Privacy Policy

1. Name and Address of the Controller

For the organization of Integrated Systems Europe 2025 (“Event”), the Controller within the meaning of the General Data Protection Regulation (“GDPR”) and other national data protection laws of the Member States of the European Union as well as other data protection provisions is:

• Identity: Integrated Systems Events, LLC (“ISE LLC”, “we” or “us”)
• Postal Address: 11242 Waples Mill Road, Suite 200, Fairfax, VA 22030, United States of America
• Phone number: +1 703 277 6759
• Email: privacy@iseurope.org

All shares in ISE LLC are held by

• AVIXA, 11242 Waples Mill Road, Ste 200, Fairfax, VA 22030 USA,
  Email: avixa@avixa.org, Phone: +1 703 273 7200 (“AVIXA“), and
• CEDIA, 8475 Nightfall Lane, Fishers, IN 46037 USA,
  Email: info@cedia.org, Phone: +1 317 328 4336 (“CEDIA“)

Joint controllership Exhibitors: If you register via an invitation code from an organization reserving exhibit space at the Event ("Exhibitor"), ISE LLC acts as a joint controller together with the Exhibitor for this part of the registration process. The joint controllership is limited to this specific part of the processing activity. We have entered into a joint controller addendum to determine our respective responsibilities for compliance with the obligations of the GDPR with regard to this joint processing activity. We are responsible for executing data subject requests as explained in chapter 5 for personal data that is processed and stored during the registration. The Exhibitor is responsible for executing data subject requests when it has received information from us following your registration, as explained in chapter 3.

2. Scope of the Processing and Legal Bases of Data Processing

2.1. Data Processing for the Purpose of Participation in the Event and Marketing by us

The Event is organized by us as general organizer. We refer to the personal data collected by us from you as an attendee of the Event (“Attendees”) during the registration as “Attendee Data”. The following categories of Attendee Data are collected and processed:

• name
• e-mail address
• country of residence
• company name and related information, such as the number of employees and primary business
• postal code/ZIP
• gender
• telephone number
• job role, business interests and budget authority

We  will  process your Attendee Data for the following purposes:

• planning and organizing the Event;
• performing marketing activities via e-mail relating to the Event and future related Events.
• facilitating your access to the Event;
• communicating important updates or information about this Event.  We will process your Attendee Data based on the following legal grounds:

• By accepting your registration, we will enter into a Service Agreement with you. To enter into, execute, manage and implement your Service Agreement, we will process personal data based on Article 6(1)(b) of the GDPR. The other terms and conditions of such Service Agreement are set out here; and
• to perform marketing activities and execute organizational activities such as informing the Exhibitors on your use of their registration codes, the processing is based on the legitimate interests of ISE LLC as per Article 6(1)(f) of the GDPR. If we process personal data on the basis of the legal ground ‘legitimate interest’, we assess whether the impact on your interests and rights and freedom overrides our legitimate interests prior to the processing. If you wish to receive further information on the balancing of interests by ISE LLC, please contact us by using the contact details in paragraph 1 of this Privacy Policy.

2.2. Data Processing for the Purpose of Receiving Marketing Information

ISE LLC herewith offers to share your Attendee Data to provide you with industry-specific newsletters and other marketing information, but only with your explicit consent that you can provide during your registration to the Event. ISE LLC will share your Attendee data with:

• its shareholders, AVIXA and CEDIA; and
• sponsors and partners involved in a conference that you have attended

This includes the following Attendee Data:

• name;
• email address;
• country of residence;
• company name;
• job role; and
• (limited to CEDIA and AVIXA:) budget authority.

The legal basis for the transfer of your personal data in connection with the provision of newsletters and marketing information is exclusively your consent pursuant to Article 6(1)(a) and 7 GDPR.

3. Transfer of Personal Data to Third Parties

We share Attendee Data with the parties set out below:

• Fira Internacional De Barcelona (“FIRA”), as they facilitate the registration process and supply the software to support the registration process;
• Other ISE entities, as they assist with practical aspects of organizing the Event (e.g. assisting you when you want to change your registration);
• Exhibitors, as they are part of the registration process by distributing the invitation codes. ISE LLC informs the Exhibitor if you have registered yourself via their invitation code;
• Sponsors and partners, in order to organize and manage activities related to their conference during the Event and for marketing purposes;
• Map Your Show, Inc, in order to provide the Attendees easy access to the Show Planner. The personal data is only shared with Map Your Show once you register for the use of the Show Planner.
• IML Group, United Kingdom, for the purpose of distributing our Rise Magazine, and
• AVIXA and CEDIA, for marketing purposes.

We have taken extensive technical and organizational measures to protect your personal data and only disclose these personal data to third parties with similar standards of technical and organizational measures. We have concluded data sharing agreements with all parties to ensure Attendee Data is shared and protected in accordance with the applicable data protection legislation.

An Exhibitor may wish to scan your badge so they can contact you with more information. FIRA de Barcelona provides badge scanning services to Exhibitors (‘Lead Retrieval’). By allowing an Exhibitor to scan your badge you are consenting to provide them with your contact information as disclosed during your registration (name, surname, email). You engage in a direct relationship with an exhibitor and thereafter they may contact you, subject to their respective data collection policies and practices. If you do not wish an exhibitor to contact you in the future, or wish to exercise your rights of access, deletion, rectification, or portability, please communicate this directly with the exhibitor. If you visit a stand or speak with an exhibitor but do not allow your badge to be scanned, your contact information will not be disclosed to that exhibitor.

Data transfer outside the EEA: In principle, all personal data is hosted on servers located in the European Economic Area (“EEA”). However, the sharing of Attendee Data with AVIXA and CEDIA involves transferring your data outside the specifically to the United States of America. The sharing of Attendee Data with Exhibitors and/or sponsors/partners also might involve transferring your data outside the EEA if the exhibitor and/or sponsor and/or partner is established outside the EEA.

Transfer to the United States of America: There are a number of theoretical risks for your personal data associated with the transfer of data to recipients in the United States of America (possible access to your personal data by U.S. authorities under the PRISM and UPSTREAM surveillance programs based on Section 702 of FISA (Foreign Intelligence Surveillance Act), as well as under Executive Order 12333 or Presidential Police Directive 28; Ineffective legal protections for citizens of Member States of the European Union against such access in the United States of America or in the European Union). ISE LLC, AVIXA, CEDIA and the sponsors and partners have signed Standard Contractual Clauses to minimize these risks which provide for specific technical protective measures. Also, AVIXA and CEDIA are working on obtaining certification under the EU-US Data Protection Framework.

Please contact us using the contact details mentioned in paragraph 1 of this Privacy Policy if you require further information on the specific mechanism used by us when transferring your personal data out of the EEA.

4. Data Deletion and Storage Period

Your personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. The data may be stored for longer if this is permitted by applicable legislation or standards. Data will also be blocked or deleted if a storage period prescribed by applicable legislation or standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

5. Your Rights

As a data subject, you have the following rights regarding your personal data and the processing thereof:

• To obtain access and information under the terms of Article 15 of the GDPR;
• To rectification under the terms of Article 16 of the GDPR;
• To erasure (“right to be forgotten”) under the terms of Article 17 of the GDPR;
• To restriction of processing under the terms of Article 18 of the GDPR;
• To data portability under the terms of Article 20 of the GDPR;
• To object under the terms of Article 21 of the GDPR; and
• To withdraw your consent at any time you, where – as here – processing is based on your consent pursuant to Article 7 paragraph 3 of the GDPR; the withdrawal of your consent does not affect the legitimacy of the processing that occurred based on your consent before the withdrawal (Article 21 of the GDPR).

These rights are not absolute. There may be circumstances in which we cannot (fully) implement your request as a data subject. As regards requests for the deletion of personal data, it should be taken into account that we will not grant such a request if it is incompatible with the mandatory statutory retention periods of ISE LLC.

If you wish to exercise any of the above rights, please contact us using the contact details mentioned in paragraph 1 of this Privacy Policy. The information provided is in principle free of charge. You may exercise these rights at reasonable intervals.

In addition to the aforementioned rights, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens; AP), post office box number 93374, 2509 AJ The Hague, the Netherlands. For more information, please visit the AP website at https://autoriteitpersoonsgegevens.nl.

6. Updating the Privacy Policy

We may update this Privacy Policy from time to time in response to legal, technical or business developments. The date of the most recent update can be found at the end of this Privacy Policy.

7. Security

We have taken appropriate technical and organizational measures to protect your personal data against loss or any other unauthorized use. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

8. How to contact us

If you have any questions or concerns about our use of your personal information or the contents of this Privacy Policy, please email us at privacy@iseurope.org.

Last updated:  October 1, 2024