Privacy Notice 

NextGen M&A — Global Series

Last updated: 23 June 2026

1. Introduction 

This policy sets out how we collect, process and hold your personal data when you use our website, sign up for our events, subscribe to our newsletter, register your interest in partnering with us, or otherwise provide personal data to us. We are SiSo Technologies LLC-FZ ("SiSo", "we", "us", "our"), a company registered in the United Arab Emirates, which operates the NextGen M&A website and LinkedIn community and organises the NextGen M&A event series globally. We are the data controller of your personal data.

This policy affects your legal rights and obligations so please read it carefully. If you have any questions, please contact us at [email protected]. 

2. Personal Data We Collect 

We collect personal data from you in a number of contexts:

Event registration. When you register for, or request an invitation to, a NextGen M&A event, we collect your first name, last name, job title, company name, and email address. We may also collect personal data that you give to us about other people if you register them to attend an event on their behalf. By doing so, you confirm that you have notified that person of this Privacy Notice and, where necessary, obtained their consent for us to process their personal data in accordance with this policy.

Where you choose to provide them, we also collect dietary requirements and accessibility needs. This information may constitute special category personal data under applicable law. We collect it solely to make appropriate arrangements at the event, and it will be shared only with the relevant venue or catering provider for that purpose, on the basis of your explicit consent. This data will be deleted within 30 days of the event. If you do not wish to provide this information, you are not required to do so.

Newsletter subscription. When you sign up to stay up to date with news and events from NextGen M&A, we collect your full name and email address.

Partner enquiries. When you enquire about partnering with us, or get in touch about bringing NextGen M&A to your city or region, we collect the contact details and any information you choose to provide — typically your name, business email address, company or organisation name, and the content of your enquiry.

Correspondence. If you contact us by email or other means with a question, comment, or request, we may keep a record of that correspondence.

Website usage data. When you visit our website, we and our service providers automatically collect certain technical data through cookies and similar technologies, as described in section 10 (Cookies). This may include your IP address, device and browser information, and information about how you interact with our pages.

All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraudulent activity, we will record this.

3. How We Use Your Personal Data 

Events. We use your personal data to confirm your attendance, manage the invite list, send you event logistics and materials, and facilitate on-the-day registration. We may also use it to send you post-event materials such as session summaries or resources discussed at the event. The lawful basis for this processing is our legitimate interest in organising and running the event.

Event photography and recordings. We may take photographs, and occasionally audio or video recordings, at our events for use in event materials and in our marketing – including post-event recaps, summaries, our website, and our social media channels (such as LinkedIn). These images may include identifiable attendees. We do this on the basis of our legitimate interests in documenting and promoting our events. If you would prefer not to be photographed, or you would like us to remove an image of you from our materials, please let us know at the event or contact us at [email protected] and we will take reasonable steps to accommodate your request.

Newsletter. Where you have subscribed to our newsletter, we use your name and email address to send you news, updates, and information about upcoming NextGen M&A events and related content. The lawful basis for this processing is your consent, which you give by subscribing. You can withdraw your consent and unsubscribe at any time by clicking the unsubscribe link in any email or by contacting us at [email protected].

Partner enquiries. Where you enquire about a partnership or about bringing an event to your city, we use your personal data to respond to your enquiry, evaluate and discuss the proposed partnership, and where relevant progress it towards an agreement. The lawful basis for this processing is our legitimate interests in responding to and developing business relationships, and, where we enter into discussions or an agreement with you, taking steps at your request prior to entering into a contract.

General correspondence and website operation. We use the personal data in your correspondence to respond to you, and we use website usage data to operate, secure, and improve our website and registration pages. The lawful basis is our legitimate interests in running our website and communicating with people who contact us, and, in respect of non-essential cookies, your consent (see section 10).

Sharing with partners and providers. We may share your name, job title, email address, and company name with our event partners and sponsors for event administration purposes, for post-event follow-up communications reasonably connected to the event on

the basis of legitimate interests, and, where you have given your consent, we share your name, job title, company name and email address with our event partners so that they may contact you directly to market their own services, events and related content as independent controllers. Our event partners are the organisations (such as law firms, advisers and insurers) with whom we deliver the NextGen M&A events identified on the relevant event registration page. Each partner is responsible for its own communications and for honouring any request you make to it to stop. We may also share your personal data with our technology and service providers — such as our website host, email and newsletter platforms, and CRM systems — who process data on our behalf under data processing agreements, and with local co-organisers in the jurisdiction where an event takes place, who are bound by equivalent data protection obligations. We do not sell your personal data to any third party.

Marketing. We and our event partners may send you post-event materials — such as event recaps, session summaries, and content packs — on the basis of our legitimate interests in following up on the event. This is distinct from marketing and does not require separate consent, though you may object to it at any time. Where you have subscribed to our newsletter or otherwise consented, we may also send you future marketing communications about events, services, news and related content from SiSo. Separately, where you have given your consent, our event partners may contact you directly to market their own services, events and related content. We collect these consents via separate, optional opt-in tick boxes, so that you may consent to hearing from SiSo, from our partners, both, or neither. Withdrawing your consent to SiSo marketing does not automatically stop communications from a partner you have separately consented to; to stop those, please contact the relevant partner or us. You can withdraw your consent and unsubscribe at any time by clicking the unsubscribe link in any email or by contacting us at [email protected].

You have an absolute right to object to the use of your personal data for direct marketing purposes at any time, and where you do so we will stop using your data for those purposes. Where we rely on legitimate interests as a lawful basis (including for event administration and post-event follow-up), we have carried out a legitimate interests assessment balancing our interests against your rights and freedoms, and we have concluded that our use of your data is proportionate and does not override those rights. You may request further information about that assessment, or object to processing based on legitimate interests, by contacting us at [email protected].

Legal and regulatory. We may also use your personal data to comply with our legal and regulatory obligations, for audit purposes, and to enforce any agreements between us. Under certain circumstances we may be required to disclose your personal data under applicable laws or regulations, for example to protect the rights, property, or safety of a third party.

4. Retention 

We retain your personal data for as long as necessary for the purposes described. Event registration and contact data is generally retained for up to 24 months following the event.

Dietary and accessibility data is deleted promptly after the event, and in any event within 30 days. If you have subscribed to our newsletter or otherwise consented to receive marketing communications, we retain your data for that purpose until you withdraw consent or unsubscribe. Partner enquiry data is retained for the duration of our discussions and, where a partnership proceeds, for the life of the relationship plus any period required to meet our legal and accounting obligations; where a partnership does not proceed, we retain it for up to 24 months. Event partners who receive your data are required to handle and delete it in accordance with equivalent standards.

5. Security 

We shall process your personal data in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical and organisational measures. All information you provide to us is stored on secure servers and transmitted using encrypted connections where applicable.

Where you have chosen a password to access any part of our services, you are responsible for keeping it confidential. However, you acknowledge that no system can be completely secure. We therefore cannot guarantee that your personal data will always remain completely secure, but we will notify you without undue delay if we become aware of a breach that is likely to affect your rights and freedoms.

6. Children's Data

Our website, events, newsletter, and partnership activities are intended for professionals working in the M&A and related sectors, and are not directed at children. We do not knowingly collect personal data from anyone under the age of 18. If you believe that we have inadvertently collected personal data relating to a child, please contact us at [email protected] and we will take appropriate steps to delete it.

7. Your Rights 

You have the right to obtain from us a copy of the personal data that we hold about you, and to require us to correct errors in that data if it is inaccurate or incomplete. You also have the right at any time to require that we delete your personal data, restrict or object to its processing, or receive it in a portable format. Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal. Where processing is based on our legitimate interests, you have the right to object to that processing.

To exercise any of these rights, please contact us at [email protected]. We will respond within the timeframe required by applicable law. You also have the right to raise a complaint with the relevant data protection authority in your jurisdiction. Before responding to a request, we may need to take reasonable steps to verify your identity to ensure that personal data is not disclosed to anyone who has no right to receive it.

8. Applicable Law

SiSo Technologies LLC-FZ is registered in the United Arab Emirates. The processing of personal data by SiSo is governed by UAE data protection law, including Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data. Where we collect personal data from individuals located in the UK or EU, we apply the standards of UK GDPR and EU GDPR respectively. Where events take place in other jurisdictions, we also comply with applicable local data protection laws. Regardless of where you are located, we apply the same core standards of fairness, transparency, and security to the handling of your personal data.

9. International Data Transfers

SiSo is based in the UAE. When you register for an event, subscribe to our newsletter, or otherwise provide personal data to us, your personal data may be transferred to and processed in the UAE or other countries where our service providers operate. Where we transfer personal data internationally, we ensure that appropriate safeguards are in place in accordance with applicable law, including where required the use of Standard Contractual Clauses or equivalent transfer mechanisms.

10. Cookies

A cookie is a small text file placed on your device when you visit a website. We use cookies on our website and event registration pages for two purposes: strictly necessary cookies that are required for the pages to function correctly and to recognise returning visitors, and analytics cookies that help us understand how our pages are used.

Strictly necessary cookies do not require your consent. When you first visit our website, we present a cookie banner that allows you to accept all cookies or reject non-essential ones. We only set analytics and other non-essential cookies — including those used by Google Analytics or similar tools — after you have given your consent through that banner. You can change or withdraw your consent at any time via the cookie banner or your browser settings.

Information collected through analytics tools is used on an anonymous, aggregated basis to help us improve our website, events, and registration experience.

Most browsers are set to accept cookies by default. You can also change your browser settings to notify you when a cookie is placed, or to refuse cookies altogether. Please note that refusing non-essential cookies, or refusing cookies altogether, may affect the functionality of our website and registration pages.

11. Third-Party Links

Our website, event registration pages, and communications may contain links to third-party websites, including our LinkedIn group and the sites of our event partners and sponsors. Once you leave our pages via such a link, this Privacy Notice no longer applies. We have no control over, and are not responsible for, the privacy practices or content of those third-party sites. We encourage you to review the privacy policy of any site you visit. In particular, your use of the NextGen M&A LinkedIn group is governed by LinkedIn's own terms and privacy policy.

12. Changes to This Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or applicable law. Any material changes will be communicated via our website or the relevant event registration page. The "Last updated" date at the top of this document reflects the most recent version.

13. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Notice or the way we handle your personal data, please contact us at [email protected] or visit www.sisotechnologies.com.

© 2026 NextGen M&A

© 2026 NextGen M&A