Privacy Policy

When you request an invitation, register for an event, or engage with us through our website, we collect only
the information necessary to serve you well:

• Your name and professional email address

• Your company name and job title

• Your phone number, if you choose to provide it

We also collect standard technical data automatically — your IP address, browser type, pages visited, and time
on site — through cookies and analytics tools. This helps us understand how people use our site and improve
the experience.

Your information serves four purposes — nothing more:

• Event coordination— Managing invitations, registrations, and follow-up for our executive gatherings

• Relevant communication— Sharing programme updates, research, and content
we believe is genuinely useful to you

• Relationship management— Maintaining accurate records in our CRM so we can serve you personally,
not generically

• Site improvement— Analysing aggregate usage patterns to make our website and content better

We will never use your data for purposes beyond these without your explicit consent.

We never sell, rent, or share your personal information for marketing or promotional purposes.Your mobile number and any consent you provide for text messaging are never shared with third-party marketers.

We work with a small number of trusted service providers who help us operate — CRM hosting, email delivery,
and event logistics. These providers:

• Process your information only on our behalf and under our instructions

• Are bound by contract to use your data solely for the purposes we specify

• Are selected for their own commitment to data protection

We will not disclose your personal information to anyone else unless we have your consent or are required
to do so by law.

We use cookies and web analytics to understand how visitors engage with our site — which pages are visited, how long people stay, and where traffic originates. This data helps us improve our content and your experience.

You can disable cookies in your browser settings at any time. Some site functionality may be reduced,
but we respect that choice completely.

We do not use tracking technologies for behavioural advertising or retargeting.

Your personal information is stored in secure, industry-standard systems with appropriate technical
and organisational safeguards against unauthorised access, alteration, disclosure, or destruction.

We retain your data for as long as our professional relationship is active, or as required by applicable law. Specifically:

• Active contacts— retained for the duration of our engagement, reviewed annually

• Event registrations— retained for 24 months after the event for follow-up and historical reference

• Inactive contacts— if you have not engaged with us for 36 months, your data is flagged for deletion unless
a legal obligation requires otherwise

No data transmission over the internet is completely secure. We implement rigorous protections,
but we are honest about that inherent limitation.

You have clear, enforceable rights over your personal information:

• Opt out— Unsubscribe from our communications at any time using the link in any email, or by contacting
us directly

• Access— Request a copy of the personal information we hold about you

• Correction— Ask us to update or correct inaccurate data

• Deletion— Request that we delete your personal information, subject to any legal retention obligations

• Withdrawal of consent— Withdraw your consent for future data use at any time, unless restricted by legal
or legitimate business obligations

To exercise any of these rights, contact us at support@thedatastorytellers.com. We respond to all requests within 30 days.

The Data Storytellers is operated by SJLP Holding Inc., a Canadian corporation. Our operations — including CRM hosting and service providers — may involve the storage or processing of your data outside of your country
of residence.

Where your data is transferred internationally, we ensure that appropriate safeguards are in place, consistent with the requirements of Canada'sPersonal Information Protection and Electronic Documents Act(PIPEDA)
and, where applicable, the EU General Data Protection Regulation (GDPR).

If you are based in the European Economic Area or the United Kingdom, we rely on adequacy decisions
and standard contractual clauses to protect your data when it is transferred outside of those jurisdictions.

This policy is governed by and compliant with Canada'sPersonal Information Protection and Electronic Documents Act(PIPEDA) and British Columbia'sPersonal Information Protection Act(PIPA).

For individuals in the European Economic Area or the United Kingdom, we also respect the rights and obligations set out under the General Data Protection Regulation (GDPR) and the UK GDPR respectively. Where GDPR applies, The Data Storytellers acts as the data controller.

For individuals in the United States, we comply with applicable state privacy laws, including the California Consumer Privacy Act (CCPA) where relevant.

Our site and services are designed for senior professionals. We do not knowingly collect information from anyone under the age of 16. If we become aware that we have, we will delete it promptly. Please contact us at support@thedatastorytellers.com if you believe this has occurred.

We may update this policy as our practices or legal obligations evolve. When we do, we will revise the date
at the top of this page. Material changes will be communicated directly to you where we hold your contact information.

Your continued use of the site after changes are posted constitutes acceptance of the revised policy.