The IAFE values your data.
This policy describes the types of information we may collect from you or that you may provide when you visit our websites www.fairsandexpos.com, www.iafeconvention.com, www.iafecontest.com, www.iafefoundation.com, or www.findthatfair.com (our “Website”) and our practices for collecting, using, protecting and disclosing that information.
Supplementary rules apply in relation to individuals whose data we collect if they are located in the European Union or European Economic Area (in which case, please see the EU privacy notice below).
This Policy applies to information we collect on our Website; in email, text or other electronic messages between you and our Website; through mobile and desktop applications you download from our website, which provide dedicated non-browser-based interaction between you and our Website; when you sign up for any event that we host; when you interact with us in any other way.
Information we collect about you and how we collect it.
- Information that you provide by making an inquiry or joining as a member. This includes information provided at the time of registering to our website, donating to the IAFE Education Foundation, subscribing to services available on our website, posting material or requesting further services. We may also ask you for information when you enter a contest or promotion sponsored by us, and when you report a problem with our Website.
- Records and copies of your correspondence (including email and other electronic messages, including social media posts), if you contact us.
- Your response to surveys that we might ask you to complete for research purposes.
- Details of transactions you carry out through our Website and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Website.
- There may be features that are developed in the future that may result in the collection of additional new information.
You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “User Content”). Your user content is posted on and transmitted to others at your own risk. Although we limit access to certain pages and you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impermeable. Additionally, we cannot control the actions of other users of the website with him you may choose to share your User Content.
As you navigate through and interact with our website we may automatically collect certain information about your equipment, browsing actions and patterns, including details of your visit to our website, and information about your computer and internet connection including your IP address, operating system and browser type. The information we collect in this way is anonymous. It is aggregated into statistical data to help us improve our website and to deliver a better and more personalized service by enabling us to estimate our audience size, browser statistics, popularity of content, usage patterns, and to speed up your searches and recognize you when you return to our website.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. For assistance on how to do this, please consult your technical support personnel or the “help” section in your browser(s).
Purpose(s) of Collecting Information
Your information may be collected for the following purposes:
- To provide services and products to serve you as an IAFE member. These products or services may include: membership applications, promotions materials (i.e. coloring books, activity displays, Read & Win ribbons, etc), meeting registrations (including registration payment, scholarship data, dietary requirements, and room reservations), CyberSeminar registrations, IFM enrollment, CFE/CVFM designation application data, Igniter discussion board submissions or Trade Show booth reservations.
- To communicate with IAFE committee members via conference call apps;
- To provide IAFE members with ongoing member assistance;
- To provide marketing opportunities for IAFE partners through email and postal mail campaigns;
- To be able to contact IAFE members with general or personalized service-related notices and promotional messages;
- To create aggregated statistical data and other aggregated and/or inferred Non-Personal information;
- To publish an annual print directory of IAFE members as well as a publication of fair dates and location on www.findthatfair.com web site.
- To comply with any applicable laws and regulations.
Please note: if you choose to not allow your data to be shared or refuse certain types of communications, we may not be able to provide certain applicable services to that communication.
We may disclose aggregated information about our users, and information that cannot be used to identify any individual, without restriction.
We may disclose personal information that we collect or you provide as described in this Policy:
- To contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To third parties to market their products or services to you if you have consented to these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To fulfill the purposes for which you provided it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your personal information;
- To comply with any court order, law or legal process, including to respond to any government or regulatory request.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the IASC or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Information that may be shared with third-parties include: name, company name, address, email, and fair demographic information. The IAFE will not share: any login account data (i.e. username/password/etc), payment information, IP address, date of birth, or any information you have explicitly stated is not to be shared.
Data Storage and Retention
IAFE’s member website is stored by Abila’s Netforum Pro’s servers and our Convention web site is stored on Wix servers. All direct payment gateways are stored via Authorize.net gateway and we comply with all PCI-DSS standards, as managed by the PCI Security Standards Council. These standards help ensure the secure handling of credit card information by IAFE and its third-party service providers.
Your name, address, and email information will not be retained following your withdrawal from IAFE membership.
The security of your data is important to us. We strive to maintain all security features accessible to us and have communicated with any third-party vendors to ensure their standards meet data security protocols. However, please know that no method of transferring data is 100% secure. We cannot guarantee security of information you supply to us as it is transmitted to us. Please assist us in keeping your data safe by only providing information that you wish to be public. Please do not transmit any written credit card information or sensitive data via email to our offices.
Your information may be transferred to and maintained on computers located outside of your state, province, country or governmental jurisdiction where data protection laws may differ from your jurisdiction. If your jurisdiction is located outside of the United States, please note that IAFE and its third-party servers are located within the United States and all data is processed and may be stored on these servers. Your consent to this policy is implied by your submission of such data to the IAFE.
The IAFE may, from time to time, communicate with you regarding your account in order to assist with IAFE member services, troubleshoot your login information, collect any monies owed, gather aggregate data for member surveys, send updates about IAFE and fair industry information or other member information. We may also need to communicate with you to ensure compliance with applicable laws as well as any member agreements. For these purposes, we may contact you through email, telephone or postal mail.
We will not communicate with you on any items you have explicitly requested to be opted-out of in previous communications.
Cookies are small pieces of data that are stored on browser to keep track of a visitor’s actions on a web site. On some IAFE sites, this data is stored and analyzed to allow us to better serve our members through analysis of which site pages are working well or which ones need to be redesigned.
Cookies may be used to assist the IAFE with marketing more information on pages of interest as well as track responses to email campaigns.
Accessing and Correcting Your Information
If you are a registered user of this Website, you can review and change your personal information by logging into our Website and visiting your account profile page.
You may also send us an email at [email protected] or by sending a letter to: IAFE, 3034 E Cairo St. Springfield, MO 65802 requesting access to, correction of or deletion of personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Children Under the Age of 16
Our website is not intended for children under 16 years of age. No one under age 16 may provide any personal information to or on our Website. We do not knowingly collect personal information from children under 16 years of age. If you are under 16, do not use or provide any information on our Website or on or through any of our features/register on our Website, make any purchases through our Website, use any of the interactive or public comment features of our Website or provide any information about yourself to us, including your name, address, telephone number, email address or any screen name or username you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent we will delete that information. If you believe you have any information from or about a child under 16 please contact us at [email protected].
California Privacy Rights
California state law permits users of our Website that are California residents to request certain information regarding our disclosure of personal information (if any) to third parties for their direct marketing purposes. To make such a request please send an email to [email protected].
If you do not wish to allow IAFE to process your data or change your mind after opting out initially, you can withdraw your consent at any time by contacting us at [email protected] or sending a letter detailing the information to: IAFE, 3043 E Cairo St, Springfield, MO 65802.
The IAFE reserves the right to modify this policy at any time. Changes will take place immediately upon posting on the IAFE site. IAFE members will be notified of the changes on the site with a date marking the upload of changes and/or with emails to members. Your continued use of IAFE services indicates your acknowledgment and acceptance of policy updates in the future.
If you would like to access or correct, amend or delete any personal information the IAFE has stored about you, please contact us at [email protected] or via mail at IAFE, 3043 E. Cairo St, Springfield, MO 65802.
EU Privacy Notice
If you are a resident of the European Union (EU) or European Economic Area (EEA) whose personal information we collect, the following additional information applies to you.
- 1.1 – Where you are an EU or EEA resident and IAFE knowingly collects your personal information (also called ‘personal data’), we will do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) (‘GDPR’) and EU member state national laws that implement or regulate the collection, processing and privacy of your personal data (together, ‘EU Data Protection Law’).
- 1.3 – This Privacy Notice also provides information on your legal rights under EU Data Protection Law and how you can exercise them.
2. How personal data is collected
- 2.1 – Because of the global nature of our organization IAFE may hold and process personal data that is collected from members, and affiliated organizations around the world, including within the EU/EEA.
- 2.2 – This also means that if you are a member or individual contact of this network resident in the EU/EEA, your personal data may be transferred from the EU/EEA to IAFE headquarters in the United States.
- 2.3 – US data privacy laws are currently not considered to meet the same legal standards of protection for personal data as set out under EU Data Protection Law. However, in order to safeguard personal data received from the EU/EEA, we only allow such a transfer of personal data to the US or other third countries under an approved contract or another appropriate mechanism which is legally authorized under EU Data Protection Law.
- 2.4 – This is to make sure that the personal data that IAFE receives and processes (so far as it relates to residents of the EU/EEA) is properly safeguarded in accordance with similar legal standards of privacy you would eniov under EU Data Protection Law.
3. Direct Marketing
- 3.1 – If IAFE provides direct marketing communications to individuals in the EU/EEA regarding services and/or events which may be of interest, this will be done in accordance with EU Data Protection Law, and in particular where we contact individuals for direct marketing purposes by SMS, email, fax, social media and/or any other electronic communication channels, this will only be with the individual’s consent or in relation to similar services to services that the individual has purchased (or made direct enquiries about purchasing) from IAFE before.
- 3.2 – Individuals are also free to object or withdraw consent to receive direct marketing from us at any time, by contacting us using the email address below.
4. The lawful grounds on which we collect and process personal data
- 4.1 – We process your personal data for the above purposes, relying on one or more of the following lawful grounds under EU Data Protection Law:
- (a) where you have freely provided your specific, informed and unambiguous consent for IAFE to process your personal data for particular purposes:
- (b) where we agree to provide services to you, in order to set up and perform our contractual obligations to you and/or enforce our rights:
- (c) where we need to process and use your personal data in connection with our legitimate interests as a global network and being able to effectively manage and operate our organization in a consistent manner across all territories. We will always seek to pursue these legitimate interests in a way that does not unduly infringe on your legal rights and freedoms and, in particular, your right to privacy: and/or
- (d) where we need to comply with a legal obligation or for the purpose of us being able to establish, exercise or defend legal claims.
- 4.2 – Please also note that some of the personal data we receive and that we process may include what is known as ‘sensitive’ or ‘special category’ personal data about you, for example, information regarding your ethnic origin or political, philosophical and religious beliefs. This is not the type of data that IAFE would routinely collect, but if we process such sensitive or special category data we will only do this in specific situations where:
- (a) you have provided this with your explicit consent for us to use it: or,
- (b) there is a legal obligation on us to process such data in accordance with EU Data Protection Law
- (c) it is needed to protect your vital interests (or those of someone else) such as in a medical emergency: or,
- (d) where you have clearly chosen to publicize such information: or,
- (e) where needed in connection with a legal claim that we have or may be subject to.
5. Disclosing your personal data to third parties
- 5.1 – We may disclose your personal data to certain third party organizations who are processing data solely in accordance with our instructions (called ‘data processors’) such as companies and/or organizations that support our business and operations (for example providers of web or database hosting, IT support, payment providers, event organizers, agencies we use to conduct fraud checks or mail management service providers) as well as professionals we use such as lawyers, insurers, auditors or accountants. We only use those data processors who can guarantee to us that adequate safeguards are put in place by them to protect the personal data they process on our behalf.
- 5.2 – We may also disclose your personal data to third parties who make their own determination as to how they process your personal data and for what purpose(s) (called “data controllers”). The external third party data controllers identified above may handle your personal data in accordance with their own chosen procedures and you should check the relevant privacy policies of these companies or organizations to understand how they may use your personal data.
- 5.3 – Other than as described above, we will treat your personal data as private and will not routinely disclose it to third parties without you knowing about it. The exceptions are in relation to legal proceedings or where we are legally required to do so and cannot tell you (such as a criminal investigation). We always aim to ensure that your personal data is only used by third parties we deal with for lawful purposes and who observe the principles of EU Data Protection Law.
6. How long we retain your personal data for
- 6.1 – IAFE retains personal data identifying you for as long as necessary in the circumstances – for instance, as long you are a member or have a relationship with our network: for a reasonable period to send you marketing where we have regular contact with you, or as may be needed to enforce or defend contract claims or as is required by applicable law.
- 6.2 – IAFE has adopted a data retention policy for EU residents (which we may make available on request) that sets out the different periods we may retain personal data for in respect of relevant purposes in accordance with our duties under EU Data Protection Law. The criteria we use for determining the relevant retention and disposal periods we adopt are based on the purpose for which we hold data and the reasonable expectations of those whose personal data we collect in these circumstances, taking into account various legislative requirements and guidance issued by relevant EU regulatory authorities.
- 6.3 – In accordance with the above retention policy, the personal data that we no longer need will be disposed of and/or anonymized so you can no longer be identified from it.
7. Your personal data rights
- 7.1 – In accordance with your legal rights under EU Data Protection Law, you have a ‘subject access request’ right under which can request information about the personal data that we hold about you, what we use that personal data for and who it may be disclosed to as well as certain other information.
- 7.2 – Usually we will have one month to respond to a subject access request. However, we reserve the right to verify your identity and we may, in case of complex requests, require a further two months to respond. We may also charge for administrative time in dealing with any manifestly unreasonable or excessive requests. We may also require further information to locate the specific information you seek and certain legal exemptions under EU Data Protection Law may apply when responding to your subject access request.
- 7.3 – Under EU Data Protection Law. EU/EEA residents also have the following rights. which are exercisable by making a request to us in writing:
- (a) that we correct personal data that we hold about you which is inaccurate or incomplete:
- (b) that we erase your personal data without undue delay if we no longer need to hold or process it:
- (c) to object to any automated processing (if applicable) that we carry out in relation to your personal data. for example if we conduct any automated credit scoring:
- (d) to object to our use of your personal data for direct marketing:
- (e) to object and/or to restrict the use of your personal data for purpose other than those set out above unless we have a compelling legitimate reason: or
- (f) that we transfer personal data to another party where the personal data has been collected with your consent or is being used to perform contract with you and is being processed by automated means.
- 7.4 – So we can fully comply, please note that these requests may also be forwarded on to third party data processors who are involved in the processing of your personal data on our behalf.
- 7.5 – If you would like to exercise any of the rights set out above, please contact us at the address below.
- 7.6 – If you make a request and are not satisfied with our response, or believe that we are illegally processing your personal data, you have the right to complain to the Office of the Information Commissioner in the United Kingdom.