Privacy Statement

Updated: July 1, 2023

Your privacy is important to us so we have developed this Privacy Statement that outlines our privacy practice on how we process, collect, use and share your Personal Information as well as your privacy rights under certain privacy laws.

This Privacy Statement applies to RSA Conference (“RSAC” “we,” “us,” or “our”) and applies only to RSAC's websites and mobile applications (our "Websites") and does not apply to RSAC's Business Partners (as defined below); or to any other third parties, even if links to their websites are on our Websites. We recommend that you review the privacy statements of the other parties with whom you interact.

What this Privacy Statement Covers

This privacy statement applies to Personal Information, which we define as any information relating to an identified or identifiable person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

This privacy statement applies to all Personal Information we collect when you access or use our websites, products, services, or otherwise interact with us or our representatives. This statement does not apply to data that is not Personal Information, including anonymous, deidentified, or aggregated data.

Contents

Categories and Sources of Personal Information We Collect
How We Use and Share Your Information
Your Marketing Choices
Our use of Cookies and Other Technologies
How Long We Keep Personal Information
Your Privacy Rights
Submitting a Request
Other Disclosures and Considerations for California Residents
How We Protect Your Information
This Website is Not Intended for Children
Links to Third-Party Websites and Services
Processing in the United States
Contact Us
Changes to this Privacy Statement

Categories and Sources of Personal Information We Collect
Sources of Information We Collect

The type of information we collect about you depends on your use of our products, services and the ways that you interact with us. This may include information about:

  • How you use or visit our websites, mobile applications; accounts;

  • Registering for, attending or participating in a RSAC event, program or webinar.

  • Requesting services;

  • Contacting, billing and other information you provide;

  • Advertise and market to you, which includes sending promotional communications, targeting advertising, and presenting you with relevant offers.

We also obtain information from third party sources. We protect information obtained from third parties according to the privacy practices as described in this Privacy Statement. These third party sources vary over time and may include:

  • Data brokers from which we purchase demographic data to supplement the information we have collected about you.

  • Communication services, including email providers and social networks, when you give permission to access your information on such third party services or networks.

  • Partners with which we offer co-branded products or services, or engage in joint marketing activities.

  • Publicly available sources, such as open government databases.

Categories of Information We Collect

The Personal Information we collect can include the following:

  • Identifiers and contact details such as your name, email address, mailing address, contact telephone numbers.

  • Professional Employment information such as your job title and other business or company information.

  • Credentials such as your passwords, password hints, and similar security information used for authentication and MyAccount access.

  • Demographic information such as your age, gender, country, interests, and preferences;

  • Web form information you provide in our web forms (forms that you choose to complete will indicate whether the information requested is mandatory or voluntary);

  • Financial Payment information to process payments, such as your payment instrument number (such as a credit card number) and the security code associated with your payment instrument.

  • Account history information related to the products or services you purchase, and the activities associated with your account.

  • Internet or Electronic Usage Data such as IP address, device identifier, location data, browser type and language, access times, the Uniform Resource Locator (URL), other unique identifiers and other technical data that may uniquely identify your device, system or browser.

  • Audio, electronic or visual information such as video and audio recordings of certain conference sessions.

  • Browse history information about the websites the websites you visit.

  • Error reports and performance information of the products and any problems you experience, including error reports.

  • Troubleshooting and help information when you contact RSAC for technical support or customer support services, phone conversations or chat sessions with our representatives may be monitored and recorded.

  • Content consumption information about media content (e.g. T.V., apps and games) you access through our products.

  • Feedback and ratings information you provide to us such as customer survey feedback and product reviews you write.

  • Sensitive Personal Information you provide to us such as an identification card to verify your identify upon entrance to the conference and account log-in (e.g., username and password to online account with us).

How We Use and Share Your Information
Purposes for Collecting Personal Information

We use your information to:

  • We use identifiers, contact details, financial payment information and account history information and feedback and ratings information to deliver and maintain our products and services;

  • We use error reports and performance information to help you with customer service and technical support issues or questions;

  • We use demographic information to help us improve and personalize our services;

  • We use identifiers and internet or electronic usage data to better predict content and marketing offers that may interest you, which includes sending promotional communications, targeting advertising, and presenting you with relevant offers;

  • We use credentials and sensitive Personal Information to authenticate you;

  • We use internet or electronic usage data and error reports and performance information to manage and protect our networks and services;

  • We use financial payment information and account history to deliver the programs, events, services, information, materials, content, products and support or carry out the transactions you have requested;

  • We use contact details to send communications to you, such as your transaction status (including but not limited to, registration confirmations, and program attendance), information about programs available from RSAC and its Business Partners, event announcements, important notices including those announcing changes to our terms or policies, promotional offers and surveys. Business Partner means Service Providers such as contractors, suppliers, debit or credit card processors, as well as sponsors and exhibitors with whom we have a business relationship to provide you with our offers, products, services, process your payment, better predict and deliver content and marketing offers that may interest you;

  • We use identifiers, contact details and browse history information to facilitate the use of our Website and communications;

  • We use identifiers and internet or electronic usage data to advertise and market RSAC events and related content of our Business Partners by, for example, delivering targeted ads on this and other web sites, analyzing the effectiveness of ads, and determining whether you would be interested in receiving offers about new programs, content or services;

  • We use identifiers, contact details, demographic information, web form information, internet or electronic use data, content consumption information and feedback and ratings to administer, customize, personalize, analyze and improve our content and events (including the content and advertisements on our Website), technologies, communications and relationship with you;

  • We use contact details, web form information, account history information, internet or electronic usage data and browse history to enforce our conditions of sale, our Website terms and/or separate contracts (if applicable) with you;

  • We use identifiers, contact details, credentials, account history information, internet or electronic usage data to prevent fraud, to prevent other prohibited or illegal activities and to protect the security or integrity of our Website, our business, or our events and content or services

How We Share Information With Others

If RSAC is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.

We may share Personal Information with Business Partners to carry out transactions you request, to make our business or that of our Business Partners more responsive to your needs, including so that our Business Partners may provide you with information about those Business Partners’ products and services, or for research or analysis, where such Business Partner has a legal basis to do so. We may also share Personal Information with Corporate Affiliates and Business Partners, to support RSAC’s internal business purposes, and in furtherance of the internal business operations (not for marketing purposes) of RSAC. We may also disclose Personal Information in connection with legal orders from law enforcement or other government bodies; as required by law or regulation; to protect the rights of RSAC, its customers, the public, or others; to combat fraud or criminal activity; or with your consent. We may also disclose Personal Information to your employer if your employer sends RSAC a request to verify your registration for the conference.

In addition, we may share Personal Information to carry out transactions you request with Business Partners that helps RSAC customize, analyze and/or improve our communication or relationship with you. This may include requests relating to RSAC events or content. We will only share Personal Information with Business Partners who share RSAC’s commitment to protecting your Personal Information. Except as described above, we will not disclose Personal Information to third parties for their own marketing purposes unless you have provided consent.

Your Marketing Choices

You have choices about how we reach you with marketing offers and about other uses of your information. To update your preferences, you can:

  • Click “unsubscribe” in any email marketing communications we send you.
  • Go to your MyAccount or visit our Preference Management Center to select your marketing communication choices.

Please be aware that it may take up to 10 business days for your email preferences to take effect.

Our Use of Cookies and Other Technologies

We want you to be aware that certain online tools exist to help us serve and recognize you when you visit our website. We receive and store certain types of information when you visit our website. When you access the website, we (including companies we work with) may place small data files on your computer or other device. These data files may be web beacons, cookies, clear gifs, pixel tags, e-tags, flash cookies, log files, or other local storage provided by your browser or associated applications. These tracking technologies, which are often referred to collectively as cookies, allow us to understand how users navigate to and around our website, view different pages, access content and request Services. We may use them, for example, to keep track of your preferences and profile information and collect general usage and volume statistical information. If you want to remove or block cookies, you may be able to update your browser settings. You can also find instructions on how to manage cookies on different types of web browsers at www.allaboutcookies.org. Please click here to change your preferences regarding cookies.

RSAC and our partners may use information about your visit to this and other websites. The information could include pages you visit, the items you view, or your responses to our ads and emails. This information allows us to make the RSAC ads you see more relevant to you. This is referred to as interest-based advertising. For this purpose, RSAC has selected partners who are members of self-regulatory associations such as, the Internet Advertising Bureau (IAB), the Network Advertising Initiative (NAI) or the Digital Advertising Alliance (DAA).

To enable you to opt-out of interest-based advertising delivered by partners working with RSAC, or to customize your experience on RSAC websites, please visit our Manage Cookie Consent preference center. If you opt-out, you may still see RSAC ads on RSAC websites and other websites, but those ads will not be customized to you by RSAC or our partners.

Please note that if you clear your cookies, or if you use a different browser or device, you may need to reset your opt-out selections.

You may learn more about interest-based advertising by visiting these links:

Digital Advertising Alliance (DAA) – https://www.aboutads.info/choices/

Digital Advertising Alliance Canada (DAAC) – https://youradchoices.ca/choices

Do Not Track Signals

Some browsers have a “do not track” feature. It lets you tell websites you visit that you do not want them to track your online activity. These features are not yet uniform across browsers. Our sites are thus not currently set up to respond to these signals. For more information on Do Not Track signals, please visit https://allaboutdnt.com/.

How Long We Keep Personal Information

We will retain and use your information for as long as we need it to provide you services or products, or as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. If you wish to request that we no longer use your information to provide you services or products, please contact us at privacy@rsaconference.com.

Your Privacy Rights

You may have the following consumer privacy rights under applicable state laws:

  • Right to Know: You may have the right to request information about the Personal Information we have collected about you and for what purpose.

  • Right to Access: You may have the right to request information about how we process your Personal Information and to obtain a copy of that Personal Information.

  • Right to Portability: You may have the right to receive your Personal Information, in a structured, commonly used and machine-readable format and to have that information transmitted to another organization in certain circumstances.

  • Right to Deletion: You may have the right to request the deletion of your Personal Information that we have collected from you.

  • Right to Opt-out of Sale or Sharing: You may have the right to opt-out of the sale or sharing of your Personal Information.

  • Right to Limit the Use of Your Sensitive Personal Information: You may have the right to direct us to limit the use or disclosure of your sensitive Personal Information to only the purposes specified in the CCPA.

  • Right to Accuracy: You may have the right to correct inaccurate Personal Information that we hold about you.

  • Right to Opt-out of Automated Decision Making: You may have the right to opt out of automated decision-making, including profiling, that we use to evaluate certain qualifications as part of the recruitment process.

  • Right to be Free From Discrimination: RSAC will not discriminate against you for exercising your consumer privacy rights.

Submitting a Request

If you have any questions about the type of Personal Information we hold about you or if you wish to request deletion of Personal Information we may hold about you, or exercise any other consumer privacy right as set out above, contact us by:

  1. Contact RSAC via e-mail at privacy@rsaconference.com or call toll free 1-844-201-6576, International: 1-781-222-0051.

  2. Send postal mail to the following address:

    RSA Conference LLC
    Attention: Law Department – Privacy
    166 Geary Street, Suite 1500
    San Francisco, CA 94108
    USA 

For all requests, you must provide us with your name, email address. In order to verify your identify, we may also request information that you previously provided to us such as a registration code or an emergency contact name. Failure to provide the foregoing information may prevent us from processing your request. For an online request to delete, we will also send you a second verification to confirm that you want your information to be deleted.

In order to designate an authorized agent to act on your behalf, you must send a signed, written authorization to us at privacy@rsaconference.com.

Please be aware that your request does not guarantee complete access or comprehensive removal as the law may not permit or require removal in certain circumstances.

Other Disclosures and Considerations for California Residents

Shine The Light. If you are a California resident, this section applies to you. The California Shine the Light law (Cal. Civ. Code § 1798.83) permits residents of California to request certain details about how their information is shared with third parties for the third-parties’ direct marketing purposes. If you are a California resident and would like to make such a request, please contact us at privacy@rsaconference.com, and include “CA Shine the Light” in the subject line of your email.

California Consumer Privacy Act. 

This section applies to our privacy practices as required under the California Consumer Privacy Act, including as amended by the California Privacy Rights Act (together, the “CCPA“).

Categories and sources of Personal Information we collect
In the preceding 12 months, we have collected the following categories of Personal Information: contact information, identifiers, financial information, personal characteristics or traits, commercial information, biometric information, internet or electronic usage data, professional or employment information and sensitive personal information. For details about precise data points we collect and the categories of sources of such collection, please see the section above titled Categories of Personal Information We Collect.

Sale of Personal Information
To opt-out of the “sale” (as that term is defined in the CCPA) of Personal Information, click here. We do not knowingly sell the personal information of minors under the age of 16.

Sharing of Personal Information
To opt-out of the “share” (as that term is defined in the CCPA) of Personal Information, please email us at privacy@rsaconference.com. We do not knowingly share the Personal Information of minors under the age of 16.

Use or Disclosure of Sensitive Personal Information
In the preceding 12 months, we have not used or disclosed sensitive Personal Information for purposes to which the right to limit use and disclosure applies under the CCPA.

Purposes for which we use Personal Information: We collect Personal Information for the business and commercial purposes described in the section above titled Purposes for Collecting Personal Information.

Disclosure for a business purpose: In the preceding 12 months, we have disclosed the following categories of Personal Information for business purposes to the following categories of third party recipients:

Category of Personal Information  Categories of Recipients 
 Contact Information
  • Service providers
  • Exhibitor
  • Sponsor
  • Operating Systems and Platforms
 Identifiers
  • Service providers
  • Exhibitor
  • Sponsor
  • Operating Systems and Platforms
 Financial Information
  • Service providers
  • Operating Systems and Platforms
 Personal Characteristics or Traits
  • Service providers
  • Operating Systems and Platforms
 Commercial Information
  • Service providers
  • Operating Systems and Platforms
 Biometric Information
  • Service providers
  • Operating Systems and Platforms
 Audio, electronic or visual information
  • Service providers
  • Sponsor
  • Operating Systems and Platforms
 Internet or Electronic Usage Data
  • Service providers
  • Operating Systems and Platforms
 Professional or Employment Information
  • Service providers
  • Operating Systems and Platforms
 Sensitive Information
  • Service providers
  • Operating Systems and Platforms

For a more expansive description of the categories of recipients and business purposes for which we share Personal Information, please see the How We Share Information With Others section above.

How We Protect Your Information

We use appropriate technical, organizational and physical data security safeguards to help protect against unauthorized access to, use or disclosure of information we collect, use or store. The ways we do this include:

  • Using encryption when collecting or transferring sensitive information, such as credit card details.
  • Design our data security safeguards to ensure the ongoing security, integrity, availability and resilience of processing systems and services.
  • Limiting physical access to our premises.
  • Limiting access to the information we collect about you.
  • Ensuring that our Business Partners have appropriate technical and organizational security measures to keep your Personal Information protected.
  • As required by law, destroying or de-identifying Personal Information.

We encourage you to keep any passwords you use confidential and to be careful to avoid “phishing” scams where someone may send you an email that appears to be from RSAC asking for your Personal Information. RSAC will not request your ID or password through email.

This Website is Not Intended for Children

We understand the importance of taking extra precautions to protect the privacy and safety of children using our products, services and our websites. Children under the age of 13 or equivalent minimum age in the relevant jurisdiction, must not share their Personal Information unless their parent or guardian provided verifiable consent. If at any time a parent or guardian needs to access or delete data associated with their child’s or guardian’s account, they may contact us through one of the options provided in this Privacy Statement.

Links to Third-Party Websites and Services

We may sometimes provide links to other websites, which if you click on them may collect Personal Information about you and direct you to those websites. The information practices of those third-party websites linked to our website are covered by the third party’s own privacy statements and we encourage you to read those.

Processing in the United States

We are based in the United States. If you are using the website from outside the United States, please be aware that information we obtain about you will be processed in the United States or in other jurisdictions. By using the website or our services, you acknowledge your Personal Information may be transferred to and processed in jurisdictions outside your own, including the United States, as described in this Privacy Policy. Please be aware that the data protection laws and regulations that apply to your Personal Information transferred to the United States or other countries may be different from the laws in your country of residence. The United States may not afford the same level of protection as laws in your own country. Information we transfer from the European Economic Area, the United Kingdom or Switzerland to the United States will be subject to appropriate safeguards under applicable law. Those safeguards may include standard data protection clauses approved by the European Commission/ICO and available on their website.

Contact Us

If you would like to exercise Your Privacy Rights as described in this Privacy Statement, have a privacy question, concern or complaint, please contact us at privacy@rsaconference.com or write to us at:

RSA Conference LLC
Attention: Law Department – Privacy
166 Geary Street, Suite 1500
San Francisco, CA 94108
USA

Changes To This Privacy Statement

We may make changes to this Privacy Statement when necessary to provide greater transparency or in response to:

  • Feedback from our customers, regulators, industry or other stakeholders.
  • Changes in our privacy practices, products or services.
  • Changes in applicable privacy laws.

If there are material changes to the Privacy Statement, we will revise the “last updated” date at the top of this statement. We encourage you to periodically review this Privacy Statement to learn how RSAC is protecting your information.