United StatesChange Region

Where is your event taking place?

Find Your Show & Order
Contact

GES Privacy Policy

This Privacy Policy explains how GES brand companies (collectively, “we,” “us” or “GES”) collect, use, disclose, and safeguard information in the course of providing our services and operating our websites (collectively, our “Services”). The Services also include communications between you and us, such as through customer service interactions, and emails and other communications we send. All personal information collected by us in connection with our Services will be governed by this Privacy Policy. This Privacy Policy does not apply to any online services, platforms, websites, or applications where it is not linked.

If you are a California resident, see our State Privacy Notice below for more information on information we collect and for what purposes, and your privacy rights.

See Annex A for a list of our entities that act as a data controller of your personal information, depending on the jurisdiction in which you reside or are located.

Sometimes additional or different privacy policies or practices may apply, in which case we will provide you with notice at the time of collection. Where applicable, those additional policies or practices supplement this Privacy Policy.

WHAT INFORMATION WE COLLECT

We collect information in relation to the operation of our business, as a global full-service provider for live events, serving marketers, organizers, and event attendees, for the purposes described in this Privacy Policy. Some of the data categories listed below may not apply to you, depending on how you interact with us (see “How We Collect Information” below).

In particular, we may collect:

  • Identifiers such as your name, title, and account handle, as well as online identifiers such as IP address, cookie ID, and other digital identifiers.
  • Contact Information such as addresses, email addresses, telephone numbers, and facsimile number.
  • Personal Characteristics and Traits such as age and gender.
  • Account Details and Commercial Information such as payment card information, financial account information, purchases, special requests, delivery details, and communications you have with us, as well as preferences you indicate to us or that we have observed such as your marketing preferences, areas of interest, and subscriptions to GES resources.
  • Service Usage Information (“Usage Information”). This includes information collected by Tracking Technologies (defined below), such as:
    • your device functionality (browser, operating system, hardware, mobile network information);
    • the URL that referred you to our Services;
    • the areas within our Services that you visit and your activities there (including emails, such as whether you open them or click on links within), including information that you enter into search bars;
    • your device location (if you have enabled such features on your device);
    • your device characteristics; and
    • device data and the time of day.
  • Location Data such as when you enable features on your device to provide us with your location which may include your precise location.
  • Audiovisual and similar information (such as customer service call recordings)
  • Professional, Employment, and Educational Information such as your title and the name of your employer.
  • Inferences derived from other information that we have collected. For example, we may make inferences about you based on your history with us or other information about you in order to provide you with offers or advertisements that are most relevant to your interests.
  • Legal Information, such as transaction fraud checks or flags, payment card refusals, and information or copies of documents you provide where the law requires you to prove your identity.
  • User Content, such as information you provide to us such as feedback, complaints, and survey responses.

Under certain laws, the definition of personal information (which we use broadly to include similar terms such as “personal data”) is broad and covers things like online identifiers (for example, IP address, cookie IDs, device IDs). Where information does not qualify as personal information, including information that has been deidentified, anonymized, or aggregated, we will not treat it as such. However, where we are required by law to treat certain information as personal information, or where we combine certain information with personal information, we will treat it as personal information.

From our initial engagement with you, we may track your interactions with us so that we can better understand the scope of our relationship with you. ​For each interaction, we retain your name when you purchase goods or services from us, as well as the nature and amount of the purchase. ​We combine that information with a record of information you request from us, how you respond to our emails and other electronic messages, and your activity at our websites (including our web based and mobile software applications, whether on our websites or third-party websites). ​We do not intend to collect any sensitive information from you and will not conduct any automated decision making. ​

HOW WE COLLECT INFORMATION

Directly from You on the Services
We collect information directly from you when you visit the Services or purchase goods or services from us. You may also directly provide information when you communicate with or contact us with feedback or complaints, or when you fill out survey responses.

 

Automatically from You or Your Device When You Visit the Services
We use cookies and other tracking technologies (“Tracking Technologies”), as discussed in further detail below, to collect information about your device and your use of the Services.

We may use a variety of technologies that store or collect certain information whenever you visit or interact with the Services. This information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device whenever you visit or interact with our Services.

In some instances, we may collect different identifiers that identify your device or browser, such as IP address, mobile advertising ID, and others (“Device Identifiers”).  We may use such Device Identifiers to associate information you have provided on different devices, or during separate interactions with us on the Services on the same device. For example, if you login to your account on your mobile phone, then later login to your account on your tablet or laptop, we may collect those Device Identifiers and associate those two devices and their Device Identifiers with other information we have on you. By way of another example, if you use the Services while logged into your account during one interaction but later use the Services on the same device, but not logged into your account, we may use Device Identifiers and other information to associate these separate interactions with the Services with your single device.

We may use various tracking technologies such as those described below (“Tracking Technologies”) to collect information on the Services, including the types of information described above in the What Information We Collect section. Tracking Technologies include:

Cookies. A cookie is a data file placed on a device when it is used to visit the Services.

Web Beacons. Small graphic images or other web programming code called web beacons (also known as “1×1 GIFs” or “clear GIFs” or “pixels”) may be included in our Services’ pages and messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies can be used to count visitors to the Services, to monitor how users navigate the Services, to count how many e-mails were sent were actually opened or to count how many links were actually viewed.

Embedded Scripts. An embedded script is programming code that is designed to collect information about the links you click on and other of your interactions with the Services. The code is temporarily downloaded onto your device from our web server or a third-party service provider, is active only while you are connected to the Services, and is deactivated or deleted thereafter.

Location-Identifying Technologies. Our Services may provide you the ability to enable location-identifying technologies, including “location services” on our mobile application (“App”) (if applicable), to find the nearest retail location. Some location-identifying technologies rely on Bluetooth technology, which you also have to enable with respect to the App in order for our App to interact with such technology. For example, some retail locations may install Bluetooth, Wi-Fi, radio transmitters, or other devices, which have the ability to communicate with your App or collect information about your device when you are in or near a retail location. In order to stop utilizing, or to change the settings with respect to, location-identifying technologies on our App, you can change your device settings.

There may be other Tracking Technologies now and later devised and used by us in connection with the Services.

From our Affiliates
We may receive personal information from our GES brand affiliates.

From Third Parties
We may receive personal information from third parties, including your employer, our vendors, and Third-Party Services (defined below). We also may obtain personal information from marketing vendors that supplement information we have already collected.

HOW WE USE PERSONAL INFORMATION
Generally, we use and otherwise process personal information to provide you products and services you purchase or request, personalize our offerings, services, and marketing, and to otherwise support the operation of our business. Below are more specific examples of various purposes for which we use personal information:

Our Services:

  • To deliver the Services you have requested.
  • To process your order, including credit evaluation, payment authorization, and collection of sums owed.
  • To give you service notices and deal with any customer care issues you may have.
  • To manage any registered accounts you may have with us.
  • To create and secure an on-line account in our Subscription Centre, if you choose to establish one.
  • To notify you of any changes to our Services.
  • To provide services and fulfill our obligations to event organizers, venues, and hotels in connection with events you participate in including, without limitation, through the use of non-personal anonymous, aggregate, and statistical information.
  • To provide customer service and communications, including to respond to any questions, comments, or requests that you have for us or for other customer service purposes, sending you communications and notifications about your use of the Services or your other interactions with us, and changes to the Services and/or Services’ policies or other aspects of our business operations.

Marketing:

  • To communicate with you regarding an upcoming show or event.
  • To offer services at an upcoming show or event.
  • When GES serves as an official contractor for an event or venue, to offer and/or fulfill certain authorized services through GES’ third party preferred contractors. ​
  • To promote relevant GES offerings and suggestions related to your areas of interest or based on previously conducted business through a genuine understanding from us that there is a legitimate interest for that contact to take place.
  • To deliver information you request and communicate about us and other GES brand offerings from our global affiliates, and recent developments that may be of interest to you.
  • To advertise our products and services to you.
  • To maintain a profile of our ongoing relationship that allows us to better serve you and tailor our offers so that they are more likely to be of interest to you.
  • To share with other companies within the GES brand affiliates as needed for reasonable management, analysis, planning and decision making, including in relation to taking decisions regarding expansion and promotion of our websites and services and for use by those companies for the other purposes described in this Privacy Policy.
  • To target advertisements to you or your device, including through Interest-Based Advertising and to otherwise assist us in determining relevant advertising
  • For ad measurement, attribution, and other ad administration, including to determine the success of our advertising campaigns and to help us determine where to place our ads, including ads placed on other websites and services.

Research and Development:

  • To obtain your feedback and track our performance.
  • To ensure that all our online content that you access (whether as part of the Services or not) is presented in the most effective manner for you.
  • To operate our Services more effectively and to promote our products and services on our Services.
  • To manage, conduct research, and improve how we operate and promote our products and services including, without limitation, through the use of non-personal anonymous, aggregate, and statistical information.

Analysis and Profiling:

  • To analyze your responses to our marketing communications (e.g. whether you open communications and/or interact).
  • To analyze your browsing and purchasing activity.
  • To use the analyses mentioned above, together with other demographic data, to contact you with information on products and offers relevant to you. ​
  • To analyze customer choices in respect of our services to understand our target audience for the purposes of selecting similar customers for advertising purposes.

Legal Requirements and Prevention, Detection, Investigation, and Mitigation of Illegal Activities, Fraud, Injury, or Violations:

  • For pursuing legal claims, crime and fraud prevention, detection and related matters.
  • To verify your identity when considered necessary and/or appropriate.
  • To assist in issues relating to your personal safety and the safety of others.
  • To comply with laws applicable to our operations, to respond to requests from government authorities, to enforce our rights (including under our Terms of Use) and protect property, and to satisfy our record keeping, regulatory, and legal requirements.

Purposes that are Disclosed to You or Compatible with Other Purposes:

  • Purposes disclosed at the time you provide your personal information.
  • Our legitimate business purposes that are compatible with the purpose of collecting your personal information and that are not prohibited by law.

SHARING YOUR INFORMATION
We disclose or otherwise make available personal information as described in this Privacy Policy, including for the processing purposes described the “How We Use Personal Information” section above, and as follows:

GES Affiliates
We may disclose personal information to certain GES affiliates who may use personal information as described in this Privacy Policy.

In the case of onPeak LLC, your information may be shared with event organizers, hotels, and other third parties as necessary to perform our contracts with event organizers. Certain communication and computer infrastructure services are provided by GES brand affiliate, Global Experience Specialists, LLC.

Tradeshow Organizers, Venues, Exhibitors, and Attendees
We may also share personal information with non-affiliated companies such as tradeshow organizers, venues, associations, exhibitors, and attendees for purposes of conducting events. Some of these third-party companies may have a pre-existing relationship with you, provide transactional services to you, or send information to you.

Vendors
We may provide or otherwise make available personal information with vendors who assist us with carrying out many of the purposes described the “How We Use Personal Information” section and otherwise in this Privacy Policy. We have a practice of contractually restricting vendors to use the information that they receive from us or otherwise process on our behalf for any purpose other than providing us services, except some vendors may use personal information for their own, limited purposes in relation to their services (fraud prevention, security purposes, etc.) that are permitted by applicable law.

For Safety, Security, Legal, and Similar/Related Reasons
We may disclose your personal information to other persons, organizations, or governmental authorities if we believe in good faith that doing so is necessary or appropriate: (i) to protect or defend the rights, safety or property of GES, its affiliated or related entities, or third parties; (ii) to investigate, prevent, or take action regarding illegal activities, or suspected fraud; (iii) to enforce, investigate, or take action regarding this Privacy Policy, our Terms of Use, and other applicable agreements and policies; (iv) in litigation or other proceedings in which we, our affiliated or related entities, or our franchisees may be involved; and (v) to comply with legal and regulatory obligations and, to the extent not prohibited by applicable law, requests from law enforcement and other public authorities. We will exercise our discretion in electing to make or not make such disclosures, and to contest or not contest requests for such disclosures, all without notice to you, subject to applicable law or other legal requirements.

Corporate Transaction
If ownership of all or part of our business changes, or we undergo a reorganization or sale of all or a portion of our stock or assets, including a merger or transfer, we will transfer your personal information to the new owner, receiver or successor company (and potentially prior during the course of a business transaction, such as during diligence) to enable us to continue to provide our Services to you.

With Notice or Your Consent.
We may disclose personal information to third parties with notice to you, as directed by you, or, where legally required, upon your consent or authorization.

Deidentified and/or Aggregate Data
We may disclose data that we de-identify or aggregate such that it is no longer personal information. We do not authorize recipients of information we have de-identified to re-identify the data.

Third parties are permitted to use your personal information to assist us in providing our Services to you, to offer complementary goods and/or services that we have good reason to believe may be of particular interest to you, or for other customary business purposes.

More generally, we may share your personal information with:

  • Payment services providers as required for card payments.
  • Other third parties to meet legal, regulatory, insurance, audit, and other similar administrative needs. ​ ​

Whenever possible, reasonable, and / or legally required, we endeavor to ensure that parties we share information with are required to treat your information confidentially and show that they have appropriate data protection and security controls, and that they protect personal information consistent with the principles articulated in this Privacy Policy, and we will disclose only the minimum information necessary to complete and process an order.

INTERNATIONAL TRANSFERS
The nature of our business and our operations may require us on occasion to transfer personal information to our GES affiliates and third parties that may be located in countries outside of the jurisdiction in which you are located. Accordingly, we comply with all applicable global privacy and data protection requirements. All cross-border transfers of your information will be in compliance with the local privacy laws of the jurisdiction from which we are transferring the data, as well as in compliance with the terms of this Privacy Policy. Furthermore, we will provide appropriate safeguards for cross-border transfers in accordance with our legal obligations under any applicable data protection laws. We maintain an active certification on the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF (the “Data Privacy Framework”), and the Swiss-U.S. Data Privacy Framework. See below for more information regarding the Data Privacy Framework.

HOW WE SAFEGUARD YOUR INFORMATION
We endeavor to employ reasonable technical and organizational measures to protect against the loss of, or unauthorized access to, the information under our control. Steps we have taken to enhance network and information security include industry standard infrastructure security, the implementation of Secure Socket Layer (SSL) encryption technology for payment transactions, digital certificates, and password protection for all web applications that contain personal information. Although we take measures to protect your information, we cannot guarantee that your information will always remain secure.

THIRD-PARTY SERVICES AND TRACKING TECHNOLOGIES GENERALLY
The Services have functionality that allows certain kinds of interactions between the Services and third-party content, web sites, applications, platform, code ((e.g., plug-ins, application programming interfaces (“API”), and software development kits (“SDKs”)), and Tracking Technologies (collectively, “Third-Party Services”).

For example, you may have an option to use your Facebook, Google or other account provided by a Third-Party Service to interact with the Services, including by logging into the Services or posting information from the Services on the Third-Party Service (or vice versa) (“Social Features”). If we offer and you choose to use Social Features, the Third-Party Service may send personal information about you to us. If so, we will then treat it as personal information under this Privacy Policy since we are collecting it as a result of your accessing of and interaction on our Service. If you use Social Features, and potentially other Third-Party Services, information you post or provide access to may be publicly displayed on the Services or by the Third-Party Service that you use, depending on your privacy settings on each. Similarly, if you post information on a Third-Party Service that references the Services (e.g., by using a hashtag associated with us in a tweet or status update), your post may be used on or in connection with the Services or otherwise by us. Also, both we and the third party may have access to certain information about you and your use of the Services and any Third-Party Service.

Third-Party Services may use their own cookies, web beacons, and other Tracking Technologies to independently, collect information about you, including Third-Party Services to which you are directed from the Service, including where you click a link and leave the Services entirely. There are certain websites and other Third-Party Services to which we may link from the Service, which are third party websites using our name under license but with their own terms and policies (except where we have explicitly linked to this Privacy Policy).

We are not responsible for the policies or business practices of Third-Party Services, including how they collect, use, or disclose your information, including through Tracking Technologies that collect information regarding your visit to the Services as well as after your visit is over. These Third-Party Services may have their own terms of service, privacy policies or other policies and ask you to agree to the same. Be sure to review any available policies before submitting any personally identifiable information to or otherwise interacting with any Third-Party Services.

Analytics
We may use Google Analytics or other similar providers for analytics services. These analytics services may use cookies and other Tracking Technologies to help us analyze Services users and how they use the Services. Information generated by these analytics services (e.g., your IP address and other Usage Information) may be transmitted to and stored by these Service Providers on servers in the U.S. (or elsewhere) and these vendors and/or Third-Party Services may use this information for purposes such as evaluating your use of the Service, compiling statistic reports on the Service’s activity, and providing other services relating to Services activity and other Internet usage.

Interest-Based Advertising
We may engage and work with vendors and Third-Party Services to serve advertisements on the Services and/or on other online services. Some of these ads may be tailored to your interest based on your browsing across time on the Services and elsewhere online (other websites and services), which may include use of precise location and/or cross-device data, sometimes referred to as “interest-based advertising” (“Interest-based Advertising”). See “Your Choices” for more information on your choices regarding Interest-based Advertising, and our State Privacy Notice for information on your choices with respect to Interest-based Advertising that qualifies as “Targeted Advertising” and/or “Cross-Context Behavioral Advertising”.

MINOR DATA
We do not knowingly solicit data online from or market online to children under the age of 18. If you are a parent or guardian of a child under the age of 18 and believe that personal information of a child may have been collected, please contact us as provided in the section titled “Contact Us” below to have it deleted.

YOUR CHOICES

Opting-Out of Marketing Emails
At any time you may “Opt out” or “Unsubscribe” of receiving some or all marketing emails from us such as service offers, subscriptions, periodic information and other correspondence by selecting the “Manage My Subscriptions” on emails from us or by contacting us as provided in the section titled “Contact Us” below. ​

Jurisdiction-Based Choices
Depending on where you are located or the jurisdiction where you are a resident, you may have choices such as withdrawing your consent to our collection, use and disclosure of information at any time, subject to contractual and legal restrictions and reasonable notice. Note that if you withdraw your consent to certain uses of your information, we may no longer be able to provide certain Services.

If you are:

  • A resident of California, please see the State Privacy Notice below.
  • A resident of or otherwise located in the U.K. or the Europe Economic Area see Personal Data from the U.K. and EEA below.
  • A resident of Canada, please see the Canadian Privacy Notice section below.

Tracking Technologies and Interest-based Advertising

We offer a Tracking Technologies management platform (also called a consent management platform or CMP) that allows you to exercise choice with respect to certain Tracking Technologies on the Service.

Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options, so you may need to set them separately. Also, tools from commercial browsers may not be effective with regard to certain Tracking Technologies. Some App-related Tracking Technologies in connection with non-browser usage (e.g., most functionality of a mobile app) can only be disabled by uninstalling the app. To uninstall an app, follow the instructions from your operating system or device manufacturer. Apple and Google mobile device settings have settings to limit ad tracking, and other tracking, but these may not be completely effective. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many online services, we currently do not alter our practices when we receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you can visit http://www.allaboutdnt.com, but we are not responsible for the completeness or accuracy of this third-party information.

Some third parties, however, may offer you choices regarding their Tracking Technologies.

 Interest-Based Advertising Industry Opt-Out Programs
There are two advertising industry organizations – the Network Advertising Alliance (NAI) and Digital Advertising Alliance (DAA) that offer opt-out programs. You can visit the following links to submit opt-out requests to companies participating in each program. The NAI’s opt-out page provides detailed information regarding the opt out of Interest-based Advertising and its limitations.

  • To visit the NAI’s opt-out page, click here.
  • To visit the DAA’s opt-out page, click here.

Please be aware that, even if you are able to opt out of certain kinds of Interest-based Ads, you will continue to receive non-targeted ads. Further, if you selectively opt out of one or more of the above opt-out programs, you may receive Interest-based Advertising from other participants. You may also receive Interest-based Advertising from parties that do not participate in the NAI or DAA’s programs. However, GES supports the ad industry’s Self-regulatory Principles for Online Behavioral Advertising and expect that ad networks GES directly engages to serve you Interest-based Ads will do so as well, though GES cannot guaranty their compliance.

RETENTION OF INFORMATION WE COLLECT
We will retain your information as follows:

  • Personal information we collect will be retained for a period of three (3) years from your last activity with us, unless a different period is expressly set forth. You may request us to delete your information at any time by contacting us as provided in the section titled “Contact Us” below, subject to any of our retention policies and legal obligations.
  • Information that must be maintained for legal purposes such as specific financial information in accordance with the relevant legislation and any applicable local / regulatory guidance (which may be for a longer period, often up to 7 years). ​

PERSONAL DATA FROM U.K. or EEA
The EU GDPR and UK data protection laws require a legal basis for our use of personal information. Our basis varies depending on the specific purpose for which we use personal information. We use:

  • Performance of a contract when we provide you with products or services, or communicate with you about them. This includes when we use your personal information to take and handle orders, deliver products and services, and process payments.
  • Our legitimate interests when we improve our services, when we detect and prevent fraud and abuse in order to protect the security of our customers, ourselves, or others, and when we provide you with interest-based advertising.
  • Your consent when we ask for your consent to process your personal information for a specific purpose that we communicate to you. When you consent to our processing your personal information for a specified purpose, you may withdraw your consent at any time and we will stop processing of your data for that purpose.
  • Compliance with a legal obligation when we use your personal information to comply with laws.
  • These and other legal bases depending on the purpose for which we use personal information. ​

Additionally, we will honor your rights concerning your personal data including:

  • Right to rectify inaccurate or incomplete information we process.
  • Right to object to or restrict our data processing.
  • Right to withdrawal of consent, at any time and we will stop processing your personal data without undue delay.
  • Right to data portability, including rights to receive your personal data in a structured, commonly used, and machine-readable format, and to have it forwarded to a third-party controller.
  • Right to erasure, commonly known as Right to be Forgotten.
  • Right of access to your personal data with details of processing including, without limitation, categories of personal data processed, where the data is processed, categories of recipients who have received it, and the envisaged period for which the personal data will be stored.
  • Right to lodge a complaint with a supervisory authority in your local jurisdiction.

For more information about our processing or to exercise your rights, contact us as provided in the section titled “Contact Us” below. ​

EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES (EU-U.S. DPF), THE UK EXTENSION TO THE EU-U.S. DPF

GES is a global company and has facilities and affiliated companies throughout the world. Please note that we may collect, store and process your personal information in the United States or in other countries outside of the country where you live. The United States and/or these countries may not offer the same level of privacy protection for your personal information as is offered in the country in which you live. To address privacy concerns, we have certified to the Data Privacy Framework.

We comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. ​ We have certified to the U.S. Department of Commerce that GES adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data we collect, as described in this Privacy Policy, received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom in reliance on the UK Extension to the EU-U.S. DPF. ​ ​ If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the Principles shall govern. Please review this Privacy Policy to understand the personal information we collect, our purposes and uses of the personal information we collect, information about the third parties to which we may disclose personal information and our purposes for doing so. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/. The Data Privacy Framework list can be found at https://www.dataprivacyframework.gov/list.

DATA PRIVACY FRAMEWORKS – FURTHER DETAILS
With respect to personal data received or transferred pursuant to the Data Privacy Framework, we are subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

The types of Personal Data we collect, the purposes for which we collect and use such Personal Data, and the types of third parties to which we disclose Personal Data (and the purpose for which we do so) are set forth above in this notice.

The U.S. entity that receives Personal Data from the EU and the UK is Global Experience Specialists, LLC. We commit to subject all Personal Data received from the EU and UK to the principles of the Data Privacy Framework.

We will use our reasonable best efforts to maintain the security of your personal information, provide opt-in/opt-out notices as required by law where personal information is collected, use data in a manner consistent with its original purpose for collection, and offer mechanisms for you to assist in ensuring your personal information is accurate and reliable. In the event that we transfer your personal information or any other data regulated by Data Privacy Framework to a third party, we could be liable for any damages resulting from violations of applicable law arising from such onward transfer, provided that we were responsible for the event giving rise to such damage.

We may be required, and therefore reserve the right, to share your personal information in response to lawful information requests from governmental authorities or as otherwise required by law, including to meet national security or law enforcement requirements.

In instances where we disclose personal information to a third party, or if that information is to be used for a purpose different than the purpose for which it was originally collected, you may opt-out of such onward transfer of your personal information by notifying us of your decision by contacting us at the information below.

You have the right to access, correct, or delete your personal information, and you may also limit our use or disclosure of your personal information, provided that you send us notice of any such request in at the information below.

In compliance with the Data Privacy Framework, we commit to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Framework. European Union and UK individuals with privacy inquiries or complaints should first contact us at the information below.

We have further committed to refer unresolved privacy complaints under the Data Privacy Framework to an independent dispute resolution mechanism, the JAMS Data Privacy Framework Dispute Resolution, an alternative dispute resolution provider. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit the JAMS Data Privacy Framework Dispute Resolution website at https://www.jamsadr.com/dpf-dispute-resolution for more information and to file a complaint. This service is provided to you free of charge.

If your privacy complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. ​ See Data Privacy Framework Program at https://www.dataprivacyframework.gov/s/.

Contact Information for DPF inquiries and complaints:

To contact us in the U.S.:

Chief Legal Officer, GES
7000 Lindell Road, Las Vegas, NV  89118
[email protected]

To contact us in our relevant establishments in the UK and EU:
UK:
Chief Legal Officer
ExCeL London, One Western Gateway, Royal Victoria Docks, London, E16 1XL, United Kingdom
[email protected]

EU:
Chief Legal Officer
Gyroscoopweg 84 1402 AX Amsterdam, Netherlands
[email protected]

CANADIAN PRIVACY NOTICE (CANADIAN RESIDENTS ONLY)
We will comply with applicable Canadian data protection laws, such as the Personal Information Protection and Electronic Documents Act (“PIPEDA”), Alberta’s Personal Information Protection Act (“PIPA”) and other substantially similar Canadian federal and provincial laws regulating the collection, use and disclosure of personal information subject to such laws. We will not collect, use or disclose your personal information for any other purpose than those outlined above, except with your consent. We will respond to your request to access personal information as promptly as possible.

  • We may collect personal information from you through:
  • Your purchase of Services.
  • Completed and returned surveys and comment cards.
  • Requests for newsletters, brochures, or information.
  • Your participation in any of our marketing campaigns.
  • Visits to our website, if you voluntarily submit such information.

Your name, email address or any other personal information you may have shared, or choose to share with us in the future, will never be sold, traded, rented, given away or used for any other purpose than to provide you with the information or services you have requested or as required by applicable law. At all times, it is your choice whether or not you provide us with your personal information, and if you do not notify us of your objection to our use of your information as outlined within this Privacy Policy, we will consider you to have consented to such continued use.

CONTACT US
To contact us with any requests concerning your information, questions regarding this Privacy Policy, or any related matter, please contact our Chief Legal Officer at GES:

E-mail:
[email protected]

Post:
Chief Legal Officer
GES
7000 Lindell Road
Las Vegas, NV  89118

We will use reasonable measures to verify the identity of a data subject before proceeding with a request.  If you have provided an email address to us, please include it with your request.  Once verified, a request received will be processed across all companies covered by this Privacy Policy and their GES affiliates.

CHANGES TO OUR PRIVACY POLICY
We will occasionally update this Privacy Policy to reflect your feedback, to implement changes required by applicable law, or as we may otherwise deem necessary or appropriate. If there are material changes to this Privacy Policy or in how we use your personally identifiable information, we will prominently post such changes to the website prior to implementing the change. We encourage you to periodically review this Privacy Policy to be informed of how we are protecting your information.

Last Updated: August 2025

State Privacy Notice

Last Updated: August 2025

This State Privacy Notice (“State Privacy Notice”) describes how GES may collect, retain, use, and disclose personal information of users of the Services who are residents of California. We have adopted this State Privacy Notice to address compliance obligations under the California Consumer Privacy Act (the “CCPA”). Any term defined in the CCPA and used in these provisions has the meaning given to that term in the CCPA.  If any provision of this State Privacy Notice conflicts with any provision in the remainder of the Privacy Policy, the provisions in this State Privacy Notice will control. If you are a resident of a different state, any rights provided to you will be in GES’s discretion. If you believe you are entitled to certain rights not discussed herein, you can contact GES at [email protected].

This State Privacy Notice provides California residents with whom we have interacted notice of our recent, historical data practices over the prior 12 months (from the Last Updated date listed at the top of this State Privacy Notice). This State Privacy Notice also applies to our current data practices, such that it is also meant to provide you with “Notice at Collection,” which is notice of personal information we collect online and offline, and the purposes for which we process information. For any new or substantially different processing activities that are not described in this State Privacy Notice, we will notify you as required by applicable law, including by either notifying you at the time of collecting information, or by updating this State Privacy Notice.

  1. Collection, Uses, Sources, and Disclosure of Personal Information

Generally, we collect, retain, use, and disclose your personal information to provide you with our products and services and as otherwise related to the operation of our business. More specifically, we collect, retain, use, and disclose your personal information for the business and commercial purposes listed in the Privacy Policy above, including in the “What Information We Collect,” “How We Use Personal Information,” and “Sharing Your Personal Information” sections above.
The tables below describe our data collection and disclosure practices in detail including the categories of information we collect (left column), examples of types of data that fit within such categories (middle column), and the categories of recipients that receive such information as part of disclosures for business purposes, as well as disclosures which may be considered a sale or sharing under the CCPA (right column).

We may disclose all categories of personal information for business purposes to the following categories of recipients:

  • Affiliates and other members of GES’s corporate group
  • Vendors that assist us with carrying out our Services (“Vendors”)
  • Law enforcement, government regulators, and courts pursuant to legal requirements or legal process
  • Other parties (e.g., professional advisors, and potential or actual acquirers or investors and their professional advisers in connection with any actual or proposed merger, acquisition, or investment in all or part of our business.)
Category of Personal Information Types of Personal Information Category of Recipients
1. Identifiers and Contact Information Name, alias, account handle, postal address, phone number, email address, facsimile number, IP address, cookie ID, and other online IDs. Disclosures for Business Purposes:

  • Software and other business Vendors
  • Marketing Vendors

Sale/Sharing: Third-Party Digital Businesses
2. Personal Information as defined in Cal. Civ. Code Section 1798.80(e) Some personal information included in this category may overlap with other categories. Examples include name, signature, address, and telephone number. Disclosures for Business Purposes:

  • Software and other business Vendors
  • Marketing Vendors

Sale/Sharing: None
3. Personal Characteristics or Traits In some circumstances we may collect personal information that is considered protected under applicable law, such as age and gender. Disclosures for Business Purposes:

  • Software and other business Vendors

Sale/Sharing: None
4. Customer Account Details / Commercial Information Payment card information, financial account information, and records of products or services purchased or obtained, such as your purchase and commercial history with GES. Disclosures for Business Purposes:

  • Software and other business Vendors
  • Marketing Vendors

Sale/Sharing: None
5. Internet/Service Usage Information Browsing history on the site and Usage Information. Disclosures for Business Purposes:

  • Software and other business Vendors
  • Marketing Vendors

Sale/Sharing: Third-Party Digital Businesses
6. Location Data If you use our systems or interact with us online we may gain access to the approximate or precise location of the device or equipment you are using, or the location from which you are accessing our systems. Disclosures for Business Purposes:

  • Software and other business Vendors

Sale/Sharing: None
7. Audiovisual and Similar Information Examples of this category may include customer service call recordings and CCTV footage that we collect in our offices and facilities. Disclosures for Business Purposes:

  • Software and other business Vendors

Sale/Sharing: None
8. Professional or Employment Information For example, if you are a B2B Contact, we may collect the name of your employer and your title. Disclosures for Business Purposes:

  • Software and other business Vendors
  • Marketing Vendors

Sale/Sharing: None
9. Inferences From Personal Information Collected For example, we may infer that you are interested in a particular product based on your employer’s prior purchase history or business relationship with GES. Disclosures for Business Purposes:

  • Software and other business Vendors
  • Marketing Vendors

Sale/Sharing: Third-Party Digital Businesses

We do not collect sensitive personal information from or about users of the Services.

As permitted by applicable law, we do not treat deidentified data or aggregate information as personal information and we reserve the right to convert, or permit others to convert, your personal information into deidentified data or aggregate information, and may elect not to treat publicly available information as personal information. We will not attempt to reidentify data that we maintain as deidentified.

II. Sources of Personal Information

GES collects personal information directly from you or your device/computer, your employer if you are a B2B Contact, Third-Party Services, Vendors, our affiliates, other individuals, and other third parties. If you are a Job Applicant, we may collect personal information from the above sources, as well as recruiters or employment agencies, your current employer or former employers, schools, colleges, or universities that you attended; and references listed on your resume or application.

III. Retention of Personal Information

Because there are so many different types of personal information in each category, and so many purposes and use cases for different types of personal information, we are unable to provide retention ranges based on categories of personal information in a way that would be meaningful and transparent to you.  Retention periods for each category of personal information will depend upon how long we have a legitimate purpose for the retention consistent with the collection purposes and applicable law. For instance, we may maintain business records for so long as relevant to our business, and may have a legal obligation to hold personal information for so long as potentially relevant to prospective or actual litigation or government investigation. We apply the same criteria for determining if we have a legitimate purpose for retaining your personal information that you ask us to delete. Generally, we retain personal information for a period of three (3) years from your last activity with GES.
If you make a deletion request, we will conduct a review of your personal information to confirm if legitimate ongoing retention purposes exist, will limit the retention period to such purposes for so long as the purpose continues, and will respond to you with information on any retention purposes on which we rely for not deleting your personal information. For more information on deletion requests, see the Right to the Deletion of Personal Information section.

IV. Privacy Rights Requests

As described in further detail below, subject to meeting the requirements for a Verifiable Privacy Request (defined below), we provide California residents the privacy rights described in this section. For residents of states without such rights, we will consider requests, but will apply our discretion in how we process such requests.

As permitted by the CCPA, certain requests you submit to us are subject to an identity verification process (“Verifiable Privacy Request”). For certain types of requests, we are not permitted to fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual who is the subject of the request or an agent of that individual. For certain types of requests, however, we are only permitted to confirm that the request is not fraudulent, but this may require us to collect more limited information from you. If we cannot comply with a request, we will explain the reasons in our response.

Some information we maintain about individuals that is technically considered personal information may, nonetheless, not be sufficiently associated with information that you provide when making your request. For example, if you provide your name, email address, and phone number when making a request, we may be unable to associate that with certain data collected on the Services, such as clickstream data tied only to a pseudonymous browser ID. Where we are unable to associate such information with the information you provide, we do not include such information in response to those requests. If we cannot comply with a request, we will explain the reasons in our response. We will use personal information provided in a Verifiable Privacy Request only to verify your identity or authority to make the request and to track and document request responses unless you also gave it to us for another purpose.

We will make commercially reasonable efforts to identify personal information that we collect, process, store, disclose, and otherwise use and to respond to your privacy requests. We will typically not charge a fee to fully respond to your requests; provided, however, that we may charge a reasonable fee, or refuse to act upon a request, if your request is excessive, repetitive, unfounded, or overly burdensome. If we determine that the request warrants a fee, or that we may refuse it, we will give you notice explaining why we made that decision. You will be provided a cost estimate and the opportunity to accept such fees before we will charge you for responding to your request.

a. Right to the Deletion of Personal Information

California residents have the right to request that GES delete any of the personal information about you that GES has collected, subject to certain exceptions which we will explain if they apply. After we confirm that your deletion request is a Verifiable Privacy Request, subject to permitted retention exemptions, we will carry out one or more of the following: (i) permanently erase your personal information on our existing systems with the exception of archived or back-up systems; (ii) deidentify your personal information; or (iii) aggregate your personal information with other information. In our response to your request to delete, we will tell you the method for deleting your personal information. Where legal exceptions will apply to your request for deletion, we will tell you which one(s) and will limit retention to the permitted purpose(s).

b. Right to the Correction of Inaccurate Personal Information

You have the right to request that we correct inaccuracies that you find in your personal information maintained by GES. Your request to correct is subject to our verification procedures and the response standards in the CCPA and other applicable laws.

c. Right to Know/Access

            i. Right to Know Categories

You have the right to request that we share with you certain information about our collection, use, and disclosure of your personal information over the 12-month period prior to the request date, related to categories of personal information. You can request that we disclose to you: (1) the categories of personal information we collected about you; (2) the categories of sources for the personal information; (3) our business or commercial purpose for collecting, selling, or sharing that personal information (i.e., if we have, in fact, sold personal information); (4) the categories of third parties with whom we disclosed that personal information to; (5) a list of the categories of personal information disclosed for a business purpose in the prior 12 months and, for each, the categories of recipients, or that no disclosure occurred; and (6) a list of the categories of personal information sold or shared about you in the prior 12 months and, for each, the categories of recipients, or that no sale or share occurred.

            ii. Right to Know Specific Pieces

You have the right to request a transportable copy of the specific pieces of personal information we collected about you on or after the CCPA’s lookback date, which is January 1, 2022. Please note that personal information is retained by us for various time periods, so there may be certain information that we have collected about you since the lookback date, but that we no longer retain; there also may be personal information collected 12 months prior to your request that proves impossible to provide or that would involve disproportionate effort to provide (and thus, it would not be able to be included in our response to you). Please also note that you are limited to making two “right to know” requests in any 12-month period.

d. Right to Obtain a List of Third-Party Recipients

Residents of some U.S. states have a right to request a list of specific third parties, or categories of third parties, to which we have disclosed your personal information, or any personal information. You can also find information about categories of third-party recipients in a format not specific to you in this State Privacy Notice.

e. Right to Opt-Out of Sale/Sharing

You have the right to opt-out of certain processing activities, including sale and targeted advertising, which involves the use of personal information from different businesses or services to target advertisements to you.

Third-Party digital businesses (“Third-Party Digital Businesses”) may collect information about your device and/or your visit to the Services, through cookies and other Tracking Technologies. These Third-Party Digital Businesses may also collect and process personal information that we make available about you to them, such as digital activity information. Giving access to personal information on the Services, or otherwise, to Third-Party Digital Businesses, which may be carried out for the business and commercial purposes of advertising, marketing, and analytics, could be deemed a sale or targeted advertising. Therefore, we will treat such personal information collected by Third-Party Digital Businesses (e.g., cookie ID, IP address, and other online IDs and internet or other electronic activity information) as such, and subject to the opt-out requests described above. In some instances, the personal information we make available about you is collected directly by such Third-Party Digital Businesses using cookies and other Tracking Technologies on the Services or our advertisements that are served on third-party sites (which we refer to as “cookie personal information”). However, certain personal information which we may make available to Third-Party Digital Businesses may include non-cookie personal information, such as your email address (which we refer to as “non-cookie personal information”).

When you opt-out pursuant to the instructions below, it will have the effect of opting you out of sale and targeted advertising, such that our opt-out process is intended to combine both activities into a single opt-out. Please note that there are distinct instructions for opting out of cookie personal information and non-cookie personal information, which we explain further, below.

Opt-Out for Non-Cookie Personal Information. If you would like to submit a request to opt-out of our processing of your non-cookie personal information (e.g., your email address) relating to the sale or targeted advertising of such data, make an opt-out request here.

Opt-Out for Cookie Personal Information. If you would like to submit a request to opt-out of our processing of your cookie-related personal information relating to the sale or targeted advertising of such data, you need to exercise a separate opt-out request on our cookie management tool here. Our cookie management tool enables you to exercise such an opt-out request and enable certain cookie preferences on your device. You must exercise your preferences on each of our websites and mobile apps you visit, from each browser you use, and on each device that you use. Since your browser opt-out is designated by a cookie, if you clear or block cookies, your preferences will no longer be effective, and you will need to enable them again via our cookie management tool.

The CCPA also requires us to state that we do not knowingly sell, or share for targeted advertising, the personal information of individuals under 18.

We may disclose your personal information for the following purposes, which are not a sale or sharing for targeted advertising: (i) if you direct us to share your personal information; (ii) to comply with your requests; (iii) disclosures amongst the entities that constitute GES as defined above, to GES’s business Vendors, or as part of a Transaction; and (iv) as otherwise required or permitted by applicable law.

OPT-OUT PREFERENCE SIGNALS (ALSO KNOWN AS GLOBAL PRIVACY CONTROL OR GPC)

The CCPA and other applicable state consumer privacy laws require businesses to process GPC signals, which is referred to in California as opt-out preference signals (“OOPS”), which are signals sent by a platform, technology, or mechanism enabled by individuals on their devices or browsers that communicate the individual’s choice to opt-out of the sale and sharing of personal information. To use an OOPS/GPC, you can download an internet browser or a plugin to use on your current internet browser and follow the settings to enable the OOPS/GPC.

Please note that when we receive and process a GPC signal, we will apply such signal as an opt-out of sale and sharing as to cookie personal information only. You must follow the instructions above to make an opt-out request as to non-cookie personal information.

We do not: (1) charge a fee for use of our websites if you have enabled GPC; (2) change your experience with our websites if you use GPC; or (3) display a notification, pop-up, text, graphic, animation, sound, video, or any interstitial in response to the GPC.

f. Right to Limit Sensitive Personal Information Processing

Certain personal information qualifies as sensitive personal information under the CCPA, which we refer to in this Privacy Policy as “sensitive personal information.” The CCPA provides California residents the right to direct businesses to limit their use and disclosure of sensitive personal information if we use or disclose it beyond certain internal business purposes. However, we do not use or disclose sensitive personal information beyond such internal business purposes.

g. Automated Decision-Making

We currently do not engage in processing that constitutes automated decision making or profiling under CCPA. As of the Last Updated Date, the definitions of these concepts, and any associated opt-out and access rights have not been finalized and added to the updated regulations of the CCPA.

h. Right to Non-Discrimination

We will not discriminate or retaliate against you in a manner prohibited by the CCPA and other applicable state consumer privacy laws because you exercise your privacy rights.

i. Verification of Requests

When you make a request, we will verify that you are the person you say you are, or, if you are seeking information on behalf of another person, that you are authorized to make the request on their behalf. In addition, we will compare the information you have provided to ensure that we maintain personal information about you in our systems. As an initial matter, if we have collected personal information about you, we ask that you provide us with, at a minimum, your full name, phone number, and email, and the nature in which you have transacted or interacted with us. Depending on the nature of the request and whether we have the phone number or email address you have provided in our systems, we will request further information from you in order to verify that you are the individual about whom we have collected information. We will review the information provided as part of your request, and may ask you to provide additional information via e-mail or other means as part of this verification process. We will not fulfill your Right to Know (Categories), Right to Know (Specific Pieces), Right to Delete, or Right to Correction request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected personal information, or an agent of an individual authorized to act on the individual’s behalf. The same verification process does not apply to opt-outs of sale or sharing for targeted advertising, or limitation of sensitive personal information requests, but we may apply some verification measures if we suspect fraud.

The verification standards we are required to apply for each type of request vary. We verify your categories requests and certain deletion and correction requests (e.g., those that are less sensitive in nature) to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us, which we have determined to be reliable for the purpose of verifying you. For certain deletion and correction requests (such as those that relate to personal information that is more sensitive in nature) and for specific pieces requests, we apply a verification standard of reasonably high degree of certainty. This standard includes matching at least three data points provided by you with data points maintained by us, which we have determined to be reliable for the purpose of verifying you, and may include obtaining a signed declaration from you, under penalty of perjury, that you are the individual whose personal information is the subject of the request.

If we cannot verify you with respect to certain requests, such as if you do not provide the requested information, we will still take certain action as required by the CCPA. For example:

  • If we cannot verify your deletion request, we will refer you to this State Privacy Notice for a general description of our data practices.
  • If we cannot verify your specific pieces request, we will treat it as a categories request.

j. Authorized Agent

You may designate an authorized agent to submit your request on your behalf by submitting a request in the manners described above. If you are an authorized agent who would like to make a request, the CCPA and other applicable state consumer privacy laws require that we ensure that a request made by an agent is a Verifiable Privacy Request (except Do Not Sell/Share requests) and allows us to request further information to ensure that the individual whose personal information is the subject of the request has authorized the agent to make the request on their behalf. Generally, we will request that an agent provide proof that such individual gave the agent signed permission to submit the request, and, as permitted under the CCPA, we also may require the individual to either verify their own identity or directly confirm with us that they provided the agent permission to submit the request.

k. Making Requests

To make a privacy rights request, please contact GES at the following or visit our webforms.
Phone:
1.808.GES.TRUE
Webform: https://www.ges.com/contact-us/

l. Contact Us

If you have any questions or concerns about this State Privacy Notice or practices described in it, contact us using the methods provided in the Contact Us section above.

Annex A

U.S.
Global Experience Specialists, LLC
GES Event Intelligence Services, LLC
onPeak LLC

Canada
GES Canada Limited

EU
GES Event Intelligence B.V. (Netherlands)
GES Event Intelligence S.R.I. (Romania)
Exposervice Polska Sp. z.o.o. (Poland)
GES Verwaltungs GmBH (Germany)
GES GmBH & Co. KG (Germany)

UK
GES Event Intelligence Services Limited
GES Service Companies Ltd.
Spiro UK Division Ltd.

Middle East
Global Experience Specialists (GES) Exhibitions and Events (Qatar)
Saudi Global Experience Specialists for Preparing and Organizing Exhibitions (Saudi Arabia)
Global Experience Specialists Regional Headquarter Company (Saudi Arabia)
GES Global Experience Specialists Events L.L.C (UAE)
Global Experience Specialists (GES) Exhibition Services L.L.C (UAE)
GES Global Experiences Specialists Carpentry L.L.C. (UAE)
GES Global Experience Specialists Freight Broker L.L.C (UAE)

India
Global Experience Specialists India Private Limited