Attendee Privacy Protocols
All attendee data in our secure event database are collected under explicit double-opt-in consent, with clear disclosure of data usage purposes. Personally identifiable information (PII) is encrypted and isolated and is never included in client deliverables unless contractually specified and respondent-consented.
We comply with the California Consumer Privacy Act (CCPA), the CAN-SPAM Act, and follow ESOMAR Code of Conduct and ICC/ESOMAR International Code standards for event production data ethics.
Client Data Confidentiality
All client data, production briefs, competitive intelligence deliverables, and proprietary findings are treated as confidential under our standard Master Service Agreement. Data is stored in encrypted form at rest and in transit. Client data is never shared with third parties, used for any purpose other than the contracted engagement, or retained beyond the agreed data retention period.
Security Infrastructure
Our event production systems use TLS 1.3 transport encryption, AES-256 at-rest encryption, multi-factor authentication on all staff accounts, and role-based access control restricting respondent PII to authorized personnel only. Regular penetration testing and vulnerability assessments are conducted by a third-party security firm.
Contact
For security disclosures or data privacy inquiries, contact us at events@pellmarkevents.com.