TYPES OF DATA THE COMPANY COLLECTS

1. Depending on how you interact with the Company and the purpose of this interaction, the Company may collect certain Personal Data, which includes but is not limited to:

   1. your first and last name, pseudonym, identity card number, passport number, a copy of your identity card and/or passport, email address, billing address, contact number, date of birth, nationality and visa information;

   2. details of the company/organisation in which you represent, its industry, business sector, business activity and registered business address;

   3. financial information including credit or debit card details, billing information and/or bank account details and transactional data;

   4. information relating to your professional role and organisational responsibilities including your involvement or influence in procurement or decision-making processes;

   5. photographs and video images including photographs taken by the Company’s third-party service providers at events organised by the Company;

   6. information collected through security and technology systems at the premises where such events are held, including but not limited to closed-circuit television (“CCTV”) footage of you recorded by the building management of the premises, QR code scanning for access or attendance management, internet or network systems (whether wired or wireless) and other similar security or access control systems during the period in which you attend those events;

   7. information relating to your access to and use of a customer account (where applicable), including identifiers and credentials required to authenticate and manage your account (such as login details and encrypted passwords), your account settings, choices and preferences, and records of your interactions with the account, including your participation history in events or activities made available through the account;

   8. (f)information relating to your participation in events organised or facilitated by the Company, including records of your attendance or dates of participation, areas, booths or stands visited and transactions or purchases made in connection with such events;

   9. (g)information relating to your use of social media features or functions made available by the Company, including information generated when you interact with, share content through, or otherwise engage with such social media functionalities, whether on the Company’s platforms or through third-party social media platforms integrated with the Company’s services; and

   10. any other personal data you choose to provide to the Company.

2. Cookies and web browser information

   1. When you visit the Website, the Company sends one or more cookies to your computer and other devices. The information obtained from such cookies may be used by the Company for storing user preferences and to enable the Company or third party advertising partners to display targeted advertisements which may be of interest to you.

   2. The Company also collects information which is sent to the Company by your web browser. When you browse the Website, the Company automatically receive your computer’s Internet protocol (“IP”) address and other information which provides the Company with information that helps the Company learn about your browser and operating system, such as the name of your operating system and the name and version of your browser. The Company may also collect additional information such as your screen resolution, browsing time, search history, operating system used, language and pages viewed.

   3. Other information the Company may collect include the address of the web page you were visiting when you accessed the Website and the date and time of your visit. The type of information the Company collect depends on the settings on your web browser.

HOW THE COMPANY COLLECTS YOUR DATA

1. The Company may collect your Personal Data:

   1. directly from you, including when you fill in the information via the “subscribe now” button on the Website, event registration form or when you contact the Company (for example, by emailing it);

   2. indirectly when you browse the Website by means of cookies and web beacons in the conditions defined above.

PURPOSE OF COLLECTING, USING AND DISCLOSING YOUR DATA

1. The Company may collect, use, disclose, retain and process your Personal Data for the following purposes, in the context of your use of the Website and your participation in events organised by the Company on its own behalf or that of a third party, to:

   1. process your request for, or to administer or provide, any services offered by the Company or third parties in connection with the Company’s business, including, without limitation, to process your registration and attendance at the event organised by the Company;

   2. process billing, payment or credit transactions;

   3. facilitate the identification, authentication and verification purposes, in connection with any of the services that may be supplied to you. Your Personal Data will only be requested when necessary to verify your identity or information provided by you;

   4. manage your relationship with the Company;

   5. organise and administer events conducted by the Company or on behalf of the Company;

   6. respond to, handle and process any enquiries, applications or feedback submitted by you;

   7. meet or comply with any obligation, requirement or arrangement for disclosing or using data, that is binding on or applies to the Company or which the Company is expected to comply, both existing currently and in the future and within or outside Singapore, according to:

      1. any law or regulation;

      2. any rules, guidelines, codes of practice and/or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry body or association relating to industries in which the Company participate or any relevant stock exchange (each an “Authority”); or

      3. any present or future contractual or other obligation or commitment owing to any Authority that is assumed by or imposed on the Company by reason of the Company’s business or other interests or activities in or related to the jurisdiction of the relevant Authority;

   8. protect the safety and security of all individuals at events;

   9. provide direct marketing (such as news and commercial information), including marketing jointly undertaken with other service providers. The Company will obtain your prior consent before contacting you with marketing information (see section 12 “Direct Marketing Statement”);

   10. conduct analytics and market research, including but not limited to surveys after events and analysis undertaken on the results in view of the Company’s intention to improve the event it organises;

   11. maintain or improve the Website including the content, appearance, design, utility, and performance thereof, and ensure the content of the Website is presented in the best way for a user and the user’s computer or device;

   12. undertake ongoing research, development or improvement of any services offered by the Company or by third parties that are related to or in connection with the Company’s business;

   13. enforce any legal or other rights the Company may have in any manner;

   14. transmitting to any third parties, including the Company’s third party service providers and agents, and any relevant Authorities, whether in Singapore or abroad, for the aforementioned purposes; and

   15. any other purposes related to or in connection with any of the purposes listed above.

2. To fulfil any of the above purposes, you may be contacted via email, direct mail, telephone call, SMS, communication application platform or other means that are allowed by local authorities.

3. The above purposes may continue to apply even in situations where your relationship with the Company has been terminated or altered in any way (for example, your registration for an event was cancelled), for a reasonable period thereafter.

DISCLOSURE OF YOUR PERSONAL DATA

1. The Company may disclose your Personal Data to third parties for the purposes outlined in section 3 (“Purpose of Collection”), including, without limitation, the following third parties:

   1. other companies within the Comexposium Group;

   2. third parties who provide services to the Company or perform any of the functions on the Company’s behalf (including but not limited to, third parties who provide administrative, telecommunications, information technology, security, payment, printing, email, marketing, cloud storage, data processing or other services to enable the Company to operate its business);

   3. third parties for the purposes of business matching, where you have expressly consented to the disclosure of your Personal Data to such third parties for that purpose;

   4. professional advisers (including but not limited to, bankers, lawyers and accountants);

   5. credit reference organisations and other third-party reference organisations;

   6. any other person or entity who has established or proposes to establish any business relationship with the Company;

   7. regulators and government authorities or agencies in any applicable jurisdiction;

   8. law enforcement agencies in any applicable jurisdiction; and

   9. the courts in any applicable jurisdiction.

2. For the avoidance of doubt, the Company shall not disclose your Personal Data to any third party for the purposes of direct marketing without your consent (see section 12 “Direct Marketing Statement”).

INTERNATIONAL TRANSFERS OF PERSONAL DATA

1. The Comexposium Group is a global group, with operations in various countries and regions. In order to provide you with services, the Company may, subject to applicable laws, transfer your Personal Data to other Comexposium Group companies or third parties in territories, countries or regions. Such countries and regions include, but not limited to France, Germany, Sweden, Algeria, Turkey, Denmark, Qatar, Monaco, Netherlands, Australia, China, India, Indonesia, Japan, Malaysia, Singapore, Argentina, Canada, and the United States.

2. If the Company transfers your Personal Data to territories, countries or regions outside of Singapore, the Company will take steps to ensure that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the PDPA. These steps include, but are not limited to, imposing binding obligations on the relevant Comexposium Group companies receiving your Personal Data or entering into a contractual agreement with a third-party recipient to ensure similar levels of data protection as those in Singapore.

RETENTION

1. The Company will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Policy, or to satisfy the Company’s business, compliance, and legal purposes or as required or permitted by applicable laws.

2. The factors used to determine the Company’s retention periods include:

   1. the length of time the Company has an ongoing relationship with you or the type of event in which you have attended;

   2. whether there is a legal obligation to which the Company is subject (for example, certain laws require the Company to keep records of your transactions for a certain period of time before the Company can delete them); and

   3. whether retention is advisable considering the Company’s rights and obligations under applicable laws (such as, for statutes of limitations, litigation or regulatory investigations).

3. In general, the Company’s data retention period is as follows:
   
   

   s/n	Type of event	Data storage period	People concerned
   (a)	Quarterly, six-monthly or annual events	During a period of five (5) years from the date on which you (the contact person) most recently expressed an interest	All types of participants at events (exhibitors, visitors, guests, partners, speakers, etc.)
   (b)	Biennial and triennial events	During a period of three (3) sessions from the date on which you (the contact person) most recently expressed an interest	All types of participants at events (exhibitors, visitors, guests, partners, speakers, etc.)

SECURITY

1. The Company shall use reasonable and appropriate measures to protect your Personal Data from loss, misuse, unauthorised access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the Personal Data.

2. Such measures include physical measures, technical measures (such as access control, password protection and dedicated user ID for authentication to protect your Personal Data and the systems it is stored in) and operational measures (for example, by limiting the number of people who have access to the databases in which Personal Data is stored).

3. However, you should be aware that no method of transmission over the internet or method of electronic storage can be completely secure. While security cannot be guaranteed, the Company shall take reasonable measures to protect the security of your information and is constantly reviewing and enhancing the Company’s information security measures.

COOKIES AND OTHER TRACKING TECHNOLOGIES

1. General use of cookies

   The Company uses cookies and other tracking technologies (as set out above) on the Website to collect information that helps the Company understand how the Website is used, to improve user experience and to ensure and enhance the performance, security and functionality of the Website.

2. Consent

   By continuing to access or use the Website, you consent to the Company’s use of cookies and other tracking technologies in accordance with this Privacy Policy, unless you have disabled such technologies through your browser or other available settings. You may refuse or disable cookies by adjusting your web browser settings, provided that certain functionalities on the Website may no longer be available if you do so.

3. Technical cookies

   1. Technical cookies are used to facilitate navigation on the Website and to enable and improve its operation and access to its various functions. These cookies are necessary for the proper functioning of the Website and may include cookies that allow security features to be implemented, such as requiring you to log in again after a period of inactivity.

   2. If you choose to deactivate technical cookies, access to certain services or features of the Website may be impaired. In such circumstances, the Company shall not be responsible for any resulting limitations or disruptions to the use of the Website.

4. Audience measurement cookies

   1. Audience measurement cookies are used to measure and analyse usage of the Website, including the number of visits, pages or sections viewed, time spent on the Website, content interactions, and information relating to the browser or device used.

   2. These cookies may be placed on the Website by third-party service providers acting on behalf of the Company, for the purpose of providing aggregated statistical information to the Company.

5. Third-party cookies linked to social media share buttons (“Third-Party Social Media Cookies”)

   1. The Website may embed social media “plug-ins” which allow the sharing of content (from the Website) to your social media account. These social media plug-ins can be identified by the logo on the button plug-ins of the respective social media platform. To enable the proper function of these plug-ins, Third-party Social Media Cookies may be required to make it possible to share the Website’s content (for example, the “share” or “like” buttons used by Facebook). The Company has no control over these Third-party Social Media Cookies or the data collected through the companies managing these social media platforms.

   2. If you do not wish for the social media platforms to link Personal Data collected through the Website with your social media account, you should log out of the relevant social media platform before accessing or using our Website.

   3. You should read the privacy policies of the social media platforms concerned.

ACCESS AND CORRECTION RIGHTS

1. You have the right to request access to or correction of any Personal Data that you provide to the Company. You may make such a request by writing to:

   Attn: Data Protection Officer
   Email: privacycxpsg@comexposium.com
   Mailing Address: 152 Beach Road, #07-07/08, Gateway East, Singapore 189721

2. 9.2The Company shall respond to your request as soon as reasonably possible. Should the Company not be able to respond to your request within thirty (30) days after receiving your request, the Company shall inform you in writing within thirty (30) days of the time by which the Company will be able to respond to your request. If the Company is unable to provide you with any personal data or to make a correction requested by you, the Company shall generally inform you of the reasons why it is unable to do so (except where the Company is not required to do so under the PDPA).

ACCURACY OF PERSONAL DATA

1. 10.1The Company generally relies on the Personal Data provided by you (or your authorised representative). In order to ensure that your Personal Data is current, complete and accurate, please update the Company if there are changes to your Personal Data by informing the Company’s Data Protection Officer in writing or via email at the contact details provided above.

WITHDRAWAL OF CONSENT

1. The consent that you provide for the collection, use, processing and disclosure of your Personal Data shall remain valid until such time it is withdrawn by you in writing.

2. You may, at any time, withdraw your consent in relation to the collection, use, disclosure, and retention of your Personal Data, by writing to the Data Protection Officer at the contact details provided above.

3. Upon receipt of your written request to withdraw your consent, the Company may require reasonable time for your request to be processed and for the Company to notify you of the consequences of the Company acceding to the same, including any legal consequences which may affect your rights and liabilities. In general, the Company shall seek to process your request within ten (10) business days of receiving it or such longer period that the Company may notify you of.

4. While the Company respects your decision to withdraw your consent, please note that depending on the nature and scope of your request, the Company may not be in a position to continue providing services to you (including your attendance at events) and the Company shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform the Data Protection Officer in writing at the contact details provided above.

5. Please note that withdrawing your consent does not affect the Company’s right to continue to collect, use and disclose Personal Data where such collection, use and disclosure without consent is permitted or required under applicable laws.

DIRECT MARKETING STATEMENT

1. The Company may use your name, address, email address and/or telephone number (“Contact Data”) to send you information, news updates and promotional material (“Marketed Services”) and/or for the purposes of facilitating business matching opportunities, offered by the Company or other Comexposium Group companies but only if the Company receives your consent for such use. You would be required to provide your consent by checking the opt-in box when you register for an event with the Company, sign up for a customer account or log into our Website.

2. If you do not want the Company to use or transfer your contact information for direct marketing as described above, you may opt-out (either entirely or selectively) at any time, free of charge, by writing to the Company at the following contact details above.

THIRD PARTY LINKS

1. The Website may include links to other websites hosted, operated or controlled by third parties whose privacy practices may differ from the Company’s practices. If you submit your Personal Data to any third-party websites, please note that the use of your Personal Data is governed by their privacy policies. The Company shall not be responsible or liable for the privacy practices or the content of such third-party websites. The Company encourages you to carefully read the privacy policy of any website you visit.

CHANGES TO PRIVACY POLICY

1. The Company may, from time to time and without prior notice to you, update this Privacy Policy on the Website. You may determine if any such changes have taken place by referring to the effective date on which this Privacy Policy was last updated. Your continued use of the Website or any of our services constitutes your acknowledgement and acceptance of such changes and notice of this Privacy Policy. If at any point the Company decides to use the Personal Data you submitted in a way that differs materially from the Privacy Policy that applied at the time of that submission, you will be notified and given the opportunity to opt out or otherwise prevent such usage.

GOVERNING LAW

1. This privacy policy shall be governed and construed in accordance with laws of the Republic of Singapore. Any dispute arising out of or in connection with this privacy policy including any question regarding its existence, validity or termination, shall be referred to and finally resolved by the courts of Singapore.