PRIVACY POLICY | Vision Bridge - Real Estate Forum 2026.

1. Introduction

This Privacy Policy explains how Pro-Events global LTD (“we,” “our,” or “us”) collects, uses, stores, shares, and protects your personal data in connection with the Vision Bridge event and the website.

Vision Bridge is a strategic platform connecting global investors with Saudi Arabia’s real estate opportunities through curated engagement, structured meetings, and long-term investment facilitation. The event takes place on September 8–10, 2026, at ExCeL London, London, United Kingdom.

This policy applies to all individuals who interact with our Website or register for any aspect of the event, including sponsors, exhibitors, investors, conference delegates, exhibition visitors, speakers, and institutional partners or delegations.

We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Saudi Personal Data Protection Law (PDPL).

2. Who We Are (Data Controller)

The data controller responsible for your personal data is:

Company Name: Pro-Events global LTD

Company Number: 17068646 (Registered in England and Wales)

Registered Office: England and Wales

Date of Incorporation: 3 March 2026

Email: info@visionbridge.sa

Website: https://visionbridge.sa/

In connection with the delivery of Vision Bridge, we work alongside our affiliated entity in the Kingdom of Saudi Arabia:

Saudi Entity: شركة الفعالیات الاحترافیه لتنظیم المعارض والمؤتمرات - Company Events Professional forOrganising Exhibitions and Conferences

Commercial Registration: 1010283478

Registered in: Riyadh, Kingdom of Saudi Arabia

Pro-Events global LTD remains the sole data controller for the purposes of this Privacy Policy. Our Saudi affiliate may process personal data on our behalf as a data processor or in accordance with a data sharing arrangement, subject to appropriate safeguards.

If a Data Protection Officer (DPO) is appointed, their contact details will be published on the Website and updated in this policy

3. What Data We Collect

We may collect and process the following categories of personal data depending on the nature of your registration or interaction with us:

Identity and Contact Data
- Full name
- Email address
- Phone number
- Nationality
- Passport details (where applicable for visa facilitation or event access)
Professional and Business Data
- Company name
- Job title and role
- Business details and sector of activity
- Investment interests and preferences
Financial Data
- Payment information (processed through secure third-party payment processors)
Communication and Preference Data
- Marketing and communication preferences
- Correspondence records (emails, inquiries, support requests)
Technical Data
- IP address, browser type and version, operating system
- Cookies and similar tracking technologies (see Section 10)
- Pages visited, time spent, and browsing behaviour on the Website
Event-Specific Data
- Registration type (Sponsor, Exhibitor, Investor, Delegate, Visitor, Speaker, Institutional Partner)
- Session attendance and meeting schedules
- Dietary requirements or accessibility needs (if voluntarily provided)

4. How We Use Your Data

We process your personal data for the following purposes:

Event Registration and Management: To process your registration, confirm attendance, issue badges, and manage event logistics.
Investor and Business Matching: To facilitate structured meetings and connect you with relevant opportunities, sponsors, exhibitors, and partners.
Communication: To send you event-related updates, confirmations, schedules, and post-event follow-ups.
Marketing: To send you promotional communications about future events, opportunities, and services, subject to your consent or legitimate interest.
Payment Processing: To process event-related fees securely through third-party payment providers.
Legal and Regulatory Compliance: To fulfil our legal obligations under applicable laws, including anti-money laundering, sanctions screening, and regulatory reporting.
Website Improvement: To analyse usage patterns and improve the functionality and user experience of the Website.
Security: To protect the safety and security of the event, our Website, and participants.

5. Legal Basis for Processing

Under the UK GDPR, we rely on the following lawful bases for processing your personal data:

Consent: Where you have provided explicit consent, such as opting in to marketing communications or providing special category data (e.g., dietary requirements).

Performance of a Contract: Where processing is necessary to fulfil our contractual obligations to you, such as processing your event registration or sponsorship agreement.

Legitimate Interest: Where processing is necessary for our legitimate business interests, provided these interests do not override your fundamental rights. This includes business matching, event networking facilitation, and analytics.

Legal Obligation: Where processing is required to comply with applicable laws and regulations.

Under the Saudi PDPL, we process personal data based on consent or where processing is necessary for the purposes of a legitimate interest, the performance of a contract, or compliance with a legal obligation, as applicable.

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

Event Partners, Sponsors, and Exhibitors: Your professional profile information (name, company, job title, and investment interests) may be shared with event sponsors, exhibitors, and partners to facilitate business matching and networking. This sharing is conducted on the basis of your consent at the point of registration or our legitimate interest in delivering the event’s core services.

Affiliate Entities: Our Saudi affiliate (شركة الفعالیات الاحترافیه لتنظیم المعارض والمؤتمرات , CR: 1010283478) may receive and process personal data for event coordination, logistics, and investor engagement purposes within the Kingdom of Saudi Arabia, subject to appropriate data processing agreements and safeguards.

Service Providers: Third-party service providers who assist us with event management, IT infrastructure, payment processing, email communications, website hosting, and analytics. These providers process data on our behalf under contractual obligations that ensure adequate data protection.

Government and Regulatory Authorities: Where required by law, regulation, or legal process, we may disclose your data to relevant government authorities in the United Kingdom, the Kingdom of Saudi Arabia, or other jurisdictions as applicable.

Venue Operators: ExCeL London may require attendee data for security, access control, and health and safety purposes.

Professional Advisors: Legal, accounting, and compliance advisors engaged by us who are bound by professional confidentiality obligations.

We do not sell your personal data to any third party.

7. International Data Transfers

Given the international nature of Vision Bridge, your personal data may be transferred between the United Kingdom and the Kingdom of Saudi Arabia, as well as to other jurisdictions where our service providers or partners operate.

Data transfers between Pro-Events global LTD (UK) and our Saudi affiliate are governed by appropriate data processing agreements incorporating adequate safeguards.

For transfers from the United Kingdom, we ensure that appropriate safeguards are in place in accordance with the UK GDPR, including:

Transfers to countries with an adequacy decision by the UK Secretary of State.
Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO).
Binding Corporate Rules, where applicable.
Your explicit consent, where necessary and appropriate

For data processed or transferred within or to the Kingdom of Saudi Arabia, we comply with the cross-border transfer provisions of the Saudi PDPL, including ensuring an adequate level of protection and, where required, obtaining the approval of the competent authority.

8. Data Retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, regulatory, accounting, or reporting requirements.

Our general retention periods are as follows:

Event registration data: retained for up to 3 years following the event to facilitate follow-up communications, reporting, and future event invitations.
Financial and transactional records: retained for 7 years in accordance with applicable financial and tax regulations.
Marketing communication records: retained until you withdraw your consent or opt out.
Website analytics data: anonymised or deleted within 26 months.

When personal data is no longer required, we will securely delete or anonymise it.

9. Your Rights

Rights Under the UK GDPR

As a data subject under the UK GDPR, you have the following rights:
- Right of Access: To obtain confirmation of whether we process your data and to request a copy of that data.
- Right to Rectification: To request correction of inaccurate or incomplete data.
- Right to Erasure: To request deletion of your data in certain circumstances.
- Right to Restrict Processing: To request that we limit the processing of your data in certain circumstances.
- Right to Data Portability: To receive your data in a structured, commonly used, machine-readable format.
- Right to Object: To object to processing based on legitimate interests or for direct marketing purposes.
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
- Right to Lodge a Complaint: You have the right to file a complaint with the UK Information Commissioner’s Office (ICO) at https://ico.org.uk/.
Rights Under the Saudi PDPL

If you are a data subject under the Saudi PDPL, you have the following rights:
- Right to be informed about the purpose of data collection and processing.
- Right to access your personal data held by us.
- Right to request correction of inaccurate data.
- Right to request destruction of your data when it is no longer needed.
- Right to withdraw your consent at any time.
- Right to lodge a complaint with the Saudi Data and Artificial Intelligence Authority (SDAIA).

To exercise any of these rights, please contact us at info@visionbridge.sa. We will respond to your request within the timeframes required by applicable law (generally within 30 days under UK GDPR).

10. Cookies and Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyse website traffic, and personalise content.

Types of Cookies We Use
- Essential Cookies: Necessary for the Website to function properly. These cannot be disabled.
- Analytics Cookies: Help us understand how visitors interact with the Website by collecting anonymised data (e.g., Google Analytics).
- Functional Cookies: Remember your preferences and settings to improve your experience.
- Marketing Cookies: Used to deliver relevant advertisements and track the effectiveness of marketing campaigns.
Managing Cookies

When you first visit the Website, you will be presented with a cookie consent banner. You can manage your cookie preferences at any time through your browser settings or through the cookie management tool on the Website. Please note that disabling certain cookies may affect the functionality of the Website.

11. Data Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit using SSL/TLS protocols.
Secure access controls and authentication mechanisms.
Regular security assessments and vulnerability testing.
Restricted access to personal data on a need-to-know basis.
Secure third-party payment processing compliant with PCI-DSS standards.

While we take all reasonable steps to protect your data, no method of electronic transmission or storage is completely secure. We encourage you to use strong passwords and exercise caution when sharing personal information online.

12. Third-Party Links

Our Website may contain links to third-party websites, including those of our sponsors, exhibitors, partners, and service providers. We are not responsible for the privacy practices or content of these external websites. We encourage you to review the privacy policies of any third-party websites before providing your personal data.

13. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or operational needs. When we make material changes, we will notify you by posting the updated policy on the Website with a revised “Last Updated” date. We encourage you to review this policy periodically.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Data Controller: Pro-Events global LTD

Company Number: 17068646

Email info@visionbridge.sa

Website https://visionbridge.sa/

For complaints related to UK data protection,
you may also contact the Information Commissioner’s Office (ICO):

Website https://ico.org.uk/

Helpline +44 303 123 1113

For complaints related to Saudi data protection,
you may contact the Saudi Data and Artificial Intelligence Authority (SDAIA):

Website https://sdaia.gov.sa/