expo-exit.com | Privacy Statement
This is the Privacy Statement of expo-exit.com.
Expo-Exit & the BIG Group uses best practice to ensure compliance with the General Data Protection Regulation (GDPR) and ensure that information gathered is used fairly and only for the purpose intended.
All information gathered is kept safely, securely and privately and is never shared with any third party.
The information gathered will only be passed on to anyone else for purpose of the performance of a contract that we hold with them or that we hold with you, or because you have given consent or due to legal reasons.
The only exception is if we are required to do so by law or to protect the service user or someone else from serious harm.
You can request to see your information at any time, or request to withdraw your information. You have a right to object to the processing of your data.
This privacy statement refers to specifically to the following respondent groups covered during an onsite and or online research assignment:
Visitors to an event / Exhibitors at the event / Delegates to a conference
Specifically relating to current GDPR requirements, the following are strictly observed:
- The data subject has the right to obtain from the controller certain information about how their personal data is processed and by whom.
- GDPR gives data subjects the right to request access to, correction or deletion of their personal data in certain circumstance.
- Expo-Exit/BIG keep records of their processing activities conducted by their sub-processors.
- Data breach notifications: In the unlikely event of a data breach, Expo-Exit/BIG will notify all those required within 48 hours of discovering any such breach.
- The CEO is the designated Data Protection Officer (DPO) to oversee internal compliance, fulfil data protection obligations and act as a point of contact for data subjects and regulators
- Security: Expo-Exit.BIG have implemented appropriate security standards (The Data Processor agrees that it shall: in a manner consistent with Data Protection Laws and Regulations and with any guidance issued by the Supervisory Authority, implement appropriate technical and organisational measures to safeguard the Data from unauthorised or unlawful Processing or accidental loss, destruction or damage, and that having regard to the state of technological development and the cost of implementing any measures, such measure shall ensure a level of security appropriate to the harm that might result from unauthorised or unlawful processing or accidental loss, destruction or damage and to the nature of the Data to be protected.)
- Cross-border data transfers: The Data Processor may not Process or transfer the Data outside of the European Economic Area (EEA) except with the express prior written authority of the client in all cases.
VISITORS data (Event or Conference)
Expo-Exit.com and/or the Business Information Group do not collect personal data from visitors to exhibitions or conferences.
The scope of the data collected in relation to Visitors to an event/conference is strictly limited to the following:
Socio-economic demographic profiles
Male/female
Residence location (province, region, international etc. and never personal address)
Occupation (job title or industry sector only)
Age range (within 10 year bracket-rages)
+
Event specific data e.g. satisfaction, loyalty, spend at event, rating of features etc.
EXHIBITOR data (Exhibitions)
Personal data is not collected from the exhibitor population with the exception of Exhibitor fascia name or exhibitor company name and exhibitor stand number. These are collected purely for completeness control for the research project manager.
The data is distributed & collected via a manual survey sheet which is distributed in a controlled manner to the exhibitor population. Collection is typically on the last afternoon of the event.
The physical survey sheets are reconciled to the exhibitor list, batched and input to the system post event, typically within 2-3 days of the event close.
Processing of both visitor and exhibitor data
Visitor data is uploaded to the web based data processing platform on the day of collection.
The upload number is reconciled to the number received by the platform and deleted from the onsite tablet.
Exhibitor data is data entered by the assignment project manager in a secure location and the sheets are physically destroyed (shredded or burned)
Late submissions of survey sheets are data entered (if received prior to publication of the final report) and disposed of in the same manner.
Final reporting (visitor & exhibitor reports)
The finished reports are produced using tools such as PowerPoint and held on a secure password protected laptop under the direct control of the CEO. Once these have been approved by the client, all prior versions are deleted from the system. Retention period is 12 months rolling period to ensure reconciliation to prior year data for trend analysis, change management/audit trail purposes.
How do you use my information for marketing purposes?
We do not use your information for marketing purposes.
What if I am under 18?
If you are aged 18 or under please ask your parent or guardian for their permission to provide us with your contact information.
Do you pass any personal information to third parties?
We do not share any personal information to third parties.
Do you transfer any of the information collected abroad for other purposes?
expo-exit.com does not generally transfer any personal information abroad.
If members of the public wish to see what personal information expo-exit.com may hold on them, please write to:
Data Controller Expo-Exit.com
118 DRUMCONDRA ROAD LOWER
DUBLIN 9
IRELAND
D09 A2H3
General information on Data Protection is available from the Office of the Data Protection Commissioner’s website
Last updated July 2019
Tony Brady,
expo-exit.com
