Privacy Policy

Effective Date: May 1, 2026

Ardian Group, Inc. and its subsidiaries and affiliates (collectively “us,” “we,” “our,” “Ardian,” or “Ardian Group”) operate the website at www.ardiangroup.com (the “Website”), and PVITL cloud-based service and PVITL® Mobile Applications (collectively, the “Service”). Ardian is a business-to-business provider of, among other things, registration, data, and logistical management for events and conferences on behalf of our customers who subscribe for the Service (“Clients”). This Privacy Policy describes the types of personal information we may collect, use, disclose, and maintain as a “controller” (or “business” as defined under the California Consumer Privacy Act) about visitors to our Website (“Visitors”), the individuals that manage the business relationship with Ardian on behalf of our Clients (“Client Representatives”), and the Client’s authorized users of the Service (“Authorized Users”).

This Privacy Policy does not address: (1) personal information that is collected by our Clients (either with or without the use of the Service) and provided to Ardian for processing as a “processor” (or “service provider” as defined under CCPA) (“Client Information”). Such Client Information may include personal information (including sensitive information) of attendees and registrants of Client’s events. Ardian’s processing of personal information contained in Client Information is governed by a separate data processing agreement between Ardian and the Client which contains provisions protecting the Client Information and limiting Ardian’s use of the Client Information solely as necessary to provide the Service to such Client. If you are an attendee of (or registering to attend) an event organized or hosted by an Ardian Client, please note that Ardian and its Clients are independent parties, and we have no control over, and are not responsible for, the privacy or data security practices of our Clients, which may differ from those set forth in this Privacy Policy; please review the privacy policy of the Client to understand the Client’s practices and direct any questions, concerns, or data rights requests to the Client.

Accordingly, as used in this Privacy Policy, “you” means only Visitors, Client Representatives and Authorized Users as the context requires. An individual may have any combination of such roles.

This Privacy Policy contains the following sections:

1. What personal information we collect as a controller of users of the Website and Service;
2. How we use the personal information;
3. With whom we may share the personal information;
4. Legal basis for processing the personal data;
5. Storage and security of your personal information;
6. Your Privacy Rights, Choices and Disclosures, including those for Europe and California;
7. Users outside the United States;
8. EU-US Data Privacy Framework;
9. Links to other sites;
10. Privacy Policy updates; and
11. Contact Information.

By using the Website or the Service, you agree to the data handling practices in accordance with this Privacy Policy. Unless otherwise defined in this Privacy Policy, terms used herein have the same meanings as in our Terms of Use.

1. PERSONAL INFORMATION WE COLLECT

(a) Automatically Collected Data. The Website and Service capture some information about you automatically utilizing background local storage and session storage technologies (“Cookies”). Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and are transferred to your device. Examples of information of this type are your IP address, the browser you are using, the operating system you are using, the pages on the Website that you visit and details of your transaction activity, such as the amount, date and time for each transaction or activity. When we use Cookies, we may use “session” Cookies that last until you close your browser or “persistent” Cookies that last until you or your browser delete them. You may change your browser setting to decline the use of Cookies. Cookies are required for the Service subscription token, however. We also use Cookies to collect information to improve our services.

We also collect information from Visitors and Authorized Users in connection with visits to our Website and/or use of the Service (“Log Data”). This Log Data includes information, such as your computer’s Internet Protocol (“IP”) address, operating system, browser type, browser version, the pages of our Website or Service that you visit, the time and date of your visit, the time spent on those pages, the actions taken, and other statistics.

In addition, we may use third party services such as Google Analytics that collect, monitor, and analyze Log Data to increase our Service’s functionality. Google provides you with the ability to control the information provided to Google and opt out of certain ads provided by Google using any of the methods set forth at https://policies.google.com/technologies/partner-sites or using the Google Analytics opt out browser add-on at http://tools.google.com/dlpage/gaoptout?hl=en.

We operate social media pages on third party networks and have social media icons on our Website. When you visit or link to our social media pages, data is processed both by us and the applicable social media provider. Social media providers are unaffiliated with us, and we are not responsible for their content or privacy practices. Social media providers have their own terms of use and privacy policies, and we encourage you to review those policies whenever you visit their websites or interact with their platforms.

We do not knowingly collect information from users of our Website or Service under the age of 18 and/or their internet usage, and such persons are not authorized to use the Website or Service. If we obtain actual knowledge that a user is under 18, we will take steps to remove that user's personal information from our databases.

(b) Information Voluntarily Provided. We also collect information that you provide to us voluntarily.

If you communicate directly with Ardian, such as (i) through forms you fill out on our Website or through your correspondence with us, (ii) if you have requested support from us, or (iii) through our blogs, webinars or social media channels, Ardian may collect and store personal information that you share with us, including, but not limited to, your name, phone number, and email address, as well as other information that may be needed to provide a service or information you request.

If you inquire about a career at Ardian through the Website’s careers page or via LinkedIn, you will be asked to provide additional personal information, including a resume and cover letter. We will use the personal information of job applicants solely for employment evaluation purposes. Providing this information is completely voluntary.

We collect information from Client Representatives as necessary to maintain the relationship with the Client. Information may include, but is not limited to, name, address, email address, photograph, phone number, credit or debit card information, employee identification number, and the like.

To become an Authorized User, we require your name, email address, username and password.

We also collect online identifiers, and/or other similar identifiers from our Visitors and Authorized Users.

When using your mobile device to visit, access or use the Website or Service, additional categories of information that we collect may include:

• Your name associated with your mobile device
• Your telephone number associated with your mobile device
• Your geolocation
• Your mobile device ID information

(c) From time to time our interactions with you will be conducted over the telephone, chat or video-conference, and such telephone calls and video conferences may be recorded.

(d) We do not knowingly collect information from users of our Website under the age of 18 and/or their Internet usage, and such persons are not authorized to use the Services. If we obtain actual knowledge that a user is under 18, we will take steps to remove that user's personal information from our databases. By using the Website or Service, you represent that you are at least 18 years old.

2. HOW WE USE THE PERSONAL INFORMATION

We may use the information that we collect:

• To provide you with the services or products that we offer;
• To respond to your inquiries, requests, or other service-related purposes;
• To notify you about any updates, changes, or additions to this Privacy Policy, our Terms of Use or other terms and conditions that govern our relationship with you;
• To send you marketing communications.
• To on-board you as a Client and verify the identities of Authorized Users (for example, using your mobile number for two-favor authentication).
• For general business purposes, including managing your account and relationship with us, responding to enquiries and requests, and administrative purposes.
• To facilitate registrations and transactions.
• To communicate with you, including to provide status updates, transactional emails and other service communications, to provide you with notices about your account and to contact you through telephone, text, email or chat, as permitted by law.
• To communicate with you for research purposes, including to request your participation in surveys.
• To provide, maintain, and protect our Website and Service and assure the integrity of our platform.
• To monitor the performance of our Website and Service and improve your user experience.
• To protect and defend the rights and property of Ardian, our Clients, our users and third parties.
• To comply with legal obligations and regulations to which Ardian is subject and cooperate with regulators, other appropriate agencies or authorities and law enforcement bodies, both within your jurisdiction and internationally.
• To develop, improve and test certain of our products and services.
• To fill employment positions.
• For other purposes that we tell you about when you register or provide personal information about yourself to us.
• For other legitimate business and lawful purposes.

Ardian may obtain your written consent from time to time in electronic form by using online agreements or other acknowledgements on the Website and/or Service, including for any other contemplated uses of your personal information not addressed in this Privacy Policy. Please read all online agreements carefully before accepting them.

3. WITH WHOM WE SHARE THE PERSONAL INFORMATION

Ardian shares personal information with third parties in the following circumstances: (a) between and among our current and future parents, affiliates, subsidiaries, and other companies under common control and ownership; (b) when it is required to complete your transaction; (c) for everyday business purposes, such as to service providers who perform functions on our behalf, such as our technology providers, payment processors, job hosting providers and professional advisors; (d) when you authorize us to do so; (e) to protect or enforce our rights or property, to protect your safety or the safety of others, or to investigate, prevent, or take action against fraud or other illegal activities; (f) in response to legal process or as otherwise required by law; (g) in the event Ardian goes through a business transition or corporate transaction, such as a merger, capital investment, acquisition by another company, or sale of all or a portion of its assets; or (h) to conduct any other legitimate business activities not otherwise prohibited by law.

If you opt-in to receive text messages from Ardian, we will use information you provide to transmit your mobile messages and respond to you, if necessary. This includes sharing information with platform providers, phone companies, and other third-party service providers who assist us in the delivery of mobile messages. As with all information collected by Ardian, we reserve the right at all times, to the extent permitted by law, to disclose any information as necessary to satisfy any law, regulation or governmental request, to avoid liability, or to protect our rights or property.

We may share aggregated and de-identified information with third parties for analytical, research or other similar purposes.

4. GROUNDS FOR USING YOUR PERSONAL INFORMATION

We rely on the following legal grounds to process your personal information:

Consent. Some uses of your personal information as described in this Privacy Policy are subject to your consent, such as marketing communications.
Performance of a contract. We may need to collect and use your personal information to enter into a contract with you and to perform services that you request.
Legitimate Interests. We may use your personal information for our legitimate interests to provide our Website and Service and to improve our Website and Service and the content contained thereon. We may use technical information as described in this Privacy Policy and use personal information for our marketing purposes consistent with our legitimate interests and any choices that we offer or consents that may be required under applicable law.
Compliance with Legal Obligations. We may use your personal information as necessary to comply with our legal obligations.

5. STORAGE AND PROTECTION OF YOUR PERSONAL INFORMATION

We retain the personal information we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected and to perform our contractual and legal obligations. We will retain personal information required to comply with privacy requests, to manage active accounts, as required by law, in order to resolve disputes, or to enforce our agreements. We will retain the personal information we process on behalf of our users as directed by them. We may also retain copies of your personal information for disaster recovery purposes, to prevent fraud or future abuse, or for our legitimate business purposes.

Notwithstanding the generality of the foregoing, we store email addresses until the user requests to be unsubscribed or removes themselves through any self-service tools offered to the user.

We use a third-party payment processor to process payments made to us. In connection with the processing of such payments, we do not retain any personal information or any financial information such as credit card numbers. Rather, all such information is provided directly to our third-party processors.

We take reasonable administrative, physical and technical precautions to protect your personal information and communications between us. This includes, when required or as we deem appropriate and feasible under the circumstances, encryption and written commitments from third parties that may have access to your data that they will protect the data with reasonable and appropriate safeguards.

No Internet or e-mail transmission is ever fully secure or error free, however. We therefore cannot guarantee absolute security of your data, and we are not responsible for processes and networks that we do not control. Users assume the risk of security breaches and the consequences resulting from them. Please be careful in deciding what information you send to us via email or over the Internet.

6. YOUR RIGHTS, CHOICES AND DISCLOSURES

(a) General. This section is subject to specific disclosures on privacy rights set forth below. We are committed to facilitating the exercise of your rights granted by the laws of your jurisdiction, which may include the right to request the correction, modification or deletion of your personal information and the right to opt out of the sale or sharing of your personal information (as applicable). We will do our best to honor your requests subject to any legal and contractual obligations. If you would like to make a request, cancel your account or request we delete or no longer use your account information to provide you Service, contact us at privacypolicy@ardiangroup.com or make changes to any user profile information connected to your account.

Section (b) below describes the rights of those individuals located in the European Union, the United Kingdom or another jurisdiction that has adopted laws substantially similar to the European Union’s General Data Protection Regulation (GDPR). Section (c) describes the rights of residents of California (or another jurisdiction that has adopted laws substantially similar to the California Consumer Privacy Act (CCPA).

You may opt out of receiving electronic marketing communications from us by clicking on the “unsubscribe” link on the communication or contacting us at privacypolicy@ardiangroup.com. Some non-marketing communications may not be subject to a general opt-out, such as communications about transactions, disclosures to comply with legal requirements, software updates and other support-related information. If you do not wish to receive any service-related emails from us, you have the option to deactivate your account. Subject to local law, you may have additional rights under the laws of your jurisdiction regarding your personal information, such as the right to complain to your local data protection authority and the right to appeal our decision regarding a data access request.

You may be able to disable Cookies through your browser settings, but if you delete or disable Cookies, you may experience interruptions or limited functionality in certain areas of the Service.

(b) Your European Privacy Rights and Choices. If you are located in the European Union, the United Kingdom or another jurisdiction that has adopted laws substantially similar to the European Union’s General Data Protection Regulation (GDPR), your privacy rights include the following:

• Transparency and the right to information. Through this policy we explain how we use and share your information. However, if you have questions or need additional information you can contact us any time.
• Right of access, correction, restriction of processing, erasure. You may contact us to request information about the personal information we have collected from you and to request the correction, modification or deletion of such personal information, which requests we will do our best to honor subject to any legal and contractual obligations. To make a request or to ask us a question about our data practices, please contact us via email at privacypolicy@ardiangroup.com.
• Right to withdraw your consent at any time. When we process your personal information based on your consent, you have the right to withdraw it at any time.
• Right to object at any time. You have the right to object at any time to receiving marketing or promotional materials from us by either following the opt-out instructions in commercial e-mails or by contacting us, as well as the right to object to any processing of your personal information based on your specific situation. In the latter case, we will assess your request and provide a reply in a timely manner, according to our legal and contractual obligations. Some non-marketing communications are not subject to a general opt-out, such as communications about transactions and disclosures to comply with legal requirements.
• Right to data portability. You have the right to data portability of your own personal information by contacting us.
• Right not to be subject to an automated decision, including profiling. We do not make automated decisions using your personal information that may negatively impact you.
• Right to lodge a complaint with a supervisory authority. If you consider that the processing of your personal information infringes your privacy rights according to GDPR, you have the right to lodge a complaint with a supervisory authority, in the member state of your habitual residence, place of work, or place of the alleged infringement.

(c) California Disclosures California Consumer Privacy Act Disclosures.
If you are a resident of California (or another state that has adopted laws substantially similar to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA)), you have the right to request:

• The categories of personal information (including sensitive personal information if applicable) we have collected about you;
• The categories of sources from which the personal information is collected;
• The business or commercial purpose of collecting, selling or sharing personal information;
• The categories of third parties with whom we share or sell personal information;
• The categories of personal information about you that we have disclosed for business purposes; and
• The specific pieces of personal information we have collected about you. Additionally, you have the right:
• to know the length of time we retain your personal information;
• to request deletion of your personal information;
• to request the correction of any inaccurate data;
• to opt out of the sale or sharing of your information (if applicable);
• to limit the use of sensitive personal information (if applicable); and
• to not be discriminated against for exercising any of your rights under CCPA.

In the last 12 months preceding the effective date of this Privacy Policy, we have not sold or shared (as defined under CCPA) consumers’ personal information.

Please see the chart below regarding the categories of data we may have collected or received in the 12 months preceding the effective date of this Privacy Policy from our Visitors, Authorized Users and Client Representatives in connection with providing our Website and Service and to whom we may have disclosed the information for business purposes.

Any sensitive data we collect is used only for a business purpose and not for the purposes of inferring characteristics of a consumer.

You may submit a request to us via email at privacypolicy@ardiangroup.com or through our Website form located at https://ardiangroup.com/contact. We may also require that you submit your request via the Service’s standard authentication procedures (i.e., log on with username and password to submit a request) to ensure you are the person you say you are. If this information or these processes are insufficient to verify your identity and assess your privacy request, we may need to ask for additional information. You may also designate an authorized agent to make a CCPA privacy request.

California “Shine the Light” Information-Sharing Disclosure: California residents may request a list of all third parties with respect to which we have disclosed any information about you for direct marketing purposes and the categories of information disclosed. If you are a California resident and want such a list, please send us a written request by email to privacypolicy@ardiangroup.com with “California Shine The Light Rights” in the subject line.

California Do Not Track Disclosure: We do not track our users over time and across third party websites to provide targeted advertising on our Website and, therefore, our Website does not respond to Do Not Track (DNT) signals.

7. USERS OUTSIDE THE UNITED STATES

The Website and Service are controlled and operated from the United States. If you are an individual from the European Union, Canada or any other jurisdiction with laws or regulations governing personal information collection, use, and disclosure that differ from United States laws, please be advised that we store the information we collect in the United States. By visiting our Website or using our Service, you are consenting to the transfer of your information from your jurisdiction to the United States.

8. SENSITIVE INFORMATION & AFFIRMATIVE CONSENT

We do not collect sensitive personal information (as defined under applicable laws) unless it is necessary for a specific, disclosed business purpose and provided by you voluntarily.

Where we do collect or receive sensitive personal information (such as information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying sex life or sexual orientation), we will obtain your affirmative express consent (opt-in) before (i) disclosing it to any third party (other than an agent acting on our behalf under contract), or (ii) using it for a purpose materially different from the one for which it was originally collected or subsequently authorized.

In addition, where sensitive information is provided to us by a third party who identifies and treats that information as sensitive, we will treat it as sensitive in accordance with the same protections and opt-in requirements.

9. EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES

Ardian Group, Inc. and its affiliate Ardian Technologies, LLC complies with the EU-U.S. Data Privacy Framework Principles as set forth by the U.S. Department of Commerce. Ardian Group, Inc. and its affiliate Ardian Technologies, LLC has certified to the U.S. Department of Commerce that they adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. Data Privacy Framework Principles, Ardian commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our EU-U.S. Data Privacy Framework Principles policy should first contact Ardian at: privacypolicy@ardiangroup.com.

A. Data Protection Authorities

Ardian commits to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved EU-U.S. Data Privacy Framework Principles complaints concerning human resources and non-human resources data transferred from the EU.

Ardian further commits to refer unresolved EU-U.S. Data Privacy Framework Principles complaints to EU DPAs as an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.dataprivacyframework.gov/assistance for more information or to file a complaint. The services of EU DPAs are provided at no cost to you.

B. Onward Transfer Accountability

We may employ third party companies and individuals to facilitate our Service. In compliance with the EU U.S. Data Privacy Framework Principles, Ardian ensures that any third party with access to personal information has given us contractual assurances that it provides at least the same level of protection as is required by the EU-U.S. Data Privacy Framework Principles and notify us if it makes a determination that it cannot do so.

In addition, if it is determined that personal information is processed in a manner inconsistent with the Principles, third parties are to cease processing of the personal information or take other reasonable and appropriate steps to remediate.

We acknowledge that we have certain liability under the EU-U.S. Data Privacy Framework Principles if both (i) the agent on our behalf processes the personal information in a manner inconsistent with the EU U.S. Data Privacy Framework Principles and (ii) we are responsible for the event giving rise to the damage.

C. U.S. Federal Trade Commission Enforcement

The U.S. Federal Trade Commission (FTC) has jurisdiction over Ardian’s compliance with the EU-U.S. Data Privacy Framework Principles.

D. Arbitration

An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding EU-U.S. Data Privacy Framework Principles compliance not resolved by any of the other EU-U.S. Data Privacy Framework Principles mechanisms. For additional information, please visit: https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction

10. LINKS TO OTHER SITES

Our Website and Service may contain links to other websites for your convenience or information. These websites may be operated by companies unaffiliated with Ardian, and we are not responsible for the content or privacy practices of those websites. Linked websites may have their own terms of use and privacy policies, and we encourage you to review those policies whenever you visit the websites.

11. PRIVACY POLICY CHANGES

We may update this Privacy Policy from time to time and without prior notice to you to reflect changes in our information practices, and any such amendments shall apply to information already collected and to be collected. Your continued use of the Service after any changes to our Privacy Policy indicates your agreement with the terms of the revised Privacy Policy. Please review this Privacy Policy periodically and especially before you provide personal information to us. If we make material changes to this Privacy Policy, we will notify you here, by email or by means of a notice on our home page. The date of the last update of the Privacy Policy is indicated at the top of this Privacy Policy.

12. CONTACT INFORMATION

Please contact us if you have any questions about our Privacy Policy by emailing us at privacypolicy@ardiangroup.com.