Privacy Policy

Effective Date: April 29th, 2024

The International Association of Amusement Parks and Attractions is a membership-based trade association for permanently located attractions dedicated to the preservation and prosperity of the global attractions industry. We take your privacy seriously. This privacy policy describes our practices regarding the collection and use of your personal data when you visit the websites or mobile applications linking to this privacy policy (including www.IAAPA.org, our “Site”), attend an event hosted by or in connection with us, or otherwise use our services or interact with us. The term “personal data” as used in this privacy policy shall mean any information that enables us to identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier, or one or more factors specific to you.

Who We Are

The International Association of Amusement Parks and Attractions is the controller and responsible for the personal data collected and used as described in this privacy policy (“IAAPA”, “we”, “us” or “our”). We are based in Orlando with offices at 4155 W Taft Vineland Rd, Orlando, FL 32837, United States of America. Information privacy is a constant responsibility so we may make changes to this privacy policy as we adopt new personal data and privacy practices. We will post any changes we make to this privacy policy on this page. Please check back frequently to see any updates or changes to this privacy policy or you may refer to the date displayed at the top of this page indicating when this privacy policy was last updated.

How to Contact Us

If you have any questions or comments regarding this privacy policy or our collection or use of your personal data, please contact us:

  • By e-mail at [email protected]
  • By post at 4155 W Taft Vineland Rd, Orlando, FL 32837, United States of America

If you wish to confirm whether we are processing your personal data, have access to the personal data we may have about you, or exercise any other privacy rights described in this privacy policy, please fill out our Data Subject Access Request (DSAR) form.

We will provide reasonable access to your personal data at no cost to IAAPA members, trade show and conference attendees, and others upon request or where required to do so under applicable law. 

Requests to access or correct personal data made by residents of Hong Kong requires a Data Access Request (DAR) made in the prescribed form and submitted to our Hong Kong office. DAR forms are available from the website of the Office of the Privacy Commissioner for Personal Data and should be submitted:

  • By e-mail [email protected]
  • By post at: Level 15, Zoroastrian Building, 101 Leighton Road, Causeway Bay, Hong Kong
Children and Privacy

Our Site is not intended to be appealing to children under the age of 13. If you are not 13 years or older, do not use our Site. We do not knowingly attempt to solicit or receive personal data from children. If we learn that personal data of persons less than 13 years-of-age has been collected through our Site, we will take the appropriate steps to delete this information. If you are aware that we have collected the personal data of children under the age of 13, please notify us using the contact details set out under "How to Contact Us".

How We Collect and Use Your Personal Data

IAAPA collects personal data about our members, customers, and individuals who attend events that we host or are otherwise affiliated with. With a few exceptions, this information is limited to the kind of basic information you might expect to find on business cards or company websites, such as: first name, last name, job title, employer, phone number, professional address, professional e-mail, and area of expertise. We use this information to provide members, customers, and event attendees with goods and services, such as registration to and information about IAAPA events and expos, membership, subscriptions, certification, and more.

The information we collect includes:

  •  Personal Data that You Give Us
    • Membership
      When you become an IAAPA member we collect information about your company that includes (but is not limited to) name of company, size, type, attendance, address, phone number, e-mail address. We may also collect your personal data including (but not limited to) name, job title, professional address, professional phone number, and professional e-mail address.

      We process your personal data as is necessary for the performance of your membership agreement, or to answer questions or take steps at your request prior to you becoming a member. This includes processing your personal data for membership administration, to deliver membership benefits to you, and to inform you of IAAPA-related events, content, and other opportunities. IAAPA may also use this information to help understand our members’ needs and interests to better tailor our products and services to you as necessary in our legitimate interests.

      It is often the case that a company rather than an individual is a member of IAAPA, and there may be an associate of the company responsible for ensuring the company roster of individuals is kept up to date and accurate within the self-service IAAPA member portal. Where the membership agreement is with the company, we may process the associates personal data on the basis that it is in our legitimate interests to do so (in order to provide membership services to the associates' respective company). Given the nature of our data collection and processing operations, we do not consider that the associate's fundamental rights and freedoms outweigh this legitimate interest.
    • Events
      We host many events throughout the year, including in-person events like IAAPA Expo and virtual events such as live webinars. Collectively these will be referred to as “events.” If you register for one of our events and you are a member, we will access the information in your member account to provide you with information and services associated with the event. If you are not a member and you register for one of our events, we will collect basic personal information, such as: your name and contact information. IAAPA may employ third-party partners to collect, process, and manage registration information and use it to provide you with confirmation and services associated with the event. This information may also be used to contact you about future events and opportunities with IAAPA, where you have given your consent if required under the applicable law. To help you connect with those attending IAAPA events, we will share your name, company name, job title, email address, phone number and mailing address with other event attendees.  This information may also be shared with our event sponsors who may contact you about their own products, services, events and opportunities that may be of interest to you, subject to you having given consent to receive the same if required by applicable law.  Event attendees and event sponsors who will receive the above-mentioned information may be located outside of the country / region where you are located.

      We may take photographs or videos at our "live" events, and our webinars may be recorded. Your personal data may therefore be collected (e.g., in pictures, videos, or recordings). We process this personal data on the basis that it is in our legitimate interests to do so (in promoting and marketing IAAPA - e.g., by sharing pictures, videos, and recordings in publications, on social media, and on our website). If you are not happy with your personal data being collected, processed, and shared in this manner, then please let us know using the contact details set out under "How to Contact Us", when signing up, or when attending an event. If you do no object to us collecting, processing, and sharing your personal data in this manner, then we do not consider your fundamental rights and freedoms to outweigh our legitimate interests.

      We keep a record of your participation in IAAPA events as an attendee or presenter. This information may be used to provide you with membership services or to tell you about other events and services, provided you have given your consent if required under the applicable law. It may also be used on the basis that it is in our legitimate interests to do so (to help us understand our members’ needs and interests to better tailor our products and services). We do not consider that your fundamental rights and freedoms outweigh this legitimate interest.
    • Payments
      You may choose to purchase goods or services from us using a payment card. We process payment cards, but do not store your information.
    • Content 
      We offer a great deal of content to our members. In addition to producing our own original content, we partner with a third-party to produce IAAPA News Daily, a daily newsletter roundup of industry news published by media from around the world. In the e-mail and online versions of IAAPA News Daily, we will offer you links to other organizations that we believe will be useful to you. We are not responsible or liable for content provided by these third-party websites or personal data they may happen to gather from you.

      If you are a member, we pull the membership information you provided for your roster to create mailing lists, both print and digital, with your consent where required by applicable law. Mailing lists are provided to a third-party partner for distribution of content. For more information, see under "When and How We Share Personal Data With Others".

      Members may subscribe or unsubscribe from Funworld, IAAPA News Daily, and other communications at any time. We strive to honor your decision to unsubscribe from our communications to the fullest extent of our capabilities, but there is a chance you will still receive IAAPA communications for a period of time after you have requested to unsubscribe.
    • Research 
      We regularly conduct surveys that we use to produce industry reports, identify member needs, and develop new products and services. Personal data may be collected to facilitate participation incentives (such as gift cards) as necessary in our legitimate interests (in conducting the survey), or where you have given your consent if required under the applicable law. Participation in surveys is voluntary and as such our legitimate interest is not outweighed by your fundamental rights and freedoms.
    • Your Correspondence With Us
      If you correspond with us by e-mail, the postal service, or other form of communication, we may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of upcoming events, publications, or other services (with your consent, where required by applicable law); or to keep a record of your complaint, accommodation request, and the like. If you wish to “erase” your personal data or stop our communications with you, please submit a completed DSAR form. In Hong Kong, please submit a DSAR form in the prescribed form (available from the website of the Office of the Privacy Commissioner for Personal Data) to [email protected] or send to us by post to Level 15, Zoroastrian Building, 101 Leighton Road, Causeway Bay, Hong Kong. For more information, see under "Your Rights".
  • Personal Data that We Collect Automatically
    Like most websites, our Site collects certain information automatically and stores it in log files. The information may include Internet protocol (IP) addresses, the region or general location where your computer or device is accessing the Internet, browser type, operating system, and other usage information about the use of our Site. We use this information to help us design our Site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences as it is in our legitimate interests to do so. We also use cookies (with your consent where required under applicable law) to help us to analyze the use of our Site to customize and improve the content and the layout of our Site. For more information about our use of cookies, please see our Cookie Policy.
  • Personal Data from Third Parties
     Sometimes we receive personal data about individuals from third parties. These can include third-parties that administer resources promoted by IAAPA, such as webinars, online learning, and registration
“Do Not Track” Signals

We do not respond to web browser “do not track” signals. As such, your navigation of our Site may be tracked as part of the gathering of quantitative user information described above. If you arrive at our Site by way of a link from a third-party site that does respond to “do not track” requests, the recognition of any “do not track” request you have initiated will end as soon as you reach our Site.

When and How We Share Personal Data with Others

There are circumstances where we wish to disclose or are compelled to disclose your personal data to third parties. This will only take place in accordance with the applicable law and for the purposes listed in this privacy policy.

We will share your personal data with:

  • Our affiliates, branches, or associated offices.
  • Third-party vendors, consultants, and other service providers who we employ to perform tasks on our behalf. These companies include our payment processing providers, website analytics companies (e.g., Google Analytics), CRM service providers (e.g., Salesforce), AMS service providers (e.g., Fonteva), e-mail service providers (e.g., Salesforce Marketing Cloud, Adestra), events management (e.g. Expotec, MCI), and others.
  • Our data center provider (based in the United States).
  • Advertising partners who enable us to deliver personalized ads to your devices or similar advertising where you have given your consent if required under the applicable law.
  • Our marketing partners who may contact you by post, email, telephone, SMS or by other means, subject to your consent if required under the applicable law. If you do not wish to be contacted, please see the Opting Out section of this privacy policy under "Your Rights".
  • Another legal entity, on a temporary or permanent basis, for the purposes of an actual, proposed, or potential joint venture, collaboration, financing, sale, merger, reorganization, change of legal form, dissolution, or similar event. In the case of a merger or sale, we will permanently transfer your personal data to a successor company. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy. 
  • Third parties including (without limitation) public authorities, to comply with the law, applicable regulations, governmental and quasi-governmental requests, court orders or subpoenas, to enforce other agreements you may have with IAAPA, or to protect our rights, property or safety or the rights, property or safety of our users or others (e.g., to a consumer reporting agency for fraud protection). We reserve the right to release information that we collect to law enforcement or other government officials, as we, in our sole and absolute discretion, deem necessary or appropriate.
  • Any other third party where you have provided your consent. 
  • Other IAAPA event attendees.
  • IAAPA event sponsors.

We may also share aggregated or anonymous information that cannot identify you with third parties. For example, we may disclose the number of visitors to our Site or the number of people who have downloaded a particular document. 

In addition, we share member personal data in the following ways:

  • Member Directory
    To help our members connect, we offer access to a directory of our full membership. The information available in this directory includes company name, contact information, and company website. This information is only available to your fellow members. Members may request this information for no charge only once a year and are restricted from using it more than three times a year. 
  • IAAPA Attractions Industry Marketplace 
    IAAPA Attractions Industry Marketplace connects potential buyers with our manufacturer and supplier members through a searchable directory. We provide a third-party with the company and company member representative’s name, professional phone number, professional website, and professional e-mail address to list in the searchable directory. The third-party provider may reach out to you with additional opportunities to promote your listing in the directory.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Transferring Your Data from the EU and China to the United States

Our headquarters are located in Orlando, Florida, and we have offices in Brussels, Belgium; Hong Kong, Singapore, Shanghai, China; and Mexico City, Mexico. Information we collect may be processed in any of these offices but hosted on our service providers’ cloud servers on our behalf in the United States. However, we will always protect your information in accordance with this privacy policy wherever processed. In all cases, any transfer of your personal data will be compliant with applicable data protection laws.

With respect to European personal data, we have put in place appropriate safeguards to protect data (generally, either the Standard Contractual Clauses, the UK International Data Transfer Addendum, or the EU-US Data Privacy Framework and the UK/Swiss extension to the same) that comply with the law on cross-border data transfers. For more information on the appropriate safeguards in place, please contact us using the contact details provided in the How to Contact Us section of this privacy policy.

With respect to Chinese personal data, we have put in place appropriate safeguards to protect data that comply with the law on cross-border data transfers. For more information on the appropriate safeguards in place, please contact us using the contact details provided in the How to Contact Us section of this privacy policy.

How We Store and Secure Your Information

To help protect the privacy of personal data we process, and to ensure that your personal data is not subject to unauthorized access, we maintain physical, technical, and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. We train our employees about the importance of confidentiality and maintaining the privacy and security of your information. Your personal data is stored on partner servers.

How long we hold your personal data for will vary and will depend principally on:

  • the purpose for which we are using your personal data – we will need to keep the personal data for as long as is necessary for the relevant purpose; and
  • legal obligations – laws or regulations may set a minimum period for which we have to keep your personal data.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Site. Any transmission of personal data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.

We will store your personal data, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the personal data is processed. We use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically and reasonably feasible to remove it. Otherwise, we will seek to delete your personal data within a reasonable timeframe upon request.

Links to Third-Party Websites

The Site contains links to and from the websites of our partners, sponsors, advertisers, affiliates, and other third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Your Rights

Correction and Removal

If any of the personal data that we have about you is incorrect, or you wish to have personal data removed from our records, please fill out our Data Subject Access Request (DSAR) form. In Hong Kong, please submit a DAR form in the prescribed form (available from the website of the Office of the Privacy Commissioner for Personal Data) to [email protected] or send to us by post to Level 15, Zoroastrian Building, 101 Leighton Road, Causeway Bay, Hong Kong.

Opting Out

Additionally, if you prefer not to receive marketing messages from us, please let us know by clicking on the unsubscribe link within any marketing message that you receive, or by contacting us using the contact details provided in the How to Contact Us section of this privacy policy. We will usually inform you before collecting your personal data if we intend to use your personal data for marketing purposes or if we intend to disclose your information to any third party for marketing purposes and will obtain your consent for this where required under applicable law. If you wish to opt out of the use of your data in this way, unsubscribe through the link in any marketing message or contact us via the information above. We strive to honor your wishes concerning your personal data promptly, but you may continue to receive communications from us for a period of time.

Your European Rights

The European Union’s General Data Protection Regulation, including as it applies in the United Kingdom ("GDPR") and other countries’ privacy laws provide certain rights for data subjects who reside in Europe. More information is available on the website of the United Kingdom’s Information Commissioner’s Office. Your European rights include:

  • Request access to your personal data. You may have the right to request access to any personal data we hold about you as well as related information, including the purposes for processing the personal data, the recipients or categories of recipients with whom the personal data has been shared, where possible, the period for which the personal data will be stored, the source of the personal data, and the existence of any automated decision making.
  • Request correction of your personal data. You may have the right to obtain without undue delay the rectification of any inaccurate personal data we hold about you.
  • Request erasure of your personal data. You may have the right to request that personal data held about you is deleted.
  • Request restriction of processing your personal data. You may have the right to prevent or restrict processing of your personal data.
  • Request transfer of your personal data. You may have the right to request transfer of personal data directly to a third party where this is technically feasible. 

Where you believe that we have not complied with our obligations under this privacy policy or European data protection law, you have the right to make a complaint to the appropriate Data Protection Authority, such as the UK Information Commissioner’s Office. However, we would always ask that you contact us first using the contact details provided in the How to Contact Us section of this privacy policy, to allow us an opportunity to address your complaint. Some Data Protection Authorities may not take action unless you have first raised your complaint with us.

Your Californian Rights

Section 1798.83 of the California Civil Code requires select businesses to disclose policies relating to the sharing of certain categories of your personal data with third parties. If you reside in California and have provided your personal data to us, you may request information about our disclosures of certain categories of personal data to third parties for direct marketing purposes. To make such a request, please contact us using the contact details provided in the How to Contact Us section of this privacy policy.

Your Rights in Hong Kong

Hong Kong’s Personal Data (Privacy) Ordinance provides rights for data subjects in Hong Kong. More information is available on the website of the Privacy Commissioner for Personal Data, Hong Kong. Your rights in Hong Kong include the right to be informed by a data user whether it holds your personal data, the right to be provided with a copy of such data, and the right to obtain correction of any inaccurate personal data held about you.

Where you believe that we have not complied with our obligations under this privacy policy or Hong Kong data protection law, you may have the right to make a complaint to the Office of the Privacy Commissioner for Personal Data. However, we would always ask that you contact us first using the contact details provided in the How to Contact Us section of this privacy policy, to allow us an opportunity to address your complaint.

Your Rights under the Personal Information Protection Law of China (applicable if you are located in China)

The Personal Information Protection Law of China (PIPL) provides certain rights for data subjects who reside in China. Your rights under the PIPL include but not limited to:

  • Request access to your personal data and the right to copy your personal data. You may have the right to request access to any personal data we hold about you as well as related information and our processing rules, including the purposes for processing the personal data, the recipients or categories of recipients with whom the personal data has been shared, where possible, the period for which the personal data will be stored, the source of the personal data, and the existence of any automated decision making.
  • Request correction of your personal data. You may have the right to obtain without undue delay the rectification of any inaccurate personal data we hold about you.
  • Request erasure of your personal data. You may have the right to request that personal data held about you is deleted.
  • Request restriction of processing your personal data. You may have the right to prevent or restrict processing of your personal data.
  • Request transfer of your personal data. You may have the right to request transfer of personal data directly to a third party where this is technically feasible.

Where you believe that we have not complied with our obligations under this Privacy Policy or the PIPL, please contact us using the contact details provided in the How to Contact Us section of this Privacy Policy.

Global HQ

4155 West Taft Vineland Road
Orlando, FL 32837

Phone: +1 321-319-7600
Fax: +1 321-319-7690
E-mail: [email protected]

IAAPA Members Save!

Get your Business Growing with an IAAPA Membership! Discover new ways to improve performance, increase efficiency, and positively impact your bottom line.

Join Now

© 2024 International Association of Amusement Parks and Attractions (IAAPA). All Rights Reserved.