Privacy Policy

Effective Date: 01/05/2026
Last Updated: 01/05/2026

Sky Expo Consulting (“Sky Expo Consulting,” “we,” “us,” or “our”) is committed to protecting the privacy of individuals who interact with us, including attendees at our events, users of our websites, and clients of our services. This Privacy Policy outlines how we collect, use, store, and share your personal data in connection our website located at https://skyexpoconsulting.com, and services.

This Privacy Policy is incorporated by reference into our Terms and Conditions. By using our Website, registering for our Event, or otherwise providing us with your personal information, you agree to this Privacy Policy. If you do not agree with our practices, please do not use our Website or services.

1. Information We Collect

1.1 Categories of Personal Information
We may collect personal data from you in the following ways:

- Information You Provide Directly, when you register for events, subscribe to newsletters, complete forms, or contact us.
- Information Collected Automatically, when you visit our website or open emails, including IP address, browser type, operating system, device identifiers, referring URLs, access times, pages viewed and device information.
- Information From Third Parties, such as sponsors, partners, or service providers, social media platforms, data brokers, or publicly available sources.

1.2 Specific Types of personal data we may include:

Contact Information:

- Name
- Job title
- Email address
- Phone number
- Postal address
- Company name and Industry

Financial Information:

- Billing/payment details (Processed through legally compliant third parties)
  (we do not store complete credit card numbers)

Event related Information:

- Registration details and preferences
- Dietary restrictions and accessibility needs
- Photos and videos taken during events
- Session attendance and engagement data
- Networking preferences and connections made

Technical Information:

- IP addresses and geolocation data
- Browser type and version
- Device information and unique identifiers
- Cookie data and similar tracking technologies
- Log files and usage data

Professional Information:

- Investment focus areas
- Assets under management category (if applicable)
- Professional background and experience
- Areas of interest for event content

Sensitive Personal Information:

We do NOT intentionally collect sensitive personal information such as:

- Social Security numbers or government-issued identification numbers
- Biometric data (see Section 11 for BIPA compliance)
- Health or medical information (except dietary restrictions for event purposes)
- Genetic data
- Precise geolocation data
- Union membership or political affiliations

1.3 Registration Consent: By registering for our Event, you provide consent for the collection, use, and sharing of your personal data for specific purposes. You may choose to consent separately for each purpose as described below:

- Event Participation and Administration: Required for registration, check-in, badge printing, session tracking, and providing event updates or logistical information.
- Marketing Communications: We may send you emails, newsletters, or other promotional materials about our events and services. You may opt-in or opt-out of these communications at any time.
- Sharing with Sponsors, Partners, and Networking Opportunities: We may share your information with event sponsors, partners, or other attendees to facilitate networking and event-related activities. You may choose which categories of information are shared.
- Media, Photography, and Video: Photos, audio, and video may be taken during the Event for promotional, marketing, or editorial purposes. You may opt-out in advance by notifying us prior to or during the Event.
- Cookies and Tracking Technologies: We may use cookies or other tracking technologies to analyze event engagement and improve your experience. You can manage or withdraw consent for non-essential cookies via our Cookie Policy or preference center.

1.4 Withdrawal of Consent: You may withdraw any or all of your consents at any time by contacting us at privacy@skyexpoconsulting.com. Withdrawal of consent will not affect the lawfulness of processing based on consent prior to its withdrawal.

1.5 Acknowledgement: By registering, you acknowledge that you have read and understood the purposes for which your data may be processed and shared, and that you can control your consent preferences for each purpose.

2. How We Use Your Information

We use your personal data for the following purposes:

- Event Registration: Process your registration and participation in our events. Manage check-ins and badge printing. Facilitate the networking opportunities. Provide event updates and logistical information.
- Communication: Communicate with you about our events, services, and updates. Send transactional emails regarding your registration. Send marketing communications about future events and respond to your inquiries and requests.
- Service Provision: Provide customer support and respond to inquiries. Analyze event attendance and engagement, and develop new services and offerings. Improve and personalize your experience.
- Legal and Business Purposes: Comply with legal obligations and regulatory requirements. Protect our rights, property, and safety. Also, to prevent fraud and enhance security. Enforce our terms and other agreements. Fulfill any other purpose disclosed to you at the time of collection.

3. Legal Basis for Processing

We rely on the following legal bases to process your personal data:

- Consent: Your consent is explicit consent for marketing communications, photo/video usage, and data sharing with sponsors.
- Contract Performance: To fulfill our contractual obligations when you register for events or purchase services.
- Legal Obligation: Compliance with applicable laws, regulations, legal processes, or governmental requests.
- Legitimate Interests: Our legitimate business interests, including:
  - - Operating and improving our events and services
    - Ensuring network and information security
    - Direct marketing to business professionals (where permitted)
    - Fraud prevention and risk management

- Vital Interests: In rare cases, to protect the vital interests of you or others.

4. Sharing Your Information

4.1 We may share your information with:

- Service Providers: Third-party service providers, vendors who help us operate our business (e.g., under written agreements requiring data protection, including: email, Email marketing platforms, CRM systems, Analytics and reporting tools, Payment processors, Event management platforms, Cloud storage providers
- Event Partners and Networking: As described in your registration consent, we may share your information with sponsors, partners, and other attendees for networking and event purposes.
- Legal Requirements: Law enforcement, regulatory authorities, or other third parties as required by law or legal process.
- Business Transfers: In connection with any merger, acquisition, reorganization, sale of assets, or bankruptcy.
- Professional Networking: Other attendees (only information you choose to share through networking features).

4.2 We do NOT:

- Sell your personal data.
- Share your personal data for behavioral advertising purposes.
- Share your data beyond what you have consented to during registration.

5. International Data Transfers

If your data is transferred outside your country of residence, we ensure it is protected by appropriate safeguards, such as:

- Standard Contractual Clauses (SCCs) are standard contractual clauses approved by relevant regulatory authorities.
- Adequacy decisions by relevant data protection authorities.
- Your explicit consent to the transfer.
- Other mechanisms approved under applicable law.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes we collected it for, including legal, accounting, or reporting requirements.

Typical retention periods:

- Event registration data: 7 years for tax and accounting purposes
- Marketing contacts: Until you unsubscribe or request deletion
- Payment records: 7 years for financial compliance
- Website analytics: 26 months
- Security logs: 90 days
- Cookies: See Section 9 for specific retention periods

We will delete or anonymize your personal data when it is no longer needed, unless we are required to retain it by law.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration, including:

- Encryption of data in transit and at rest.
- Access controls and authentication requirements.
- Regular security assessments and audits.
- Employee training on data protection.
- Incident response procedures.
- Physical security measures for on-site data.
- Secure disposal of personal data

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

8.1 General Rights (All Users):

Access: Access Request access to your personal data we hold
Correction: Correct Request correction of inaccuracies in your data
Deletion: Request deletion of your personal data
Objection: Object to or restrict processing of your data
Restriction: Request Data restriction of processing
Portability: Request data portability in machine-readable format

8.2 California Residents (CCPA/CPRA Rights):

Under the California Consumer Privacy Act/California Privacy Rights Act, California residents have additional rights:

- Right to know what personal information we collect, use, and share
- Right to delete personal information (subject to exceptions)
- Right to opt-out of the “sale” of personal information (we do not sell data)
- Right to limit use of sensitive personal information
- Right to correct inaccurate personal information
- Right to non-discrimination for exercising privacy rights

We will verify your identity before processing requests. You may designate an authorized agent to make requests on your behalf.

8.3 European/UK/Swiss Residents (GDPR Rights):

If you are located in the EEA, UK, or Switzerland, you have additional rights under GDPR:

- Right to lodge a complaint with your local supervisory authority
- Right to withdraw consent at any time
- Right to object to processing based on legitimate interests
- Right to object to direct marketing
- Right to data portability
- Right to be informed about automated decision-making

8.4 How to Exercise Your Rights:

To exercise your rights, please contact us at contact@skyexpoconsulting.com.

We will respond to your request within the timeframes required by applicable law (generally within 30-45 days).

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Website, analyze usage patterns, and deliver personalized content. These technologies include essential cookies for website functionality, analytics cookies for performance monitoring, functionality cookies for user preferences, and marketing cookies for advertising effectiveness. We also work with third-party providers who may place their own cookies. You have various choices regarding cookies, including managing them through your browser settings, our cookie preference center, or third-party opt-out tools. For comprehensive information about the types of cookies we use, their purposes, retention periods, your control options, and how to manage your preferences, please review our complete Cookie Policy at https://skyexpoconsulting.com.

10. Children’s Privacy

Our services and events are not directed to individuals under the age of 18 . Our events are exclusively for professional participants aged 18 and above. We do not knowingly collect personal data from individuals under the age of 18.

11. Biometric Information

11.1 We do NOT collect biometric information as defined under the Illinois Biometric Information Privacy Act (BIPA), including fingerprints, voiceprints, retina or iris scans, or scans of hand or face geometry.

11.2 If we ever implement biometric systems for Event access or security, we will:

- Provide advance written notice and obtain written consent.
- Publish retention and destruction policies.
- Comply fully with all BIPA requirements.
- Not sell, lease, trade, or profit from biometric data.
- Use reasonable care in storing and protecting biometric data.

12. Media and Image Use

By participating in our events, you acknowledge that photos, audio, and video recordings may be taken and used for promotional, editorial, and marketing purposes across various platforms, including but not limited to websites, social media, brochures, and presentations. If you prefer not to be recorded or photographed, please inform us in advance or notify an event organizer on-site. We will provide identifying markers (such as colored badges or lanyards) for attendees who opt-out of photography.

13. Third-Party Links

Our website and event materials may contain links to third-party websites and services. We are not responsible for the privacy practices or the content of these third parties. We encourage you to review their privacy policies before submitting personal data.

14. Special Provisions for Financial Services Professionals

14.1 Given the nature of our Event involving investment and financial professionals:

- We do not perform credit checks or obtain consumer reports under FCRA.
- We do not collect or process data subject to GLBA requirements.
- Any financial information collected is solely for payment processing.
- We maintain appropriate safeguards for professional financial information.

14.2 Communications Compliance (TCPA):

- By providing your phone number, you consent to receive Event-related calls and texts.
- You may opt-out at any time by texting STOP or calling us.
- We do not use automatic telephone dialing systems without consent.
- Standard message and data rates may apply.

15. Email Communications (CAN-SPAM Compliance)

All marketing emails will:

- Include accurate header information.
- Contain non-deceptive subject lines.
- Identify the message as an advertisement (where applicable).
- Include our physical postal address.
- Provide clear opt-out instructions.
- Honor opt-out requests within 10 business days.

16. Data Breach Notification

In the event of a data breach that may compromise your personal information, we will:

- Notify affected individuals as required by applicable law.
- Provide notification without unreasonable delay.
- Include information about the breach and steps you can take.
- Notify relevant regulatory authorities as required.
- Document the breach and our response.

17. Updates to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the

“Effective Date” at the top of the page and notify you where appropriate.

Last Updated date at the top of the page and notify you where appropriate through:

- Email notification for material changes.
- Prominent notice on our Website.

Material changes will be effective 30 days after posting unless required sooner by law. Your continued use of our services after changes constitutes acceptance.

18. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Sky Expo Consulting
511 Harms Rd
Glenview, Illinois 60025
USA

Email: privacy@skyexpoconsulting.com
Phone: +1 (773) 817-4044