Effective December 2023 This website is owned and operated by Ziff Davis Inc. (Website) provides content and resources to enhance your experience with Ziff Davis Inc. and its affiliated products. We value your privacy and are committed to protecting the privacy of your information. This Privacy Policy (or “policy”) describes how this Website uses the personal information you provide and the rights you have. We have created this Privacy Portal to help you exercise your rights. Privacy Policy Overview Information We Collect, Receive and Create About You Data Processing and Retention Sensitive Personal Information Direct Marketing Information We Share With Third Parties International Transfers of Information Data Security and Breach Handling Data Retention Your Rights with Respect to Your Personal Information How to Change Your Preferences Contact Details Children California Consumer Rights Metrics How this Privacy Policy May Change 1. Privacy Policy Overview Ziff Davis Inc. owns and operates this Website, and this policy covers information collected only through this Website. You can review the privacy policy for our subsidiaries on their websites. In part, the purpose of this policy is to notify users of this Website’s policies and practices with respect to their data. By using the services provided you have agreed to the Terms of Use (or ToU); and this policy is a part of the ToU. 2. Information We Collect, Receive and Create about You We may collect or obtain information about you when you sign up, when you create profiles, pages or contributions, when you use and interact with our services and when you make your personal information public. In some cases, we may also receive information about you from third parties. Data you provide when you sign up: This is, for example, username, password, subscription information, and basic information about any other accounts you choose to associate with your registration, like your Apple, Facebook, or Google account. Data we collect through your use of our services: We make and keep records when we provide you support or assistance on our services. We may also collect information about how you interact with our various services (or parts of our services) or third party content you see on our apps and sites. We also collect data on how you interact with the ads you see. Data we receive from third parties: In some cases, we may receive information about you from third parties, for example, social networking sites. Please note that this policy does not cover the practices of third parties, including those that may disclose information to us. 3. Data Processing and Retention We process your personal information in order to provide you the best experience of our services. We may also process your Information where the processing is necessary for the establishment, exercise or defense of legal rights. Below is a chart stating which categories of your personal information we process for which purposes specifically, and how long we retain that data. Our processing of your data is subject to your use of our service, your privacy preferences, and your account settings choices. Personal InformationWe may process the following categories of personal iInformation about you. Categories of personal information Purpose of processing __________ legal basis Retention Period Account Information (Personal Details): Information you provide to us such as, your name; postal address; telephone and/or mobile number; email address; employer; login details, including username and password; interests; public social media handles or profile(s); and photograph posted by you and other users. To provide use of our services as agreed in the ToU. __________ Legitimate Interest For the life of the account and a reasonable and legally compliant time thereafter. App Data. For more information about a particular App or Tool and the data it collects, please visit here. Please note,we may collect information from third-party apps such as TheSpiceWorld hosted on the CVent platform. Maintain and improve service standards___________ Legitimate Interest For the life of the account and a reasonable and legally compliant time thereafter. Consent Records: records of any consents you may have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent). Comply with applicable laws and regulations and users’ choices. ___________ Legal Requirement For the life of the account and a reasonable and legally compliant time thereafter. Customer Records: electronic customer records containing personal information, such as name, signature, address, telephone number, or any financial information. We may also collect Personal Data information about you through your communications with our customer support team. NOTE: Please ensure that no sensitive personal data is submitted in connection with your requests for support (for example, health information, political or religious beliefs, information about minors, etc.). To maintain service standards and provide users with the ability to communicate efficiently and effectively with our company. ____________Legitimate Interest Customer records will be kept in accordance with applicable laws. Demographic Information: gender; age/date of birth; nationality; salutation; job title, company information, education, work experience and other professional information; language preferences Enable customer expression, maintain and improve service standards, and marketing. ____________ Legitimate Interest For the life of the account and a reasonable and legally compliant time thereafter. Location Information: We collect your IP address from which we can derive imprecise location information, for example, at the city or zip code level, of a user’s computer or device. We may also have this type of location information if you provide it to us during sign up or in your profile, project page, or contributions. Maintain service standards, provide relevant content and marketing. ____________Legitimate Interest For the life of the account and a reasonable and legally compliant time thereafter. 4. Sensitive Personal Information We do not seek to collect or process sensitive personal information, such as, race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, or sex life. Where users choose to disclose sensitive personal information within profiles, contributions or other free-text fields available through this Website, we do not use the sensitive information for any additional purpose without consent, unless required to comply with laws, or prevent crimes. 5. Direct Marketing We may use the contact details you provided us to reach out to you with information regarding services that may be of interest to you, for example, upcoming promotions. You may unsubscribe or opt out of SMS messages at any time at no cost. 6. Information We Share with Third Parties Ziff Davis Companies: This website is operated by Ziff Davis Inc., which is owned by Ziff Davis Inc. We share your information with other businesses owned by Ziff Davis, Inc. (“Ziff Davis Companies”) to assist us in the operation of our services, improve them, and further develop them. We also share information with other Ziff Davis companies for the purposes of targeted advertising. If you would like to opt out of the sale or sharing of your data with other Ziff Davis companies, you can do so via our privacy portal. Other Third Parties: We may also share your personal information with the following: Relevant third party provider, where our services use third party advertising, plugins or content, subject to your privacy choices and settings, and our ToU; Merchants, business partners, or advertisers where you consented and chose to participate in offers, contests, or other activities; Third party Processors (such as analytic providers; data centers; etc.), located anywhere in the world, subject to the requirements and limitations; Legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation; Any party as directed by a law enforcement agency or court, to the extent necessary for the establishment, exercise or defense of legal rights; Law enforcement for the purposes of prevention, detection, or investigation of criminal offenses and any legal proceedings associated with them; and In the case of a full or partial acquisition, relevant third parties. 7. International Transfers of Information We may transfer your Personal Information to recipients in other countries. Ziff Davis participates in the E.U.-U.S. Data Privacy Framework, the UK extension to the EU-U.S. DPF, the Swiss-U.S. Privacy Framework and the APEC Cross Border Privacy Rules System. Where we transfer User Information from the European Economic Area (“EEA”) to a recipient outside the EEA that is not in an adequate jurisdiction, we do so on the basis of standard contractual clauses. Because of the international nature of our business, we may need to transfer your User Information within the Ziff Davis group of companies, and to third parties as noted in Section 9 above, in connection with the purposes set out in this Policy. For this reason, we may transfer your User Information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located. We remain liable under the DPF Principles if any third parties that we transfer your personal information to process it in a manner inconsistent with the DPF Principles, unless we prove that we are not responsible for the event giving rise to the damage. Ziff Davis and its associated affiliates and subsidiaries complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Ziff Davis has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Ziff Davis has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov. We are committed to staying current with developments related to the Data Privacy Framework and may update our transfer mechanisms and safeguards as necessary to remain compliant. Any updates will be reflected in this Privacy Policy. If you are a European individual with a privacy related complaint, concern or question about Ziff Davis’ privacy practices, please contact us through our privacy portal. Under certain conditions, more fully described on the Data Privacy Framework website, European individuals may invoke binding arbitration when other dispute resolution procedures have been exhausted. Where we transfer your Personal Information from the EEA to recipients located outside the EEA who are not in a jurisdiction that has been formally designated by the European Commission as providing an adequate level of protection for Personal Information, we do so on the basis of standard contractual clauses. You may request a copy of the relevant standard contractual clauses using our privacy portal. Please note that when you transfer any Personal Information directly to a Company entity established outside the EEA, we are not responsible for that transfer of your Personal Information. We will nevertheless Process your Personal Information, from the point at which we receive the data, in accordance with the provisions of this Privacy Policy. Enforcement Authority The Federal Trade Commission has jurisdiction over our compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). Complaints Mechanism In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Ziff Davis commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Ziff Davis at [email protected]. In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Ziff Davis commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TrustArc, an alternative dispute resolution provider. The services of Trustarc are provided at no cost to you. For further information please visit https://trustarc.com/dispute-resolution/. Under certain conditions, a binding arbitration option may be available to you in order to address complaints not resolved by any other means. For further information, please see Annex I of the EU-U.S. Data Privacy Framework Principles at: https://www.dataprivacyframework.gov/. In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Ziff Davis commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship. For a list of our subsidiaries and affiliates who also adhere to the DPF Principles, please click here. Our privacy practices described in this Policy comply with the Asia-Pacific Economic Cooperation (“APEC”) Cross Border Privacy Rules System. To learn more about this program, please click here. 8. Data Security and Breach Handling We implement appropriate technical and organizational security measures to protect your personal information against unlawful destruction, loss alteration, misuse, or unauthorized access while in our possession. All parties we contract with must agree to provide reasonable data security measures for the customer information we share with them, in compliance with applicable laws and regulations. If we learn of a security breach that affects our users, we may send an email or other direct communication to you, or post a blog to notify the public on our Help and Support Security Center. If you have any reason to believe that your data with us has been compromised (for example, there has been unauthorized access to your account), please contact us at [email protected]. 9. Data Retention We will retain your personal information for as long as is necessary in connection with the purposes set out in this policy, and in accordance with applicable laws. For more details on how long data is retained see the table in Section 3. 10. Your Rights With Respect to Your Personal Information Many privacy regulations afford consumers a number of specific rights. If you are a resident of the EU (under GDPR), UK (under the UK GDPR), Brazil (under the LGPD), several U.S. States, including California (CCPA), Virginia (under VCDPA), Colorado (under the CPA), and Connecticut (under the CTDPA), or another jurisdiction with similar privacy requirements, you have certain rights which may include those listed below. Your rights: Right to Withdraw Consent: Where you are requested to consent to the processing of your personal information, you have the right to withdraw your consent at any time. Right to Know: You have a right to know what personal information we collect, process, and share or sell. This policy is meant to provide transparency with regard to your data. If you have additional questions, you can email us at [email protected]. Right of Access: You can request a copy of the personal information we have collected about you from us. Right to Delete/Erase: You can request us to delete all the information we have collected about you. It is important to note that by exercising your right to deletion you may lose access to your account and any purchases, points or features associated with it. If you wish to cancel your account or request that we no longer use some or all of your information to provide you services, contact us at [email protected]. Right to Request Rectification: If you find that any of your information that we are processing is inaccurate, you can contact us to have your information corrected. In response, we will cancel or remove your information but may retain and use copies of your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. For certain requests, we may require additional information. (California) Right to Opt-out of the Sale or Sharing for Targeted Ads: Under some circumstances we may sell or share the personal data you provide to us to provide ads to you that align with your interests. If you would prefer not to have your data sold or shared, you can opt-out of selling or sharing by submitting a request via privacy portal or by emailing [email protected]. We may ask for additional information to verify your request. Right to Object to the Processing: You can object to our processing of your personal information via our privacy portal, under certain circumstances. By objecting to processing, you may not be able to access some or all of our services. This right is limited to personal data processed for commercial purposes. Right to Object to the Use of Sensitive Personal Information: You have the right to object to our use of your sensitive personal information. Sensitive personal information is information about your health, race, religion, sexual orientation, gender identity, political opinions or philosophical beliefs. You should always be mindful about the personal information you share online, especially when it is sensitive in nature. Right to Object to Automated Processing: You have a right to object to the processing of your data for the purposes of automated decision making about you. Right to not be Discriminated Against: You have a right to not be discriminated against for exercising your rights. Right to Complain (EU, UK, Switzerland): Should you wish to raise a complaint about the collection or use of your information, you have the right to do so without prejudice to any other rights you may have. You may lodge a complaint with your local data protection authority. Right to an Authorized Agent (CA): If you would like to make a request on behalf of a California consumer who is a current or former customer, please provide an email from the email address we have on file for the customer authorizing the request. You may also make a request under the California Consumer Privacy Act on behalf of a California consumer if you provide (1) a signed, written permission from the consumer to act on your behalf, and the consumer verifies their own identity directly with us; or (2) proof that the consumer has provided you with power of attorney pursuant to Probate Code sections 4000 to 4465. We may deny a request from an agent that does not submit proof that they have been authorized by the consumer to act on their behalf. In order to make privacy requests please visit our privacy portal and fill out the form. You can also email us at [email protected]. Our contact information can be found in the “Contact Details” section below. You may be required to verify your identity before we can give effect to these rights. If you are making a request on behalf of a user, we require a signed authorization letter from the consumer. 11. How to Change Your Preferences You can change your preferences at any time. Below is a list of some of the actions you can take. Changing Your Own Information: Keeping your personal information current helps ensure that we offer you the best coupons available for merchants and business partners. You can do several things to help keep your personal information up-to-date. You can login to the Services via a desktop computer and click the “Profile” link to update or delete the information you provided us to use in your profile. We may retain and use copies of your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Your Newsletter and Email Subscriptions. You can opt out or unsubscribe to a newsletter or other email list at any time by following the instructions at the end of the newsletters or emails you receive. Please allow five to ten business days for changes to take effect. On some Services, member service-related communications are an integral part of the service to which you subscribe and you may continue to receive emails as part of that particular portion of the services, even if you opt out of the newsletters or email list. In these cases, you cancel your account to cease communication. Also note that if you have provided more than one email address to us, you may continue to be contacted unless you request to unsubscribe each email address you have provided, or delete your accounts. Location Based Services. You may opt-out of having your Precise Location Data collected at any time by editing the appropriate setting on your mobile device (which is usually located in the Settings area of your device). California Residents. In accordance with the California Online Privacy Protection Act, we may collect Personal Information about your online activities when you use our services. California’s “Shine the Light” law permits our users who are California residents to request and obtain certain information about any Personal Information disclosed to third parties for direct marketing purposes. If you are a California resident and wish to make such a request or if you wish for us to refrain from gathering your Personal Information, please submit your request in writing to us using the contact details in Section 14. 12. Contact Details You can submit privacy related inquiries to our Privacy Portal. For any additional questions, you can contact us by emailing [email protected] or at the following address: Ziff DavisAttention: Legal Department360 Park Avenue South, 17th FloorNew York, NY 10010 We have registered our DPO with the Irish Data Protection Commission. If you have any questions or concerns about our privacy practices, we encourage you to contact our DPO at the following email address [email protected] or at the following address: Ziff DavisAttention: Legal DepartmentUnit. 3.1, Woodford Business ParkSantry,Dublin 17Ireland 13. Children These services are not intended for use by children, especially those under 16. We reserve the right to remove a user’s account at any time, when necessary, if we discover that a user is under the required age limit for the service. If you have reason to believe we have collected personal information from someone under 16, please report it to us so we can take appropriate steps to rectify this. 14. California Consumer Rights Metrics Pursuant to the California privacy regulations, our consumer rights metrics can be found on our Regulatory Information Site. 15. How this Privacy Policy May Change This policy may be amended or updated from time to time at our discretion. Any updates will be effective at the time of publication, unless specified otherwise. Your continued use of our services after the publication of a policy update constitutes your consent to the changes. We will notify you prior to making policy updates that materially change the way we treat your personal data, and will not use your data in a materially different manner without your consent.