Data Protection Policy

Associated Organizations

U.S. Special Operations Command (USSOCOM) and the Global SOF Foundation (GSOF) jointly sponsor SOF Week 2025. 

GSOF contracts Clarion Events to execute many SOF Week services, including registrant vetting. Clarion and GSOF are Joint Independent Data Controllers, and by registering for this event, you accept that your data will be shared with both parties. Your registration data is also shared with Cvent, the registration vendor, as SOF Week’s assigned data processor. 

We take your privacy seriously. By registering for this event, the aforementioned organizations will use your information based on our legitimate interests to contact you about this event and its future editions. We will only ever use the information we collect or receive about you in accordance with our Clarion Privacy Policy or GSOF Privacy Policy.  

Please note that all USSOCOM Enterprise personnel data collected during registration will be obfuscated within 30 days of the event’s conclusion. 

How Your Information Will Be Used

REGISTRATION & VETTING: Your data will be collected to ensure the legitimacy, safety, and appropriateness of your attendance at SOF Week. Required information for registration includes, but is not limited to:

  • Full name
  • Business email address
  • Country of citizenship
  • Phone number
  • Passport-style Headshot Photo*: Please note, this photo will auto-populate as your profile photo in the SOF Week Mobile App, but can be modified in the App upon login
  • Scan or photograph of a government-issued ID*

* USSOCOM Enterprise personnel will not be required to upload a photo or ID.

The information will be stored and available to the registrant to review via the SOF Week registration portal, which is also part of the Cvent software suite. 

EVENT COMMUNICATION: Registrants agree to receive information about the event via emails from Cvent, which may include:

  • Registration confirmation emails
  • Event reminders
  • Opportunities at the event
  • Emergency information

For additional SOF Week communications, registrants are encouraged to stay updated via the SOF Week website.

ATTENDEE BADGE: By completing registration, you agree that your approved data will be printed on your SOF Week Attendee Badge, which must be worn at all times in SOF Week event spaces during event hours. Those fields include:

  • Rank / Prefix
  • First and Last Name
  • Company / Organization
  • Registration Type
  • Country of Citizenship

An attendee badge must not be tampered with, including but not limited to alteration or changing of data, removal or blocking of bar codes or QR codes, etc. Doing so may be grounds for removal from SOF Week. 

LEAD CAPTURE: All attendee badges will contain a QR code that can be scanned by Exhibitor “Lead Capture” devices. Codes will only be scanned with attendee consent.

If you consent to the scan of your badge by an exhibitor Lead Capture Device, the below data will be transferred via a report to the exhibitor that includes, but is not limited to:

  • Rank / Prefix
  • First and Last Name
  • Title
  • Company / Organization
  • Registration Type
  • Country of Citizenship
  • Email Address
  • Work Location (City, State, Zip Code, Country)

SOF WEEK MOBILE APP: The SOF Week Mobile App is provided by the registration vendor, Cvent. 

The App requires two-step verification, which means you must either: (1) have access on your phone to the email account that you used to register or (2) provide a mobile phone number during the registration process. 

The App features an Attendee Listing, which will include those SOF Week Attendees that consent to being included.

If consent is provided, attendees agree to:

  • PHOTO: Use of their submitted photo from the verification process as their primary profile in the App. This can be changed upon sign-in.
  • MEETINGS: Other attendees using the App may reach out to request messaging opportunities or meetings.
  • COMMUNICATION: Emails, messages, or in-App notifications containing relevant communications from the App.
Data Security

All registration, profile, and behavioral data captured, recorded & managed pre-event, during, and post-event remains wholly owned by Clarion and GSOF. The data is processed by Cvent as its assigned data processor. 

ID data is held until completion of 30 days from the event and then permanently deleted from the database, and any mirrors.

Cvent is certified on PCI DSS Level 1 and SOC2 Type II. Copies of SOC2 and PCI AO can be provided for more details about overall data and access security controls.

All data is submitted securely online using the Cvent web-based platform and hosted/stored in its databases. Both web applications and the database reside in Cvent’s AWS East Coast region and are backed up in the Disaster Recovery site in AWS West Coast. Access to the data is restricted to authorized individuals only through multi-factor authentication. Access is logged and reviewed via an SIEM tool. 

Cvent adheres to NIST Cyber Security Standards in addition to the following regulatory standards, including but not limited to: PCI DSS, SOC1 Type II, SOC2 Type II, ISO 27001, ISO 27701, GDPR, and CSA STAR level 1. Cvent’s platform provides dedicated fields that are encrypted at both the disk level and the field level for certain PII such as SSN, passport number, passwords, and Credit Card numbers. All data remains encrypted at the disk level.

Questions or Concerns

In the event that you wish to issue a question or comment about this policy, please contact sofweek@gsof.org.