 12th Floor, The White Collar Factory, 1 Old Street Yard, London, EC1Y 8AF, United Kingdom. VAT number: 921 4606 46.	England and Wales (except if you are a consumer resident of Northern Ireland or Scotland when you may bring proceedings there)	Courts of England and Wales (except if you are a consumer resident of Northern Ireland or Scotland and have brought proceedings there when the Northern Irish or Scottish Courts will have jurisdiction).	N/A

Glossary

Legitimate Interest means our interest in conducting and managing our business to enable us to give you the best service and experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.