Cvent Global Privacy Policy

Summary of Recent Changes:

What's New:

  • Update to "How does Cvent process personal data from our Customers”
  • Update to include references to recent acquisitions and their respective Privacy Policies
  • Update to the California Supplementary Notice regarding Cvent’s data sharing practices

Last modified February 15, 2024

Introduction

Cvent, Inc., and its wholly-operating entities Cvent Europe Ltd., Cvent Deutschland GmbH, Cvent Canada Inc., Cvent Australia PTY Limited, Cvent Singapore PTE Limited, Cvent India Private Limited, Cvent Nederland BV, Social Tables, Inc., Shoflo, LLC, StarCite Hong Kong Limited, and Cvent FZ-LLC ("Cvent" or "We", "us"), respect your privacy and we are committed to protecting your privacy through our compliance with this policy

This policy describes our practices in connection with information that we collect as a service provider on behalf of our Customers through our software applications (collectively our “Applications”, for more information see “What are Cvent’s products covered by this policy?”) as well as Cvent’s privacy practices in relation to the collection and use of personal data collected from a Cvent websites that links to this policy (“Website”), when you attend our marketing and learning events, and digital marketing activities.

This policy also describes your data protection rights, including a right to object to some of Cvent’s processing. The Policy does not apply to information collected by any third party, including through any third-party application or content (including advertising) that links to or is accessible from our Applications or Websites

Table of Contents

Are you a Customer, Customer Data Subject or Visitor?

What types of personal data do our Customers collect?

How do our Customers collect personal data?

How do our Customers use personal data?

Does Cvent use or sell personal data collected by our Customers?

How does Cvent collect and process personal data from our Customers and their Customer Data Subjects?

What is the legal basis for Cvent to process personal data?

How long does Cvent store personal data collected by our Customers?

How can a Customer Data Subject access, correct or delete their personal data?

How can a Customer access, correct, or delete their personal data?

How does Cvent process data from Visitors?

Does Cvent process information of children under the age of 16?

How does Cvent use cookies and similar technologies?

Where does Cvent transfer the personal data it processes?

Certifications

How does Cvent secure the data it processes?

What are Cvent's products covered by this policy?

How can a Customer or Visitor manage their Cvent email preferences?

How do you contact Cvent or Cvent's Data Protection Officer?

How does Cvent publicize changes to its Privacy Policy?

California Supplementary Notice

Virginia Supplementary Notice

Are you a Customer, Customer Data Subject or Visitor?

This policy applies to the following classification of individuals that interact with Cvent:

  • CUSTOMERS: Customers are individuals that are employees or associates of Cvent’s direct customers (for example, event planners, travel buyers and meeting space providers), including customer personnel that are assigned a login ID and are authorized to access and use our Applications pursuant to an active Cvent agreement, or under a temporary evaluation license, if available. Additionally, Customers include individuals who self-register to access our Applications.
  • CUSTOMER DATA SUBJECT: Customer Data Subjects are individuals that interact with our Customers through our Applications. These include our Customers’ current and prospective clients, members, attendees, sponsors, exhibitors, marketing partners, hotel guests or other business contacts. For example, Customer Data Subjects include individuals that register for an event organized by a Customer, download an event-related mobile app, participate in a virtual event organized by a Customer, complete an online survey, or make a hotel or meeting space reservation using one of Cvent's Applications.
  • VISITORS: Individuals and prospective customers who interact with our Websites (for instance, to access our Supplier Network without registration (as a non-Customer), to read about Cvent products and services, download a white paper, or sign up for an online demo); those who attend Cvent marketing events (for instance, Cvent CONNECT®, Cvent live events and webinars); those who we meet at a tradeshow; or those who we learn about from third parties or other external sources.

Cvent’s direct customers are organizations and businesses that use our Applications to process personal data about their Customer Data Subjects.  Cvent processes personal data about Customer Data Subjects in our Applications as a “data processor” or “service provider” only according to our Customers’ instructions.  If you are a Customer Data Subject and have questions about how a Cvent Customer uses your data or want to exercise your rights regarding your personal data, you should direct your request or inquiry to the Cvent Customer that controls your data.  For example, if you have attended an event hosted by a Cvent Customer, you should direct your data rights requests to the host of your event.

What types of personal data do our Customers collect?

Our Applications are flexible and allow our Customers to collect a variety of personal data from and about their Customer Data Subjects, including name, organization, title, postal address, e-mail address, telephone number, fax number, social media account ID, credit or debit card number and other information including but not limited to meal preferences, interests, opinions, activities, and occupation. We encourage Customer Data Subjects to review the Customers’ privacy policies to further understand the types of data collected.

For a more detailed list of our Applications, please refer to the section titled “What are Cvent's products covered by this policy?”. Cvent’s use of personal information collected through our Applications shall be limited to the purpose of providing the service for which our Customers have engaged Cvent, to improve our services, or as required or permitted by law.

If you do not agree with our policies and practices, you may choose not to use our Applications.

How do our Customers collect personal data?

Customers can use our customizable Applications to collect personal data in a variety of ways as outlined in the examples below.

  • When Customer Data Subjects voluntarily and explicitly enter personal data into our Applications.
  • When our Customers enter Customer Data Subjects into our Applications, when permitted, including by having a legitimate business interest or obtaining consent from a Customer Data Subject.
  • Automatically, as Customer Data Subjects interact with our Applications, using commonly used information gathering technologies such as cookies. For additional information about these technologies, see the section below titled  “How does Cvent use cookies and similar technologies?

How do our Customers use personal data?

If a Customer Data Subject chooses to use our Applications to conduct business with a Customer (for example: to register for or check into an event, respond to an online survey, download a mobile application, make a room reservation, or send or respond to a Request for Proposal (“RFP”)), any information provided in connection with that interaction will be transferred to, and under the control of, the Customer.

Customers will also have access to information (including personal data and Application usage data) related to how Customer Data Subject interact with the Applications they use. In such instances, the Customers are the data controllers of the Customer Data Subject’s personal data, under the European Economic Area (“EEA”) data protection laws.  Therefore, Cvent cannot and does not take responsibility for the privacy practices of Customers.

The information practices of our Customers are governed by their privacy policies. We encourage Customer Data Subjects to review the Customers’ privacy policies to understand their practices and procedures.

Does Cvent use or sell personal data collected by our Customers?

As a service provider, Cvent does not use personal data of our Customer Data Subjects for any purposes other than to provide services that our Customers have contracted us to provide through our Applications, as noted below, to improve our services, or as required or permitted by law. Cvent does not sell personal data of our Customer Data Subjects for monetary or other consideration.  Furthermore, Cvent does not share Customer Data Subject personal data with any third parties for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.

How does Cvent collect and process personal data from our Customers and their Customer Data Subjects?

We collect personal data from our Customers in order to facilitate communication and delivery of the Applications that our Customers are interested in or contract us to provide. For example, we may collect Customer contact information, whether through the execution of a contract, use of our services, a form on our Website, queries submitted to our chat agent, an interaction with our sales or customer support team, sign up for an event, or a response to one of our surveys or marketing emails. We may also collect credit card information (e.g., credit card number and expiration date, billing address, etc.) or other customary bank information needed for billing and payment purposes.

We may record and store Customer and Visitor support chats, messages, phone calls, video calls, teleconferences and web conferences (including audio and video content) for legitimate business interests related to providing Customer support, compliance with laws, training and coaching, process improvement, and quality assurance.  We may analyze the content of our support communications using data analytics tools to gain better insights into our interactions with customers.  We will always notify you before a call will be recorded and will obtain consent from you where required by law.

We and our vendors collect Customer usage information about how our Customers interact with our Applications. This includes which webpages you visit, what you click on, when you perform certain actions, what language preference you have, what you buy, and so on.

We process Customer’s and their Customer Data Subjects’ personal data in the following manner:

  • To disclose to our subsidiaries and affiliates for the purpose of providing services to our Customers and their Customer Data Subjects.
  • To disclose to contractors, service providers, and other third parties as reasonably necessary or prudent to provide, maintain and support our Applications for our Customers and their Customer Data Subjects, such as, for example, payment processors and data center or Web hosting providers.
  • To deliver the services that our Customer has contracted us to provide through our Applications. Some examples include:
    • If a Customer Data Subject uses one of our Applications to register for an event, we will use their provided e-mail address to send them information and announcements relating to that event.
    • If a Customer Data Subject uses one of our Applications to pay for event registration fees or other products and services using their credit cards, we will pass the credit card information to payment card processors to validate the payment information and complete the transactions.
    • When a Customer submits an RFP to a meeting space provider listed on the Cvent Supplier Network, or to a Customer's Business Contact as directed by the Customer, Cvent will contact that venue, management company or Customer Data Subject and disclose information, which contains personal data, necessary for it to respond to the RFP.
    • When a Customer reserves a meeting space or hotel room at a venue utilizing Cvent’s InstantBook service, Cvent will share necessary personal data with the venue directly or via that venue’s technology platform, in order to complete the booking directly with Customer.
    • When a Customer or Customer Data Subject uses their social media credentials to share information on their social media platform or to log into one of our Applications, we will share information with their social media account provider. The information we share will be governed by the social media site’s privacy policy. 
    • To disclose to event organizers, exhibitors, or other attendees, as directed by a Customer or consented to by a Customer Data Subject, such as by consenting to having an exhibitor scan their event badge to share their contact information, opting-in or clicking to give consent to receive exhibitor information, or actively consenting to share information in a Cvent Application (e.g., name, contact information, profile picture, survey responses, Q&A features, comments, messages, poll responses, etc.).
    • As instructed by Customer, to connect Customer Data Subjects with one another by relying on matching algorithms to recommend compatible Customer Data Subjects for optional business networking.
  • To deliver to a third party in the event of a merger, divestiture, restructuring, recapitalization, reorganization, dissolution or other sale or transfer of some or all Cvent’s assets, whether as a continuing operating business or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by Cvent about our Customers and Customer Data Subjects is among the assets transferred.
  • For our internal business purposes that include administering access and use of our Applications, data analysis, securely identifying Customers upon logging onto an Application, enhancing or modifying our Applications, determining the effectiveness of our promotional campaigns, billing for Services, and operating our business.
  • As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to respond to requests from public and government authorities including public and government authorities outside your country of residence; and (c) to protect against or identify fraudulent transactions.
  • For other purposes when Customer Data Subjects provide consent.

We aggregate information about (i) Customers and Customer Data Subjects, and (ii) the use of our Applications in order to improve our Applications and to create benchmark and other business intelligence products. None of the aggregated information contain personal data (i.e., does not identify any individual).

Where permitted, we may use Customer personal information collected from and about the Customer to deliver tailored advertising and marketing to the Customer: (i) on our Applications, (ii) on third-party sites and mobile apps not affiliated with Cvent, and (iii) through direct marketing (for example: e-mail, mail, SMS, phone), for ourselves and for Cvent Customers.  Customers may change their communications preferences with Cvent via the subscription management form provided under: “How Can a Customer or Visitor Manage their Cvent Email preferences?”  If a Customer wishes to have their information excluded from this type of use, click here to submit the request to opt-out of the sale or sharing of their personal information and see section titled “How to Manage and Control Cookies and Similar Technologies”.

What is the legal basis for Cvent to process personal data?

For individuals that are from the European Economic Area (EEA) or other regions that stipulate a lawful basis for processing personal information (such as under GDPR Article 6), our legal basis for collecting and using their personal information will depend on the nature and circumstances of the processing activity. Where we are the processor for our Customers, our legal basis may be fulfilment of a contract or consent. Where we are the controller, our legal basis will be consent or legitimate interest where the processing is in our legitimate interests and not overridden by the individual’s data protection interests, or fundamental rights and freedoms. These interests are to provide individuals with access to the Applications and features of the Applications; to send them information they have requested; to ensure the security of our Applications by trying to prevent unauthorised or malicious activities; or to enforce compliance with our terms of use, contracts and other policies. 

How long does Cvent store personal data collected by our Customers?

Unless otherwise provided in our contract with our Customer, we process the data until 90 days after the termination of the contract, at which time we remove it from our production environment. Within 13 months, we remove the data from our backup media.

How can a Customer Data Subject access, correct or delete their personal data?

Depending on their jurisdiction, Customer Data Subjects have the right to request access to their personal data and, if necessary, have it amended, deleted or restricted. Customer Data Subjects can also ask for some types of personal data to be delivered to them, or another organization they nominate, in a structured and machine-readable format. 

Where we process your personal data on the basis of your consent, you have the right to withdraw your consent. See the Cvent contact section below. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Customer Data Subjects in the EEA also have the right to complain to a supervisory authority for data protection in the country where they live, or where they work – although we hope that we can assist with any queries or concerns you have about our use of your personal data.

Cvent processes Customer Data Subjects' data under the direction of our Customers and has no direct control or ownership of the personal data we process. Customers are responsible for complying with any regulations or laws requiring notice, disclosure or obtaining consent prior to transferring the data to Cvent for processing purposes. Any Customer Data Subject that seeks to access, correct or delete data, should direct their query to the Customer. If the Customer requests Cvent to delete, rectify or access the personal data of a Customer Data Subject to comply with data protection regulations, Cvent will process this request within the required time under the applicable regulation or law.

We will not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In such instances, we will inform the Customer about the legal obligations that prevent us from fulfilling the request. 

How can a Customer access, correct, or delete their personal data?

Customers have the same rights to access, correct or delete their personal data as outlined above.

Any Customer can access, correct or delete their data, or their Customer Data Subject data by submitting a request on our Website at https://www.cvent.com/personal-data-requests. Cvent will process this request within the required time under the applicable regulation or law.

We will not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In such instances, we will inform the Customer about the legal obligations that prevent us from fulfilling the request.

We will maintain an audit history of any requests to access, correct or delete personal information to maintain a record of compliance with regulatory requirements.

How does Cvent process data from Visitors?

Cvent processes Visitor data separately and distinctly from the way we process Customer and Customer Data Subject data. 

Visitor Personal Data Collected

Cvent collects personal data including name, title, postal address, e-mail address, telephone number, social media account ID, company information (including financial and billing information when purchasing Cvent services). We may collect this Visitor information directly from the Visitor through a form on our Website, queries submitted to our chat agent, an interaction with our sales or customer support team, when signing up for an event, contest entries, promotional enquiries, or a through a response to one of our surveys or marketing emails. We use this information to provide you with additional details about our services, conduct research, provide whitepapers or to contact you after your visit.  When visiting our Websites, attending Cvent marketing events or providing us with their personal information, Visitors consent to the collection, processing and storage of their personal information as described in this section.

We also collect Visitor personal data from third party sources, such as third parties from whom we have purchased business contact information, public databases, joint marketing partners, and social media platforms.  In some cases, Cvent may combine personal data you have provided to us with personal data collected from other sources.  We use this data to improve our Websites and advertising, and to identify prospective marketing opportunities. 

If you elect to do so, when you provide a reference, we collect personal information about your contacts, such as:

  • Name
  • Work email
  • Organization
  • Phone number
  • City of residence
  • ZIP code

When you provide us with personal information about your contacts we will only use this information for the specific reason for which it is provided.

If you believe that someone else has provided us with your personal information and you would like to request us to remove it from our database, please submit a request at https://www.cvent.com/personal-data-requests. Additionally, we and our analytics service providers collect personal data from cookies and similar technologies to collect information about the pages Visitors view, links Visitors click on, Visitors’ web browser information, Visitors’ IP address and other actions Visitors may take when accessing our Websites. For additional information about our use of these technologies and how to control them, see section titled, “How does Cvent use cookies and similar technologies”.

Cvent’s Use of Visitor Personal Data Collected

Cvent processes Visitor personal data to:

  • Analyze how our Websites are accessed;
  • Personalize your browsing experience and present products or features that may be more applicable to you;
  • Identify website technical problems;
  • Discover, investigate and remediate fraudulent or illegal activity;
  • Transmit notices related to product, service, or policy changes;
  • Respond to your product and service inquiries;
  • Send you information such as product announcements, newsletters, whitepapers, other relevant offers, and upcoming promotions or events (where required, dependent on jurisdiction, we will seek and obtain your consent before sending marketing emails);
  • Plan and host Cvent corporate events, host online forums and social networks in which Visitors may participate;
  • Analyze and identify new prospects;
  • Create tailored advertising, sales and promotional programs; and
  • Bill customers for our services and assess the financial capability of prospective customers to afford Cvent’s solutions.

If you wish to remove yourself from marketing communications from Cvent, please click here: https://www.cvent.com/subscriptionmanagement.

Storing of Visitor Personal Data

Where we process Visitor personal data for marketing purposes or with Visitor consent, we process the data until the Visitor asks us to stop. It typically takes up to 30 days to implement your request, but in no event longer than required by applicable law. Cvent will not retain Visitor personal data longer than the statutory retention period permitted in the local jurisdictions where Cvent services are marketed and provided. Where Cvent retains Visitor personal data, we also keep a record of when Visitors have asked us not to send direct marketing or to process Visitor data indefinitely so that we can respect the Visitor’s request in the future.

Sharing of Visitor Data

Cvent may share information with third party service providers contracted to provide services on our behalf as well as third parties who resell Cvent services.

Cvent may also engage with business partners to jointly offer products, services or other programs such as webinars or whitepapers and from time to time, we may share personal data if you purchase or show interest in any jointly-offered products or services.

Cvent will only share personal data of Visitors or Customers who attend a Cvent marketing event with third parties if a) the Visitor consents, b) the Visitor permits their badge to be scanned, or c) it is permissible under applicable law.

Access, correct or delete Visitor data

Visitors have the same rights to access, correct or delete their personal data as do our Customers, as outlined in section “How can a Customer access, correct or delete your personal data?

Any Visitor that seeks to access, correct or delete data, can do so by submitting a request on our Website at https://www.cvent.com/personal-data-requests. Cvent will process this request within 30 days.

We will not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In such instances, we will inform the Visitor about the legal obligations that prevent us from fulfilling the request. 

We will maintain an audit history of any requests to access, correct or delete personal information to maintain a record of compliance with regulatory requirements.

 

Does Cvent process information of children under the age of 16?

None of our Applications are directed to children under 16 years of age. We do not directly solicit or knowingly collect personal data from children under 16. If we learn that we have inadvertently collected personal information from children under the age of 16, we will delete as soon as practicable.

This Privacy Policy does not apply to the practices of our Customers with which your child may interact. You should review the applicable terms and policies for Customers to determine their appropriateness for your child, including their data collection and use practices.

 

How does Cvent use cookies and similar technologies?

Cookies and Web Beacons

We and authorized third parties use cookies or similar automatic data collection technologies as individuals interact with our Website or our Applications to collect certain information about their equipment, browsing actions and patterns, including details of your visits to our Applications, such as the date and time you access our Applications, length of time you spend on our Applications, websites that linked to our Applications or websites linked from our Applications, the resources and content that you access and use on the Applications; information about your computer and internet connection, such as your IP Address, computer type, screen resolution, language, Internet browser type and version. We do not use any of these technologies to collect information from Customer Data Subjects for marketing or advertising purposes.  Our Customers may add cookies or other similar technologies through our Applications for their own purposes, including for marketing purposes.

Browser Cookies. A cookie is a small file placed on a computer hard drive.  Web browsers can be configured to restrict or entirely block cookies, to configure cookie notification settings and/or to delete cookies already present on the browser or device.  Information on how to do this is provided by the web browser’s help/reference section. Limiting or restricting certain types of cookies may prevent a Customer or Customer Data Subject from using certain portions of our Applications, depending on how the browser settings are configured.  For example, event registration cannot be completed successfully if cookies are disabled in the web browser. Unless the browser setting has been adjusted so that it will refuse cookies, our system will issue cookies when the browser interacts with our Applications.  

Purpose.  Our Website and Applications use cookies that serve the following purpose types:

  • Strictly necessary (essential). Strictly necessary cookies make our Website work, they are essential for the Website to perform its basic functions. 
  • Performance.  Also known as “statistics cookies”, and including analytics cookies, performance cookies collect information about how you use a website, like which pages you visited and which links you clicked on. None of this information can be used to identify you. Their sole purpose is to improve website functions. This includes cookies from third-party analytics services as long as the cookies are for the exclusive use of the owner of the website visited.
  • Functionality.  Also known as “preferences” cookies, these cookies allow a website to remember choices you have made in the past, like what language you prefer.  They are used to enhance the user experience of the website but are non-essential to their use, but without these cookies, certain functionality may become unavailable. 
  • Marketing.  These cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad. These cookies can share that information with other organizations or advertisers. These are persistent cookies and almost always of third-party provenance. 

Web Beacons.  Pages in our Applications and emails will contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs).  Web beacons differ from cookies in that the information is not stored on your hard drive, but invisibly embedded on web pages or in email.  Web beacons permit us to track online movements of web users, for example: to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).  This enables Cvent to provide a website experience more tailored to our users’ preferences and interests. 

More about Marketing Cookies.  We use information collected from our venue sourcing Customers to enable us to display advertisements from our Hospitality Cloud Customers to their target audience of users through our network or our advertising service providers.  As one example, meeting space providers purchase advertisements that are presented selectively through the Cvent Supplier Network to meeting planners who have previously awarded a minimum volume of meetings business to that provider or to competing venues in the target metropolitan area.  Even though we do not disclose personal data for these purposes, if the venue sourcing user clicks on or otherwise interacts with an advertisement, the advertising Hospitality Cloud Customer assumes that the venue sourcing user meets its target criteria. While we and our Hospitality Cloud Customers leverage this technology to advertise to Customers, we never use our Customer's information to advertise to Customer Data Subjects.  We also use third parties (such as LinkedIn, Google, Facebook, YouTube) to serve advertisements that may be of interest to you on other websites.  

More about Performance Cookies.  We use third party analytics providers, including Google, Adobe, Mixpanel, Mouseflow and others, to collect information about the usage of our Applications and Websites to enable us to improve how they work.  The information allows us to see the overall patterns of usage on the Applications, helps us record any difficulties you have with the Applications, shows us whether our advertising is effective or not, and allows us to use responses to advertisements to optimize ad performance.  Google Analytics, Adobe and Mixpanel use cookies and other similar technologies to collect information about the usage of our Applications and to report website trends to us, without storing any personal data on external third-party analytics provider platforms. 

How to Manage and Control Cookies and Similar Technologies

Cookie Controls: If you are visiting our Website from the EEA, UK or Switzerland, then we do not set non-essential cookies unless you accept all cookies on the “cookie banner” that launches when you land on our Website. 

You can choose not to allow some types of cookies using the “Cookie Settings” link below.  Strictly necessary cookies cannot be disabled.

 

Do Not Track: Some browsers include a “Do Not Track” (DNT) setting that can send a signal to the websites you visit indicating you do not wish to be tracked.  We do not respond to browser ‘do not track’ signals, as we await for a uniform standard put forth by regulators or the privacy industry. 

Global Privacy Control: Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data sales. If your browser supports it, you can turn on the Global Privacy Control to opt-out of the “sale” or “sharing” of your personal information.

Where does Cvent transfer the personal data it processes?

To facilitate our business practices and delivery of our services, personal data may be collected, accessed from, transferred to or stored in the United States or in other countries where we operate, including countries outside the European Economic Area (EEA), Switzerland, and UK. Personal data may be accessed by Cvent personnel providing services in any country where we have facilities, or in which we engage third party service providers (processors or subprocessors), including India, Australia and Singapore. 

 

Certifications

Data Privacy Framework

Cvent, Inc. (and its U.S.-based Affiliates: Cvent OnArrival, Inc., Cvent Atlanta, LLC, SignUp4, LLC, DoubleDutch, Inc., CrowdCompass, LLC, Elite Meetings International, LLC, Social Tables, Inc., Shoflo, LLC, Passkey International, Inc., Lanyon Solutions, Inc., and StarCite, Inc.) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Cvent, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  Cvent, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Cvent is committed to subjecting all personal data received from European Union (EU) member countries, the United Kingdom, and Switzerland, in reliance on the Data Privacy Framework’s applicable Principles. 

Cvent is responsible for the processing of personal data it receives, under the Data Privacy Framework, and subsequently transfers to third parties acting as an agent on its behalf.  Cvent complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EU, UK and Switzerland, including the Accountability for Onward Transfer principles.

With respect to personal data received or transferred pursuant to the Data Privacy Framework, Cvent is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.  In certain situations, Cvent may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Data Privacy Framework website https://www.dataprivacyframework.gov/s/article/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization-s-Compliance-with-the-DPF-Principles-dpf, you will be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. 

APEC CBPR and PRP Systems

Cvent's privacy practices, described in this Privacy Policy, also comply with the APEC Cross Border Privacy Rules System. The APEC CBPR system provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies. More information about the APEC framework can be found here.

Cvent's privacy practices, described in this Privacy Policy, comply with the APEC Privacy Recognition for Processors (PRP) system.  The APEC PRP system provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies.  More information about the APEC PRP framework can be found here

How does Cvent secure the data it processes?

We use a variety of organizational, technical and administrative measures to protect personal data within our organization.  We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.  If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the " How do you contact Cvent or Cvent's Data Protection Officer?" section below.

What are Cvent's Products Covered by this Policy?

Event Cloud

Cvent Meetings & Events

  • Cvent Event Management
  • Cvent Surveys
  • Cvent Conference
  • Social Tables
  • Attendee Hub
  • Cvent Studio
  • Cvent Webinar

Cvent Onsite Solutions

  • OnArrival
  • OnArrival 360
  • SocialWall
  • LeadCapture

Hospitality Cloud

  • Cvent Supplier Network
  • SpeedRFP.com
  • EliteMeetings.com
  • Cvent Business Intelligence
  • Cvent Lead Scoring
  • Cvent Passkey
  • Cvent Business Transient
  • Social Tables

Cvent Products Not Covered by this Policy 

For more information about the privacy practices of the following recent Cvent acquisitions, see their Privacy Policies set forth below:

How Can a Customer or Visitor Manage their Cvent Email Preferences?

If you wish to update your email preferences to tailor the topics you are most interested in receiving, or to unsubscribe from communications from Cvent, you may do so here:  https://www.cvent.com/subscriptionmanagement.

How do you contact Cvent or Cvent's Data Protection Officer?

For details about the DPO’s role or any privacy questions related to Cvent’s Privacy Policy, please contact the (EU based) DPO at dpo@cvent.com.  You should also feel free to contact Cvent regarding details of our implementation of our privacy program at:

Cvent Representative
1765 Greensboro Station Place, 7th Floor
Tysons Corner, Virginia 22102
privacy@cvent.com

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

How does Cvent publicize changes to its Privacy Policy?

We will update this Privacy Policy from time to time to reflect changes to our information practices. If we make any material changes we will notify you by means of a notice on this Website prior to the changes becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

 

California Supplementary Notice

If you are a California resident, California law provides you with specific rights regarding your personal information, including the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months.  In addition to the rights already provided in this Global Privacy Policy, this supplementary notice provides information about what personal information we (as a business) collect about you, how we use it, how we may disclose or share it, and your specific rights under the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2020 (“CPRA”), which was effective as of January 1, 2023

Categories of Personal Information Collected in the past 12 months

  • Identifiers such as a real name, postal address, Internet Protocol address, email address, or other similar identifiers. 
  • Categories of personal information described in subdivision (e) of California Civil Code Section 1798.80 (e.g., name, address, telephone number).
  • Characteristics of protected classifications under California or federal law.
  • Commercial information, including records of products or services purchased or considered.
  • Internet or other electronic network activity information.
  • Geolocation data.
  • Audio and visual information, such as customer service call recordings and photographs.
  • Professional or employment-related information.
  • Education information.
  • Contents of SMS/text messages and chats.
  • Inferences drawn from any of the information identified above. 

Categories of Sensitive Personal Information Collected in the past 12 months

As a business, Cvent has not collected Sensitive Personal Information of Customers or Visitors in the preceding 12 months to the effective date of this Privacy Policy.

Sources from Which Personal Information Is Collected

See “Are you a Customer, Customer Data Subject, or Visitor?” and “How Does Cvent Process Data from Visitors?”.

Business Purpose for Collecting this Personal Information

Personal Information is collected and used for carrying out Cvent’s operational purposes, or for our service providers’ operational purposes (“business and commercial purposes”), specific examples of which are provided in the sections titled: “Cvent’s Use of Visitor Personal Data Collected”and “How does Cvent collect and process personal data from our Customers and their Customer Data Subjects?”

Has Cvent “sold” or “shared” this information to third parties?

Cvent does not sell personal information as the term “sale” is defined by the CCPA.  Cvent does share personal information of its customers (as the term “share” is defined by the CCPA and its implementing regulations) as follows:

Categories of Personal Information SharedCategories of Third-Party RecipientsPurpose for Disclosure
Platform Activity, Usage Data, IdentifiersSocial Media Platform Advertisers, Advertising Networks and Platforms, Advertising Related Technology ProvidersCross-Context Behavioral Advertising (as defined by the CCPA and its implementing regulations)

If a Customer or Visitor wishes to have their information excluded from this type of disclosure, click here to submit the request. 

 

Your Privacy Rights and how to Exercise Them

As a California consumer you have rights regarding the Personal Information we collect about you and maintain as a business, subject to certain limitations: 

  • Right to Request to Know what Personal Information we collect, use, disclose, share and sell about you.
  • Right to Request Deletion of your Personal Information.
  • Right to Opt-Out of the Sale or Sharing of Personal Information.
  • Right to Limit the Use and Disclosure of Sensitive Information. We do not use or disclose your Sensitive Personal Information.  If we ever do for reasons other than the legitimate business purpose described in the CCPA, we will update this Privacy policy to provide you with notice and details on how to limit our use of your Sensitive Personal Information.   
  • Right to Request Correction of your Personal Information if it is inaccurate.
  • Right to Non-Discrimination if you exercise any of your rights under California privacy law. 

To make such a request, click here to submit a webform, call 1-833-724-0821, or send a letter to:

Cvent Representative
1765 Greensboro Station Place, 7th Floor
Tysons Corner, Virginia 22102

You may also opt out of the sale or sharing of personal information by turning on the Global Privacy Control (“GPC”) browser signal.  To control types of cookies set, click the cookie control icon under Browser and Platform Controls.

Furthermore, you may designate an authorized agent to make a request under the CCPA on your behalf, provided, we require the agent to provide proof that you gave the agent signed permission to submit the request (in which case we may still require you verify your identity) or a copy of your power-of-attorney document granting the agent the right to act on your behalf.

Virginia Supplementary Notice

All practices described in “How can a Customer access, correct, or delete their personal data?” also applies to Virginia Visitors.  In addition to the rights already provided in this Global Privacy Policy, effective January 1, 2023, residents of Virginia have the choice to opt out of targeted advertising. In order to exercise your choice as a Virginia resident, please click here, or click on “Your Privacy Choices” link on the bottom of the Cvent webpage where your information is being collected and complete the request form to request “Do not share”.