shifthappens

Privacy Policy

AvePoint, Inc., including its wholly owned (directly and indirectly) subsidiaries (hereinafter “AvePoint”) is committed to protecting the privacy and security of the personal information of our customers, employees and third parties.

This Privacy Notice highlights how AvePoint uses the information collected through its websites, apps, services and technology solutions.

1. Information We Collect

1.1 Summary

AvePoint collects many kinds of information in order to operate effectively and provide you the best experiences we can. We collect information when you register or request updates. We also may get information from other companies. We collect this information in a variety of ways, including from web forms, technologies like cookies, web logging and software on your computer or other device.

We use information submitted through our websites or collected through email or hard copy surveys to analyze the characteristics of our customers and improve our services. Occasionally, we will provide anonymized aggregated statistics about our customers in reports made available to our customers, to third parties, or to the public. These reports will not identify individual AvePoint customers.

If you register for the shifthappens Conference or request email updates, we will collect your name, email address, phone number, and additional company information. We use this information to contact you about the conference. We will also send information to you regarding upcoming AvePoint events, webinars, and relevant privacy related news and alerts. You may unsubscribe from these communications at any time by clicking on the unsubscribe link provided in the email.

AvePoint receives and processes information (in paper and electronic form) in accordance with its clients’ instructions for the purpose of providing services to its customers. At AvePoint, we recognize the importance of privacy to our customers and we strive to safeguard any personal information we receive and may need to use in support of our customers.

We respect each individual's right to personal privacy. We will collect and use information we receive directly from you only in the ways disclosed in this Privacy Policy. This policy does not apply to practices that AvePoint does not own or control, or to individuals that AvePoint does not employ or manage. AvePoint (including its controlled U.S. subsidiaries) adheres to the set of data protection principles developed by the United States Department of Commerce (DOC), in collaboration with the European Commission, which produced the U.S.-European Union Privacy Shield Framework Documents. AvePoint further adheres to the Swiss-U.S. Privacy Shield Framework. The privacy principles in this policy are based on these Privacy Shield principles (“Privacy Shield Principles”) and are further articulated in the AvePoint Privacy Shield Policy (“Privacy Shield Policy”) available at https://www.avepoint.com/company/privacy-shield-policy/ that sets out the privacy principles to which AvePoint adheres, including as it relates to personal information transferred from the European Union (“EU”) and/or Switzerland to the United States (“U.S.”). AvePoint has certified to the DOC that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

This published Privacy Policy and the Privacy Shield Policy are accurate, comprehensive, prominently displayed, completely implemented, accessible and conform to the Privacy Shield Principles. In addition, we provide appropriate employee training (and discipline) and have internal procedures for periodically conducting objective reviews of our compliance with the Privacy Shield Principles. A statement verifying the self-assessment is signed by a corporate officer or other authorized representative of the organization annually.

1.2 Full text

AvePoint collects many kinds of information in order to operate effectively and provide you the best experiences we can. Some of this information you provide directly to us. Some of it we get by observing how you interact with our products and services. Some of it is available from other sources that we may combine with the data we collect directly. Regardless of the source, we believe it's important to treat that information with care and to help you maintain your privacy.

What we collect:

- Registration
When you sign up for the shifthappens Conference you may be required to provide information about yourself, such as your name, birthdate, organization name, e-mail and postal address and postal code.

- Using our sites and services
We collect information that tells us how you interact with our services, including the browser you're using, your IP address, location, cookies or other unique IDs, the pages you visit and features you use.

- Data from other sources
We may get additional information about you, such as demographic data we purchase from other companies.

How we collect:

We use a number of methods and technologies to gather information about how you use our sites and services, such as:

- Web forms, such as when you type information into a registration form or type a search query into a search box.

- Technologies like cookies and web beacons (Please visit Section 2 of this Privacy Policy page to learn more about these technologies).

- Web logging, which enables us to collect the standard information your browser sends to every web site you visit - such as your IP address, browser type and language, and the site you came from - as well as the pages you visit and the links you click while using our sites and services.

- Software installed on your computer or other device, which may send back information needed to operate, update or improve that software.

Customer Data:

AvePoint receives and processes information (in paper and electronic form) in accordance with its clients’ instructions for the purpose of providing services to its customers. At AvePoint, we recognize the importance of privacy to our customers and we strive to safeguard any personal information we receive and may need to use in support of our customers.

AvePoint Customer Information

Customer Information is information we collect from you when you purchase and contract with us to attend the shifthappens Conference. We will ask you to provide the following information:

  • • Email address;
  • • Phone number;
  • • Information regarding your role within your company;
  • • Company information, including company name, address, billing information (e.g., P.O. number, bank wire information, credit card number), and company size; and

2. Cookies & Similar Technologies

2.1 Summary

Most AvePoint web sites use "cookies," small pieces of data that can be read by a web server in the same domain that put the cookie on your hard drive. We may use cookies to help us retrieve your preferences and settings; help with sign-in; to combat fraud; and analyze site operations.

We also use web beacons to help deliver cookies and compile analytics. These may include third-party web beacons, which are prohibited from collecting your personal information.

You have a variety of tools to control cookies and similar technologies, including:

  • • Browser controls to block and delete cookies; and
  • • Controls from some analytics providers to opt out of data collection in web beacons.

2.2 Full text

2.2.1 Our Use of Cookies

Most AvePoint web sites use “cookies,” which are small pieces of data sent to your browser by a web server. Upon subsequent requests, your browser will send the cookie data to the same web server, or other web servers in the same domain, when accessing the web site. Cookies contain data that can be read by a web server in the domain that issued the cookie to you. That data often consists of a string of numbers and letters that uniquely identifies your computer, but may contain other information as well. Here is an example of a unique ID number stored in a cookie that AvePoint might place on your device when you visit one of our web sites: 0aj17be34l7srju0qcdnftigt0

We may use cookies for:

- Site Analytics
We may use cookies to count the number of unique visitors to a web page or service or to develop other aggregate statistics about the operations of our sites and services. These analytics help us operate and improve the performance of these sites and services.

In addition to the cookies AvePoint may set when you visit our web sites, third parties may also set certain cookies on your device when you visit AvePoint sites. In some cases, that is because we have hired the third party to provide certain services on our behalf, such as site analytics. In other cases, it is because our web pages contain content or ads from third parties, such as videos, news content or ads delivered by other ad networks. Because your browser connects to those third parties’ web servers to retrieve that content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services.

2.2.2 How to Control Cookies

- Browser Controls to Block Cookies.
Most web browsers automatically accept cookies, but you can usually modify your browser setting to block cookies. Instructions for blocking cookies in different browsers are usually available at each browser’s privacy statement or in their help files or settings pages.

Please be aware that if you choose to block cookies, you may not be able to sign in or use other interactive features of AvePoint sites and services that depend on cookies.

- Browser Controls to Delete Cookies
If you accept cookies, you can delete them later. Instructions for deleting cookies in different browsers are usually available at each browser’s privacy statement or in their help files or settings pages.

Please be aware that if you choose to delete cookies, any settings and preferences controlled by those cookies will be deleted and may need to be recreated.

- Browser Controls for “Do Not Track” and Tracking Protection
Some newer browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the web sites you visit indicating that you do not wish to be tracked. Those sites (or the third party content on those sites) may continue to engage in activities you might view as tracking even though you have expressed this preference, depending on the sites’ privacy practices. Because there is not yet a common understanding of how to interpret the DNT signal, AvePoint does not currently respond to the browser DNT signals on its own websites or online services, or on third-party websites or online services where AvePoint provides content or is otherwise able to collect information.

2.2.3 Our Use of Web Beacons

AvePoint web pages may contain electronic images known as web beacons - sometimes called singlepixel gifs - that may be used to help deliver cookies on our sites, let us count users who have visited those pages and deliver co-branded services. We may include web beacons in our promotional e-mail messages or newsletters to determine whether messages have been opened and acted upon.

Finally, AvePoint sites may contain web beacons from third parties to help us compile aggregated statistics regarding the effectiveness of our promotional campaigns or other web site operations. These web beacons may allow the third parties to set or read a cookie on your computer. These companies may collect information about your online activities across websites or online servers, however, we prohibit third parties from using web beacons on our sites to collect or access your personal information. You may be able to opt out from data collection or use by these third-party analytics companies by opting out on their respective web sites.

2.2.4 Other Similar Technologies

In addition to standard cookies and web beacons, web sites can use other technologies to store and read data files on your computer. This may be done to maintain your preferences or to improve speed and performance by storing certain files locally. But, like standard cookies, it can also be used to store a unique identifier for your computer, which can then be used to track behavior. These technologies include Local Shared Objects (or "Flash cookies"), HTML5 Local Storage and Silverlight Application Storage.

- Local Shared Objects or "Flash cookies"
Web sites that use Adobe Flash technologies may use Local Shared Objects or "Flash cookies" to store data on your computer. Note that the ability to clear Flash cookies may or may not be controlled by your browser setting for standard cookies as that may vary by browser. To manage or block Flash cookies, go to the appropriate settings page, currently to be found at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html.

- Silverlight Application Storage Web sites or applications that use Microsoft Silverlight technology also have the ability to store data by using Silverlight Application Storage. To learn how to manage or block such storage, visit the Silverlight Privacy Statement.

3. How We Use Your Personal Information

3.1 Summary

AvePoint uses the information we collect to operate, improve and personalize the products and services we offer as well as provide the best experience possible for the shifthappens Conference.

Customer Information will be used to provide updates on the shifthappens Conference.

We also may use the information to communicate with you, for example, informing you about your account and security updates.

And we may use the information to help make the ads you see on our ad-supported services more relevant.

3.2 Full text

AvePoint uses the information we collect to operate, improve and personalize the products and services we offer. Information collected through one AvePoint service may be combined with information collected through other AvePoint services to give you a more consistent and personalized experience in your interactions with us. We may also supplement this with information from other companies. For example, we may use services from other companies to help us derive a general geographic area based on your IP address in order to customize certain services to your geographic area.

We also may use the information to communicate with you, for example, informing you when a subscription is ending, letting you know when updates are available or letting you know when you need to take action to keep your account active. We may also use the information, if the law allows it or if we have your express permission to do so, to contact you for sales or marketing purposes.

We will use your Customer Information to:

  • • Provide the services and access to the shifthappens Conference tickets you have purchased;
  • • Provide customer support. While providing you with customer support we may also gather additional information from you to investigate technical issues, and respond to your support questions;
  • • Communicate regularly with you about your AvePoint events and other industry or privacy-related news, and other AvePoint services we believe may be of interest to you. You may opt-out of receiving emails regarding AvePoint events and other AvePoint services by clicking unsubscribe link provided in the email. You will continue to receive notices regarding AvePoint software and technical services you purchased, and privacy-related updates such as notification of new or changes to existing privacy regulations

4. Reasons We Share Your Personal Information

4.1 Summary

Except as described in this privacy statement, we won’t disclose your personal information to a third party without your consent.

Please see Other Important Privacy Information for details about when we may disclose information, including with AvePoint affiliates and vendors; when required by law or to respond to legal process; to combat fraud or protect our interest; or to protect lives.

4.2 Full text

Except as described in this privacy statement, we won’t disclose your personal information to a third party without your consent. Contexts and situations where we may disclose your personal data without your consent are:

  • • Within AvePoint affiliates and subsidiaries
  • • As part of a merger or sale of a business
  • • With vendors and agents of AvePoint
  • • When required by law or to respond to legal process or lawful requests, including from law enforcement or other government agencies or other public authorities, including to meet national security or law enforcement requirements
  • • When required to combat fraud or protect our interests
  • • To protect life and safety

Please also refer to section 11.2.2 to learn more about why and with whom we share or disclose personal information.

5. Accessing Your Personal Information

5.1 Summary

Some AvePoint services may give you the ability to view or edit your personal information online. To help prevent others from viewing your personal information, you first might be required to sign in. How you can access your personal information will depend on which sites or services you have used.

5.2 Full text

Each AvePoint web site may provide you with links to access, correct or delete your personal data. You can also contact AvePoint by using a provided contact form on the web site or by contacting the office of the General Counsel (see below for contact details). We will respond to requests to access or delete your personal information within 30 days.

Accessing and Updating your Personal Information

To review and update your personally identifying information to ensure it is accurate, contact us vial email: privacy@avepoint.com

AvePoint will make commercially reasonable efforts to provide you reasonable access to any of your personal information we maintain within 30 days of your access request. We provide this access so you can review, make corrections, or request deletion of your data. If we cannot honor your request within the 30-day period, we will tell you when we will be able to provide access. In the unlikely event that we cannot provide you access to this information, we will explain why we cannot do so.

6. Children

6.1 Summary

When an AvePoint site or service collects age information, it will block users under 16 or obtain consent from a parent or guardian before their child can use it.

When consent is granted, the child's account is treated much like any other account, including being able to communicate with other users.

Parents can change or revoke consent as described in this privacy statement.

6.2 Full text

When an AvePoint site or service collects age information, it will either block users under 16 or will ask them to provide consent from a parent or guardian before they can use it. We will not knowingly ask children under 16 to provide more information than is necessary to provide the service.

When consent is granted, the child's account is treated much like any other account. The child may have access to communication services like e-mail, instant messaging and online message boards and may be able to communicate freely with other users of all ages.

6.3 Full Text

Parents can change or revoke the consent choices previously made, and review, edit or request the deletion of their children's personal information by using the contact form on the web site.

7. Communication Preferences

7.1 Summary

You can stop the delivery of future promotional e-mail from AvePoint sites and services by following the specific instructions in the e-mail you receive. Depending on the respective service, you may also have the option of proactively making choices about the receipt of promotional e-mail, telephone calls, and postal mail for particular AvePoint sites or services.

7.2 Full text

If you receive promotional e-mails from us and would like to stop getting them in the future, you can do so by following the directions in that message.

Depending on the respective service, you may also have the option of proactively making choices about the receipt of promotional e-mail, telephone calls, and postal mail from particular AvePoint sites or services by visiting and signing into the following pages:

These choices do not apply to the receipt of mandatory service communications that are considered part of certain AvePoint services, which you may receive periodically unless you cancel the service.

8. International Users - Applicable Law

8.1 Summary

Your personal information may be transferred to the United States or other countries. AvePoint transfers information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research and surveys.

8.2 Full text

Please note that the personal information you submit to us may be transferred to the United States and other countries to be processed by us in order to provide this Web Site, our technology solutions and services to you or for such other purposes as set forth in this Policy. AvePoint transfers information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research and surveys.

AvePoint has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield program, and to view AvePoint’s certification, please visit https://www.privacyshield.gov/.

9. Support Data

9.1 Summary

Support Data is the information we collect when you submit a support request or run an automated troubleshooter, including information about hardware, software, and other details related to the support incident, such as: contact or authentication information, chat session personalization, information about the condition of the machine and the application from when the fault occurred and during diagnostics, system and registry data about software installations and hardware configurations, and error-tracking files. We use Support Data as described in this privacy statement, and additionally use it to resolve your support incident and for training purposes.

9.2 Full text

Support Data is the information we collect when you submit a support request or run an automated troubleshooter, including information about hardware, software, and other details related to the support incident, such as: contact or authentication information, chat session personalization, information about the condition of the machine and the application from when the fault occurred and during diagnostics, system and registry data about software installations and hardware configurations, and error- tracking files. We use Support Data as described in this privacy statement, and additionally use it to resolve your support incident and for training purposes.

Support may be provided through phone, e-mail, or online chat. We may use Remote Access (RA), with your permission, to temporarily navigate your desktop. Phone conversations, online chat sessions, or Remote Access sessions with support professionals may be recorded and/or monitored. For RA, you may also access the recording after your session For Online Chat or RA, you may end a session at any time of your choosing.

Following a support incident, we may send you a survey about your experience and offerings. You must opt-out of support surveys separately from other communications provided by AvePoint, by contacting Support or through the e-mail footer.

To review and edit your personal information collected through our support services, please contact us by using our Web form.

Some business customers may purchase enhanced support offerings. These offerings are covered by their own contract terms and notices.

10. Payment Data

10.1 Summary

Payment Data is the information that you provide when you make purchases. This may include your payment instrument number (e.g., credit card, PayPal), your name and billing address, and the security code associated with your payment instrument (e.g., the CSV or CVV). This section provides additional information regarding the collection and use of your payment information.

10.2 Full text

Payment Data is the information that you provide when you make purchases. This may include your payment instrument number (e.g., credit card, PayPal), your name and billing address, and the security code associated with your payment instrument (e.g., the CSV or CVV). This section provides additional information regarding the collection and use of your payment information.

Payment Data is used to complete your transaction, as well as for the detection and prevention of fraud. In support of these uses, AvePoint may share your Payment Data with banks and other entities that process payment transactions or other financial services, and for fraud prevention and credit risk reduction.

When you provide Payment Data to us, we may store that data to help you complete future transactions.

You may remove the payment instrument information associated with your organizational account by contacting us. After you close your account or remove a payment instrument, however, AvePoint may retain your payment instrument data for as long as reasonably necessary to complete your existing transaction, to comply with AvePoint’s legal and reporting requirements, and for the detection and prevention of fraud.

11. Other Important Privacy Information

11.1 Summary

Learn more about

  • • Why and with whom we share or disclose personal information
  • • Protecting the security of personal information
  • • Where we store and process information
  • • Changes to our privacy statements
  • • How to Contact Us

11.2 Full text

Below you will find additional privacy information you may find important. Much of this describes practices that are common across the industry, but we want make sure you are aware of them. Please keep in mind that this information is not a complete description of our practices - this is all in addition to the other, more specific information contained elsewhere in this privacy statement.

11.2.1 On this page:

  • • Sharing or Disclosing Personal Information
  • • Protecting the Security of Personal Information
  • • Where Information is Stored and Processed
  • • Changes to Our Privacy Statements
  • • How to Contact Us

11.2.2 Sharing or Disclosing Personal Information

AvePoint transfers information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research and surveys. In addition to any sharing described above in this privacy statement, AvePoint may share or disclose personal information:

- With other AvePoint controlled subsidiaries and affiliates.

- As part of a corporate transaction such as a merger or sale of assets.

- With vendors or agents. Specifically, we may share it with companies we've hired to provide services on our behalf. Examples of these services include analyzing data, providing marketing assistance, and processing credit card payments. When we share information with these other companies to provide services for us, they are not allowed to use it for any other purpose and must keep it confidential.

We also may share or disclose personal information, including the content of your communications:

- To comply with the law or respond to legal process or lawful requests, including from law enforcement and government agencies or other public authorities, including to meet national security or law enforcement requirements.

- To protect the rights or property of AvePoint or our customers, including enforcing the terms governing your use of the services.

- To act on a good faith belief that access or disclosure is necessary to protect the personal safety of AvePoint employees, customers or the public.

Please note that our sites may include links to third-party sites whose privacy practices may differ from those of AvePoint. If you submit personal information to any of those sites, your information is governed by the privacy statements on those sites. We encourage you to review the privacy statement of any site you visit.

11.2.3 Protecting the Security of Personal Information

AvePoint is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure. For example, we store the personal information you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential information (such as a credit card number or password) over the Internet, we protect it through the use of encryption, such as the Transport Layer Security (TLS) or Secure Socket Layer (SSL) protocols.

If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Do not share it. If you are sharing a computer, you should always log out before leaving a site or service to protect access to your information from subsequent users.

11.2.4 Where Information is Stored and Processed

Personal information collected on AvePoint sites and services may be stored and processed in the United States or any other country where AvePoint or its affiliates, subsidiaries or service providers maintain facilities. We take steps to ensure that the data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located.

AvePoint may retain your personal information for a variety of reasons, such as to comply with our legal obligations, resolve disputes, enforce our agreements, and as long as necessary to provide services. To learn how to access your personal information, visit Accessing Your Information.

11.2.5 Changes to Our Privacy Statements

We will occasionally update our privacy statements to reflect customer feedback and changes in our services. When we post changes to a statement, we will revise the "last updated" date at the top of the statement. If there are material changes to the statement or in how AvePoint will use your personal information, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review the privacy statements for the products and services you use to learn how AvePoint is protecting your information.

11.2.6 How to Contact Us

- If you have a technical or general support question, please visit https://www.avepoint.com/ to learn more about AvePoint Support offerings.

- If you have a general privacy question, or a question with regards to this Privacy Policy, please contact AvePoint’s Office of the General Counsel.

• By mail: AvePoint, Inc., River Front Plaza, West Tower, 901 East Byrd Street, Suite 900, Richmond, VA, Attn: General Counsel

• By e-Mail: privacy@avepoint.com

- If you are a resident of the EEA and have an unresolved privacy or personal information collection, use, or disclosure concern that we have not addressed satisfactorily, please contact the EU Data Protection Authorities. If you are a resident of Switzerland and have this concern, please contact the Swiss Federal Data Protection and Information Commissioner. In connection with its self-certification under the Privacy Shield, AvePoint commits to cooperate with the panel established by the EU Data Protection Authorities and comply with the advice given by the panel with regard to personal information transferred from the EU. AvePoint also commits to cooperate with and comply with the advice of the Commissioner with regard to personal information transferred from Switzerland. This is provided at no cost to you.

- For more information on how to contact the EU Data Protection Authorities, visti http://ec.europa.eu/justice/dataprotection/article-29/structure/data-protectionauthorities/index_en.htm.

- For more information on how to contact the Swiss Federal Data Protection and Information Commissioner, visit https://www.edoeb.admin.ch/edoeb/en/home/thefdpic/task.html.

- If you have any complaint regarding AvePoint’s use or disclosure of information, you may also use the dispute resolution mechanisms set out in the section “Dispute Resolution” in the Privacy Shield Policy under https://www.avepoint.com/company/privacy-shield-policy/.

- Under certain conditions, more fully described on the Privacy Shield website (https://www.privacyshield.gov/article?id=Howto-Submit-a-Complaint), you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Accessing and Updating your Personal Information

- To review and update your personally identifying information to ensure it is accurate, contact us vial email: privacy@avepoint.com

- AvePoint will make commercially reasonable efforts to provide you reasonable access to any of your personal information we maintain within 30 days of your access request. We provide this access so you can review, make corrections, or request deletion of your data. If we cannot honor your request within the 30-day period, we will tell you when we will be able to provide access. In the unlikely event that we cannot provide you access to this information, we will explain why we cannot do so.

To find the AvePoint subsidiary in your country or region, see https://www.avepoint.com/about/contact/.

12. Government and Military Attendance

In offering free attendance to the #shifthappens Conference to Government and Military personnel, AvePoint makes no representations or warranties whatsoever to such personnel pertaining to this offer’s conformity and compliance with any state, federal, or independent agency regulations governing the standards of ethical conduct of government and military personnel and their compliance with all applicable regulations, including Code of Federal Regulations Part 2635 – Standards of Ethical Conduct for Employees of the Executive Branch, and any agency supplemental regulations that modify or supplement 5 C.F.R part 2635. AvePoint strongly encourages all government and military personnel to consult their applicable ethics office and agency designee prior to accepting free tickets to this event. AvePoint and its affiliates will not be liable for any damages, losses, or causes of action of any nature arising from accepting this offer of free attendance without proper consultation and permission being obtained by the prospective attendee from his or her applicable ethics official or agency designee.