RegisterONE Platform Ecosystem

Meanings of Words and Terminology Used by RegisterONE (GDPR specific)

Data protection principles

1. Lawfulness, fairness and transparency - Processing must be lawful, fair, and transparent to the data subject.
2. Purpose limitation - Data must be processed for the legitimate purposes specified explicitly to the data subject when collected.
3. Data minimization - Collection and processing only as much data as absolutely necessary for the purposes specified.
4. Accuracy - Personal data must be kept secure, accurate and up to date.
5. Storage limitation - Storage of personally identifying data for only as long as necessary for the specified purpose.
6. Integrity and confidentiality - Processing must be done in such a way as to ensure appropriate security, integrity, and confidentiality (e.g. by using encryption).
7. Accountability - The data controller is responsible for being able to demonstrate GDPR compliance with all of these principles.

GDPR data subject privacy rights

1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erasure
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling.

Data controller

The person or entity who decides why and how personal data will be processed. If you're an owner or employee in your organization who handles data, this is you.

Data processor

A third party that processes personal data on behalf of a data controller. The GDPR has special rules for these individuals and organizations.

Primary Client (Controller, Data Subject)

A Primary Client is a natural person or entity who has registered with RegisterONE and whom is the Direct Authorized End User or Administrator working on the behalf of a Primary Client (Convention, Trade Show, Association, Corporate, Non-Profit, Expo, Fairs, Festivals, etc.) actively within the RegisterONE Platform. They have complete access and control over the Applications and Features utilized; the information and data collected processed and used; control the purpose, scope and practices for the use of the Primary Business Contacts personal information and data provided.

Client Business Contact (Data Subject)

The natural person whose data is processed after receiving express consent to do so.

An Individual who has expressly consented to the privacy policy of RegisterONE and is accessing and using the website, applications and features as a Client Business Contact (Attendees, Exhibitors, Speakers, Trainers, Sponsors, Workshop Participants, etc.) to attend and take part in an event organized by a Primary Client. Shared information and data may include personal information and data, access information and usage data. These include former and current client business contacts as applicable.

Visitors

Website Visitor is a natural person who visits, connects to and interacts with the RegisterONE Platform to peruse our current offerings and learn more about its Applications and Features (read about services offered, sign up for a demo, talk with the chat bot or to interact with an individual whom we meet and interact with at a conference, tradeshow, or as a referral or from any other third party, etc. Shared information and data may include personal information and data, access information and usage data.

Express Consent

Consent of the primary client, client business contact or visitor is any freely given, specific, informed and unambiguous indication of your wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal information and data directly relating to him or her on RegisterONE. You have the right to retract, modify or deny consent at any time.

Personal Data (unique identifier's)

Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Pseudonymous data can also fall under the definition if it's relatively easy to ID someone from it.

Data Processing

Data processing is any operation or set of operations or actions which is performed on personal information and data or on sets of personal data, whether by automated or manual means. These actions run the gamut from collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Pseudonymisation

Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

RegisterONE (Processor)

RegisterONE is responsible for the processing of personal information or data and is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, RegisterONE or the specific criteria for its nomination may be provided for by Union or Member State law.

Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting processing in the future.

Third Party

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the Primary Client (controller) or RegisterONE (processor), authorized to process personal data.

How Types of Primary Client and Client Business Contact's Information and Personal Data is Collected and Processed from the Website and Apps by RegisterONE

Technical Data

1. Your internet protocol (IP) address, login data, browser type and version, time zone setting and geo location, browser plug-in types and versions, operating system, Website and other technology on the devices you use to access this website.

Profile Identity Data For Registration

1. Legal first name, last name, username and password or similar identifier, security challenge question/quotes, 2-factor authentication process, company/organization name and job title, registrations, transactions and sign-ups directly associated with your account for verified, authorized and authenticated access.
2. Also used for account administration, verification, authorization and authentication access.

Usage Data

1. Personal Data Usage and Application Data Usage for internal analysis and research to help us improve and refine Primary Client Applications and Features offered.
2. Information about how you use our website and services, such as which webpages you visit, what you click on, when you perform certain actions, what language preference you have, what you buy, etc.

Marketing, Blogs, Mailing Lists and Social Media Communications

1. To Manage, Operate and Promote the business and brand through the Website, Marketing and Social Media.
2. We ask for express consent to send and receive your personal information and data per your individual preferences stated in relation to standard communication inquiries (service and product demos, customer support services/requests, SMS texts, survey, marketing/advertising, etc.) and also personalized communication preferences from us (email, phone, teleconference, postal mail, fax, etc.). Requests may also be sent to former, current or potential Primary Clients or Client Business Contacts to answer questions or promote RegisterONE.
3. A Primary Client or Client Business Contact can post queries to the Chat Bot directly on the Website. Personal Information or data supplied by you may be discussed between the Primary Client or Client Business Contact and RegisterONE Support while messaging back and forth. These communications are not made publicly available, and a copy of the conversation is sent to the preferred email address provided.
4. Please contact us directly if you no longer wish to receive these support request responses or any further transaction-related communications. If you have chosen to withdraw your consent from certain types of message formats, please note that emails and other communications sent and received in response to specific requests made by you for additional information, assistance or provided as part of the Terms and Conditions of Service will still be maintained to fulfill contractual and legal obligations. Restricting, withdrawing consent and/or opting out of these communication features may impede the fulfillment of the Terms and Conditions of Services we provide.
5. A Primary Client or Client Business Contact can choose to restrict, withdraw and/or opt-out of receiving these marketing messages at any time by contacting us (insert link to form here).

Social Networking, Social Media Sharing

1. When a Primary Client or Client Business Contact uses their personal social media credentials to share information on their preferred social media platform, we will share information with their social media account provider. The information we share will be governed by the social media site's privacy policy.

Disclosure to Provide, Maintain and Support the Applications and Features (and Services) of RegisterONE

1. We reserve the right to the use of personal information and data we receive for website administration, investigations, resolution of any queries, feedback, complaints and for providing customer service and support.
2. To Enable the Primary Client or Client Business Contacts to access, interact with and use their RegisterONE account credentials across multiple devices within the website for a streamlined check in/check out process.
3. Third party information Collection, Processing and Disclosure is limited to the appointed third party contractors, service providers and payment processors necessary to process transactions and payments for services provided (web hosting, data center and payment processors, etc.). The information disclosed is considered necessary or reasonable in order to provide, maintain and support our Applications and Features for our Clients and their Client Business Contacts.
4. We may use Third Party Websites and External Links (social media sites, etc.) owned and operated by third parties. If you click on the link, you will leave our Website and be redirected to the third parties' website. The third party website or external website's privacy policy is solely responsible and will govern the personal information and data they collect and process about you. RegisterONE is not responsible for the privacy practices of these websites, and we suggest that you to read their privacy policies carefully before entering personally identifiable information.
5. Disclosure to event organizers, exhibitors, or other attendees, as directed by a Primary Client or expressly consented to by a Client Business Contact. An example is Lead Retrieval. An Attendee or "Client Business Contact" consents to having an Exhibitor or "Client Business Contact" scan their event badge to share their contact information, thereby expressly opting in to give consent to receive exhibitor information, or expressly consenting to share information in a RegisterONE mobile application (e.g., name, contact information, profile picture, survey responses, Q&A features, comments, messages, poll responses, etc.). On the flip side, the Exhibitor also consents to share their information to the Attendee.
6. RegisterONE DOES NOT BARTER, SHARE OR SELL ANY INFORMATION WITH THESE THIRD PARTIES FOR ANY PROMOTIONAL PURPOSES WHATSOEVER.

Delivery of Services by Contractual Obligations Through the Applications and Features to the Primary Clients

Examples:

1. An email confirmation will be sent to a Client Business Contact if an Application is used for registration and sign up to an event. The Primary Client will receive an alert that a new applicant registration has been received. We will also send pertinent details and announcements in conjunction with the applicant registration.
2. If a Client Business Contact uses one of our Applications and Features to pay for an event's applicant registration fees or any other services offered or provided by the Primary Client using their credit cards for payment, we will pass the credit card information on to payment card processors to validate the payment information and complete the transaction.
3. If a Primary Client or a Client Business Contact wishes to submit a Request for Proposal (RFP) and/or reserve a meeting space provided at an event for an appointed time agreed upon by the parties in question, the relevant information will be disclosed to each party, which may contain personal information and data. This information and data may be necessary to facilitate an appropriate response, notification and approval.

Disclosure to Transfer of Assets

1. If RegisterONE is acquired in part or in whole by a third party in the event of a merger, divestiture, restructuring, recapitalization, reorganization, dissolution or other sale or transfer in part or in whole of RegisterONE's assets, whether as a continuing operational business or as part of bankruptcy, liquidation or similar proceedings, the personal data held by RegisterONE about our Primary Clients and Client Business Contacts is among the assets considered transferable to the new owner.

Disclosure for Internal Administration, Processing and Market Research Purposes

1. We aggregate and anonymize personal information and data provided to RegisterONE from our Primary Clients and Client Business Contacts. We use this information and data to improve and enhance the use and performance of our Applications and Features, to create website benchmarks and other business intelligence. This data is generalized and does not contain unique identifiers whatsoever.
2. Use in internal business administration and processing purposes shall be limited in purpose and scope to include administering to access and use of our Applications and Features, data analysis, securely identifying verified, authorized, credentialed Primary Clients and Client Business Contacts upon website login, enhancement, modification and improvement of our Applications and Features, determining the effectiveness of our promotional campaigns, billing for contractual obligations and services rendered, and all other operations pertaining to running our business operations effectively.
3. For other purposes where Primary Clients and Client Business Contacts provide express consent for the improvement, refinement or enhancement of the applications and features offered or as required or permitted by law.

Legal and Contractual Compliance

1. That which is necessary and appropriate to comply with applicable laws and regulations, both domestic and international.
2. To uncover, stop or rectify any suspected theft, fraud, market manipulation or illegal activity, both domestic and international.
3. To respond to and protect public safety and ensure legal rights through investigations, legal claims and processes, requests by law enforcement, public officials and government authorities or other third parties both domestic and international.
4. To protect against unauthorized individuals from using personal information and data for identify theft or to make fraudulent transactions not made or authorized by you.
5. Enforcement of contractual Primary Client Agreements or other contractual obligations agreed upon.

The Data Collection and Processing Methods Used by the Primary Client

Identity Data entered directly by you on Applications and Features

You voluntarily and expressly consent to enter your personal information or data manually by filling out the application forms or uploading files, pdf's, etc. into the Applications and Features presented on the Website.

Identity Data Entered Manually on your behalf on Applications and Features

If a Primary Client manually enters in personal information or data at the request of a Client Business Contact, they must first obtain express consent before inputting in the personal data on behalf of the Client Business Contact.

Identity Data Collected Automatically from You with Cookies and Web Beacon Technologies

Personal information or data captured automatically with cookies and Web Beacon Technologies from the Client Business Contacts as they connect and interact with our Applications and Features may be collected and used by the Primary Client.

WHAT ARE THE TYPES OF PERSONAL INFORMATION OR DATA THAT OUR PRIMARY CLIENTS COLLECT, PROCESS AND USE ABOUT YOU?

Personally Identifying Information Collected, Processed and Used about You May Include

1. Personal Information and Data includes profile photograph, first name, last name, username, password or similar identifier, company/organization name and job title.
2. Educational, Nationality and Professional identifiers.
3. Contact details include business billing (postal) address, delivery address, email address, telephone numbers and fax number.
4. Communications between Primary Clients and other Client Business Contacts to communicate about updates, timelines, briefings or other pertinent details for the event.
5. Special Categories of information covering the spectrum from association memberships, dietary preferences/needs, health, disability, race, ethnicity, record of criminal offenses/malfeasance (or alleged), political opinions, bio-metric data or religion/religious affiliation.
6. Geo-location information at the conference (if you attend a conference where RFID-enabled badges are used and you do not request a non-RFID-enabled badge).
7. Information collected when the event is video recorded or photographed. Then providing edited recordings of certain sessions, workshops, engagements, etc. to interested Client Business Contacts, Attendees, and online through our website.

Retention of Transactional

information to Engage in Certain Activities/Processes

1. To Enable the Client Business Contact authorized access to their RegisterONE account across multiple devices.
2. Conducting the event
3. Details of personal services provided by the Primary Client to you, such as attendance registrations, receptions, networking activities, certifications, etc.
4. Check-In to event/ Check-Out from event
5. Online Questionnaire or Client Feedback Survey
6. Request for Proposal ("RFP"), Documentation Upload/Download
7. Credit or Debit Card numbers, Personal Check, Bank Routing Numbers
8. To Enable and facilitate peer to peer networking opportunities based on the Client Business Contact's background, interests and experience preferences.
9. Monitoring and facilitating social media content to manage relations with our Client Business Contact's and promote the Primary Client's business and brand.
   
10. Analyzing attendee interests and interactions with the conference through geo-location data.

RegisterONE's Use of Visitor Personal Data Collected and Visitor Rectification

How RegisterONE Processes Personal Information and Data from Visitors

1. To evaluate and analyse our website functionality and access related to your use.
2. To personalize and enhance your browsing experience, offer relevant services or features that may be more relevant to you.
3. To discover and Diagnose website technical difficulties and problems.
4. To ascertain, investigate and rectify fraudulent or illegal activity.
5. To send and receive communications related to service offerings or to announce privacy policy changes.
6. To answer your service offering requests and inquiries.
7. To send you relevant information to promote new services, informative newsletters, whitepapers and prospective promotions or events (we will obtain your express consent before sending you marketing emails).
8. To evaluate, analyze and find new clients.
9. To customize advertising, sales and promotional programs.
10. To invoice and bill clients for our services and determine the likelihood that prospective clients have the means for RegisterONE services.
    

Storing of Visitor Personal Information and Data

After we gain express consent, we process Visitor personal information and data for marketing purposes. The data is processed until the Visitor sends a request to remove them from promotional, sales and advertising. The request may take up to 30 days to carry out or no longer than governed and required by applicable law. RegisterONE shall not hold Visitor personal information and data longer than designated by law and/or permitted for in the local jurisdictions where RegisterONE's services are marketed and regulated by. Our record-keeping and audit procedures will retain a list of Visitors who wish to opt out of our direct marketing program or the indeterminate processing of Visitor data in perpetuity.

Sharing of Visitor Data from Third Party

RegisterONE may share personal information and data from Visitors who have expressed consent or is permissible under applicable law to share with third parties and are who are also in attendance for a RegisterONE marketing event. The Visitor may also permit or opt-in for their badge to be scanned.

To Access, Correct or Delete Visitor Data

Visitors have the same rights to access, correct or delete their personal information and data to restrict, withdraw and/or opt-out as do primary Clients and Client Business Contacts, as outlined in section "How Can a Primary Client Access, Correct, Update or Delete their Personal Information and Data Provided to Restrict, Withdraw and/or Opt-Out?" or "How Can a Client Business Contact Access, Correct, Update or Delete their Personal Information and Data Provided to Restrict, Withdraw and/or Opt-Out". Any Visitor that seeks to access, correct or delete their personal information and data to restrict, withdraw and/or opt-out needs to submit a request on our website at https://www.registerone.com/privacy-data-request/. We will process this request within 30 days.

RegisterONE will not comply with a request to modify information if we believe the modification would violate any law, legal requirement, fiduciary obligation, or cause the information to be incorrect or misstated. In this instance, we will notify the Visitor about the legal obligations that prevent us from executing the request.

Our record keeping and audit procedures will retain a list of Visitors who request to access, correct or delete personal information and data and/or to restrict, withdraw and/or opt-out for record maintenance and for compliance with regulatory requirements.

RegisterONE May have Collected the Following Categories of Personal Information of California Residents in the Past 12 Months

• Identifiers such as a name, postal address, Internet Protocol address, email address, or other similar identifiers.
  
• Categories of personal information described in subdivision (e) of California Civil Code Section 1798.80.
• Characteristics of protected classifications under California or federal law.
• Commercial information, including previous records of/ or for services purchased or under consideration for purchase.
• Internet or other electronic network activity information.
• Geo-location data.
• Audio and visual information, such as customer service call recordings and digital photographs.
• Professional or employment-related information.
• Education information.
• Conclusions or inferences drawn from any of the information identified above.