Privacy Notice
ABOUT THIS NOTICE
This Privacy Notice ("Policy") provides you with information about how the Association of Equipment Manufacturers (hereafter "we", "us" or "our") collect, use, and disclose your data, and how to contact us in the event of a correction or complaint.
We collect, use and disclose certain personally identifiable information (“Personal Data”) that we receive in the USA from countries all over the world. The first part of this Policy sets out what we do with Personal Data in any jurisdiction, and the second part of this Policy sets out our specific obligations and your rights depending upon where you live, so please review the relevant section of the second part below according to your location.
PART 1 – APPLICABLE TO ALL DATA SUBJECTS ANYWHERE IN THE WORLD
1. AEM – THE DATA CONTROLLER
We are the controller and responsible for your Personal Data.
If you have any questions about this Policy, would like to exercise your rights with respect to your personal information, believe we communicated with you in error, or have a complaint about how we handled your personal information, please contact:
Association of Equipment Manufacturers
Attn: Membership Department
6737 West Washington Street, Suite 2400
Milwaukee, WI 53214-5647 USA
By e-mail: datasecurity@aem.org
2. INTRODUCTION
Our websites (“Sites”) include: www.aem.org, shop.aem.org, newsroom.aem.org, www.agg1.org, www.conexpoconagg.com, www.worldofasphalt.com, www.theutilityexpo.com, www.imakeamerica.com and hub.imakeamerica.com.
Our “Services” include products, services, events, mobile apps, print and electronic information and communications to advance equipment manufacturers in the global marketplace. Our “Events” include in-person and virtual trade shows, meetings, conferences, seminars, committee meetings, board meetings, webinars, etc.
This Policy only applies to our Sites and Services. If you land on other websites (or move to other websites from our Sites) you should read their separate privacy policies. Similarly, this Policy does not apply should you choose to share your personal information with an exhibitor of any Event or other participants of an Event either in-person or online.
3. CHANGES TO THIS POLICY
We update this policy from time to time to reflect changes to our information practices. Please review this policy periodically for changes. If we make material changes, we will notify you by means of a notice on this website or in advance by email where required by law.
4. PERSONAL DATA COLLECTION AND USE
4.1 We may collect, use, store and transfer different kinds of personal data about you which include the following:
- Identity information includes first name, maiden name, last name, marital status, title, date of birth, gender, business and trade demographic information including title and job function, social media account username or similar identifier.
- Contact details includes billing address, delivery address, email address and telephone numbers.
- Financial information includes bank account and payment card details.
- Transaction data includes details about payments to and from you and other details of goods or services you have purchased from us or our events that you have attended.
- Technical IT Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Profile information includes our username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications includes your preferences in receiving marketing from us and our third parties and your communication preferences, lead retrieval, geographic location, images and videos of you at Events, and dwell time at Events.
Purpose/Activity | Type of Data | Lawful basis for processing including basis of legitimate interest |
To respond to your enquiry which you have raised by filling in forms on our website or other social media platforms like LinkedIn, Twitter, Facebook or telephone |
| Responding to your enquiry |
To register you as a new customer or member or to send you text message if you opt into our Messaging Services |
| Performance of a contract with you |
To process and deliver our Services to you or to facilitate your experience while attending Events including: (a) Providing Services to you
(b) Hosting Event or facilitating Events held with or by the others for our members, non-members, exhibitors or employees (c) Manage payments, fees and charges (d) Collect and recover money owed to us
|
|
|
To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey (c) Asking you to participate in our case studies |
|
|
To enable you to partake in a prize draw, competition or complete a survey |
|
|
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
|
|
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising and other content we deliver to you |
| Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
To use data analytics to improve our current and future Site, products/Services, marketing, case studies, customer relationships and experiences |
| Necessary for our legitimate interests (to define types of customers for our product solutions and services, to keep our website updated and relevant, to develop our business and to inform our marketing and business development strategy) |
4.2 Ordinarily, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
4.3 We do not require you to provide any Special Categories of Personal Data (also known as Sensitive Data in some countries) about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Special Categories of Personal Data (also known as Sensitive Data in some countries)
about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
4.4 Automated technologies or interactions. As you interact with our Site, we use analytics tools on our Sites to provide products and Services you request, identify service issues to us, improve our Services, provide content tailored to your personal preferences, track the effectiveness of digital advertising, and to monitor traffic and usage of our Sites.
These tools may be provided by third-party service providers and may include the collection and tracking of certain data and information regarding the characteristics and activities of visitors to our Sites. One of these providers is Google Analytics and more information about the ways in which they collect and process your personal data can be found here: https://policies.google.com/technologies/partner-sites.
Our Sites also use cookies (which includes third party cookies to support analytics functionality) and other similar technologies, such as web beacons. Please see our cookie policy for further details.
5. SHARING PERSONAL DATA
5.1 We may disclose or share your personal information with: third party service providers agents or service providers who perform functions on our behalf; member companies; industry members and associations and Event participants/sponsors/exhibitors/attendees, including:
- Organizations and joint ventures that produce and sponsor Events (www.aem.org/events) for the purposes of administering the Sites, providing Services, and promoting, producing, sponsoring, conducting and administering Events;
- Associations that co-own Events that we produce, for the purpose of promoting, producing, sponsoring, conducting and administering the Event;
- Associations that produce co-located Events, for the purpose of promoting, producing, sponsoring, conducting and administering the Event;
- Joint venture partners that co-own and produce Events on our behalf, for the purpose of promoting, producing, sponsoring, conducting and administering the Event;
- Our official Event vendors and service providers which support our production of these Services, including general contractors, AV providers, housing, transportation services, floral companies, electrical contractors, registration and lead retrieval providers, mobile app providers, and official publisher, for the purpose of providing services to you at the Event;
- Law enforcement bodies, in order to comply with any legal obligation or court order and, where we are otherwise requested to provide information, we may provide it but only in accordance with applicable privacy and data protection laws;
- Other such similar organizations selected by us in order to provide the Services to you;
- Third party service providers who process information to support our internal business operations including statistics data processors, email distribution, human resources, accounting, IT services, accounting, customer services, marketing, communications, PR, and advertising;
- Previous, current or future Event participants may receive a list of Event attendees including your name, company name, and email address.
- Member and Exhibitor company lists may be published on our Sites and may include contact information for the company’s designated contact.
- Previous, current, or future Event exhibitors to mail you information through our authorized third party mailing vendor.
6. SECURITY
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach.
Where you have used our website for the purposes of contacting us, you are reminded that sending information over the internet is inherently insecure and we cannot guarantee the security of all data sent. It is your responsibility to ensure that you have all reasonable and appropriate security measures in place on your own equipment and that you keep your login details for our website confidential.
7. DISCLOSURES FOR NATIONAL SECURITY OR LAW ENFORCEMENT
Under certain circumstances, we may be required to disclose your Personal Data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
8. HOW LONG DO WE KEEP YOUR INFORMATION?
We keep records for as long as required to provide the relevant Services. If you have opted-in to receive communications from us, you will remain on our list until you notify us that you have withdrawn that consent. We also keep records for our own legitimate interests, in accordance with legal requirements (4-10 years) and tax and accounting requirements (7 years to permanent). Rosters, meeting minutes, and other official association business documents are kept as a permanent record.
Where required by law, personal data in the following documents will removed after the following time periods:
- Event registration list and other records of attendance: 3 years
- Event Exhibitor Space Application & Contract: 10 years after completion of performance
- Membership applications: 5 years after termination of membership
PART 2 – PLEASE REVIEW ACCORDING TO WHERE YOU LIVE
EUROPEAN UNION AND THE UNITED KINGDOM
This section sets out our obligations and your rights (in addition to those set out in Part 1) in relation to your Personal Data if you live in the European Union or the United Kingdom.
Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data:
The right to access - You may have the right to request us for copies of your personal data. We may charge you a fee for this service.
The right to rectification - You may have the right to request that we correct any information you believe is inaccurate. You may also have the right to request us to complete information you believe is incomplete.
The right to erasure - You may have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing - You may have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing - You may have the right to object to our processing of your personal data, under certain conditions.
The right to data portability - You may have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to make a complaint at any time to your local supervising authority. In the United Kingdom, that means the Information Commissioner's Office (ICO), who may be contacted at https://ico.org.uk/make-a-complaint/ or telephone: +44 303 123 1113. If requested we may assist you in locating local supervisory authorities for other countries.
We would, however, appreciate the chance to deal with your concerns before you approach your local supervising authority, so please contact us in the first instance. If you would like to exercise any of those rights, please:
- email or write to us;
- let us have enough information to identify you;
- let us have proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill); and
- let us know the information to which your request relates, including any account or reference numbers, if you have them.
Our contact details are at the top of this Policy.
Sharing your Personal Data
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. Unless you have explicitly consented to us passing your personal data to third parties for them to contact you for their own purposes, we do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Where we transfer Personal Data to unaffiliated third-party data controllers, these third parties do not act as agents or service providers and are not performing functions on our behalf. We may transfer your Personal Data to third-party data controllers for the purposes described above in this Policy. We will only provide your Personal Data to third-party data controllers where you have consented (via an opt-in). If we transfer your Personal Data to one of our affiliated entities, we will take steps to ensure that your Personal Data is protected with the same level of protection that We provide.
International Transfers
Where highlighted in the table above, we will be transferring your Personal Data outside the EEA and the UK. Whenever we transfer your Personal Data to service providers who are not based in the EEA or in the UK, we ensure a similar degree of protection is afforded to your Personal Data by ensuring at least one of the following safeguards is implemented: either the country to which it is transferred will have received an adequacy ruling in relation to protection for personal data; or we use specific contracts which are approved for use in the EEA and the UK with those service providers which give personal data the same protection it has in the EEA and the UK.
CANADA
This section sets out our obligations and your rights (in addition to those set out in Part 1) in relation to your Personal Data if you live in Canada.
International Transfers
Our service providers may be located in the US or elsewhere in the world. Different privacy laws may apply in different countries, and you understand and unambiguously consent to the transfer of personal information to these countries, group companies and service providers. We only make these arrangements or transfers where we are satisfied that adequate levels of protection are in place to protect any information held in that country or that the service provider acts at all times in compliance with applicable privacy laws.
Where required under applicable laws we will take measures to ensure that personal information handled in other countries will receive at least the same level of protection as is given in your home country. If you are in the EEA, we and our service providers are located in the US and whenever we transfer your personal data out of the EEA, we ensure that the transfer complies with that legislation and that all personal information will be secure.
Anti-Spam Legislation
We are committed in complying with Canada's Anti-Spam Legislation ("CASL"). CASL applies to any electronic communications sent by us to certain outside parties and is protected by a range of business procedures, processes and policies. CASL regulates all commercial electronic messages sent within, to, or from Canada (“CEM”), which are messages that include (inter alia) the encouragement of participation in a commercial activity.
In addition to this anti-spam communication, to show transparency of how your data will be handled, we have undertaken the following initiatives:
- We have implemented CASL compliant consent forms.
Your consent is necessary in order for us to use your personal information to send a CEM. This consent typically must be “express”, but in certain circumstances can be “implied”. We have modified certain forms in order to ensure that your express consent is obtained. In addition, you can determine and manage your communication preferences by going to the Subscription Center from any CEM received from us, including having your email address removed from our mailing lists at any time. You may still receive electronic messages to the extent that they are exempt under CASL or implied consent has been given as set out below.
We may infer implied consent if:
- We have an existing business relationship with you or had a business relationship with you which terminated less than two years ago;
- We received an inquiry from you within the last 6 months;
- You disclosed your contact details to one of our employees (for example you provided us with your business card or connected with us via social media).
- We have modified our email footers.
- Under CASL, all CEM must include certain prescribed content. For example, we must clearly identify ourselves as the party sending the CEM and provide a method whereby you can readily contact us.
- We have incorporated "unsubscribe" mechanisms (explained below).
- Some messages are specifically exempt from consent requirements. The following messages are exempt:
- You have a personal relationship with one of our employees with whom you have previously had a direct, voluntary, two-way communication;
- You have a family relationship with one of our employees who contacted you;
- The CEM is sent to one of our affiliated companies;
- The CEM was sent in response to your request or inquiry; or
- The CEM was sent in order to enforce a legal right or obligation (for example, if you have an outstanding debt, or breached a contract that you have with us).