Introduction
International Market Centers (“IMC”) is committed to respecting the privacy of the personal information of the individuals with whom we interact. We have developed this privacy statement to describe our privacy policies and practices and how we
collect, use and disclose the personal information of those individuals who visit our website for purposes of using our Exhibitor portal. We have developed other documents that describe our privacy policies and practices with respect to our
employees and with respect to our customers, suppliers and other parties with whom we interact.

What is Personal Information?
Personal information is any information about an identifiable individual, other than the person’s business title or business contact information, used or disclosed for the purpose of business communications. Sensitive personal information means
information granted special protections under the law. Examples of each type are:

  • Personal Information Sensitive Personal Information
  • Name Social Security Number
  • Home Address Passport Number
  • Image or Photo Driver’s License Number
  • Location Data Credit Card Number / Bank Account Number

What Personal Information Do We Collect?
You can visit our website and Exhibitor portal without telling us who you are or revealing any information about yourself, including your e-mail address. Our web server may collect information related to your visit to our website.

This information includes the IP address and domain used to access our website, the type and version of your browser, the website you came from to access our website, the page you entered and exited at, any website page viewed by that IP address
and, your country of origin. We use this information to monitor our website’s performance (such as number of visits, average time spent on the website, page views) and for our business purposes such as working to continually upgrade our website.

How Do We Use Cookies?
When you visit our website, we may place a “cookie” on the hard drive of your computer to track your visit. A cookie is a small data file transferred to your hard drive through your web browser. Only the website that placed the cookie on your hard
drive can read the data file. The cookie acts as an identification card that allows our website to identify you and to record your passwords and preferences. The cookie allows us to track your visit to the website; this allows us to understand your
use of our website and to customize and tailor the website to meet your needs.

Most web browsers are set to accept cookies. However, on most web browsers you may change this setting to have your web browser either: (1) notify you prior to a website placing a cookie on your hard drive so that you can decide whether or not to
accept the cookie; or (2) automatically prevent the placing of a cookie on your hard drive. Please note that access to a number of web pages found on the website is limited if cookies are not accepted

What about Links to other Websites?
Our website may contain links to other websites (such as Exhibitor websites) that may be subject to less stringent privacy standards. We cannot assume any responsibility for the privacy practices, policies or actions of the third parties that
operate these websites. IMC is not responsible for how such third parties collect, use or disclose your personal information. You should review the privacy policies of these websites before providing them with personal information.

Why Do We Collect, Use, and Disclose Personal Information?
We collect and disclose personal information only for our business purposes. This includes those purposes explained in this privacy statement and in our Company Privacy Policy and our Employee Privacy Policy.

We may share your personal information with our employees, contractors, consultants, affiliates and other parties who require such information to assist us with establishing, maintaining and managing our relationship with you. In some instances,
such parties may also provide certain information technology and data processing services to us so that we may operate our business. We may share personal information with such parties both in and outside of your home jurisdiction, and as result,
your personal information may be collected, used, processed, stored or disclosed in Canada, in the United States of America as well as internationally.

When we share personal information with such parties we require that they only use or disclose such personal information in a manner consistent with the use and disclosure provisions of this privacy statement.

In addition, we may disclose or transfer personal information to another party in the event of a change in ownership of, or a grant of a security interest in, all or a part of IMC. We may collect, use, or disclose your personal information without
your knowledge or consent where permitted to do so or, when required by applicable law or regulatory requirements.

Your Consent is Important to Us
When you use our website, we will ask you to give your express consent to the collection, use and disclosure of your personal information. This privacy statement, as well as our Company Privacy Policy, explains how we will protect your information.

You may change or withdraw your consent at any time, subject to applicable legal or contractual restrictions and reasonable notice, by contacting our Privacy Team in the manner described in our Company Privacy Policy. Further, you can ask to see
the personal information that we hold about you. For information on accessing your personal information, please see our Company Privacy Policy.

How is Your Personal Information Protected?
IMC maintains physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal information in question. We designed these safeguards to protect your personal information from loss and unauthorized access,
copying, use, modification or unauthorized disclosure. In the event of a breach, IMC will immediately contact the Beazley Group, our breach response partners, to initiate our breach response protocol including notification to all compromised
parties, credit monitoring services, if applicable, fraud resolution services, and ID protection services.

Unfortunately, there is no guaranty that data transmission over the Internet is 100% secure. As a result, while this website strives to protect your personal information, we cannot warrant the security of any information you transmit to us, and you
do so at your own risk. Once this website receives your transmission, we make commercially reasonable efforts to ensure its security on our systems.

How Long Do We Retain Your Information?
We will keep the information that you provide us for as long as is reasonably necessary to achieve the purpose for which you provided it to us, or to the extent necessary for us to protect our rights, or as required by applicable laws.

Do-Not-Track
We do not track our customers over time and across third party websites to provide targeted advertising and therefore do not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they
serve you content, which enables them to tailor what they present to you. If you are visiting such sites, you may be able to set the DNT signal on your browser so that third parties (particularly advertisers) know you do not want to be tracked.

Inquiries or Concerns?
For more information about our privacy policies, please visit our company website at www.imcenters.com, or contact our Privacy Team in the manner described in our Company Privacy Policy.

Interpretation of this Privacy Statement
Our Privacy Team determines any interpretations associated with this privacy statement. This privacy statement includes examples but is not intended to be restricted in its application to such examples, therefore where the word ‘including’ or
‘includes’ is used, it shall mean ‘including without limitation’.

This privacy statement applies to and governs the activities of IMC. All references herein to “IMC”, “we”, “us”, “our” and like terms should be interpreted accordingly.

IMC complies with the privacy legislation within each jurisdiction in which we operate. Sometimes the privacy legislation and / or an individual’s right to privacy are different from one jurisdiction to another. Should there be, in a specific case,
any inconsistency between this privacy statement and the applicable privacy laws, this privacy statement shall be interpreted, in respect to that case, to give effect to, and comply with, such privacy laws.

INTERNATIONAL MARKET CENTERS COMPANY PRIVACY POLICY
COMPANY MISSION
To serve as the center of commerce for the furniture, gift and home décor industries, bringing buyers and sellers from the global marketplace together in the most effective, efficient and compelling venues. Our company provides exhibitors with
unrivalled access to buyers and buyers with unparalleled access to resources. Through experience and exceptional service, the IMC team delivers Markets that create value and growth opportunities for our partners.

PRIVACY POLICY OBJECTIVE
Our goal is to maintain our customers’ trust by meeting legal obligations and achieving customers’ satisfaction around privacy in the jurisdictions where we operate. This Company Privacy Policy (“Privacy Policy”) outlines the principles that
employees, contractors and entities operating on our behalf (“Personnel”), must follow to respect privacy when dealing with Personal Information in their daily jobs.

SCOPE OF PRIVACY POLICY
IMC expects that all employees, temporary employees, consultants, and contractors (“Personnel”) of International Market Centers, its subsidiaries, and affiliate companies (“IMC” or the “Company”), will comply with this Privacy Policy. This Privacy
Policy applies to Personal Information about customers, partners, and vendors.

DEFINITIONS
“Personal Information or Personal Data”, means any information that relates to an individual if the individual is identified or reasonably identifiable. This includes names, email addresses, image, location data, online
identifiers, unique device ID, and in certain jurisdictions individual IP address, etc.

“Sensitive Personal Information” means information that is especially protected by the law, such as Social Security Number, Driver License Number, medical information, credit card data, ethnicity, political opinions, and religious
beliefs.

“Third Parties” includes entities, other than customers, with which we do business, for instance suppliers, vendors, and service providers.

“Processing” means any operation or set of operations which is performed on Personal Information or on sets of Personal Information, whether or not by automated means, such as collection, recording, organization, structuring,
storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

PRIVACY PRINCIPLES
1. Accountability:
We are responsible for the protection of the Personal Information entrusted to us. The Legal team provides privacy policies and guidelines as well as guidance and legal advice. The Human Resources team provides training, guidance, and support for
privacy to all employees, to ensure we always act in compliance with applicable privacy laws. Designated Department Advocates provide feedback about their departments’ collection and use of Personal Information and participate in defining strategic
privacy priorities for IMC, work with the Legal team to drive implementation of policies and guidelines within their departments, and they act as company sponsors of privacy awareness initiatives. Everybody is responsible for the protection of
privacy at IMC and is expected to: (1) become familiar and comply with privacy and data security policies and procedures, (2) take the privacy training sessions made available to them, and (3) collaborate with their Designated Department Advocate
and with the Legal team as required to implement this policy.

2. Transparency and Control:
We inform customers when we collect their personal data and we honor their preferences for contacting them. Every IMC website, including those operated by Third Parties on our behalf, should display a link to our Web Privacy Statement. If our
products and services collect or process Personal Information, we should create product documentation to assist our customers in determining the privacy impact of adopting our products and to support their compliance with their obligations around
data privacy. When collecting Personal Information to use for marketing purposes, we should provide options for opt-in or opt-out as required by applicable laws. Direct marketing to customers and partners must include a do-not-market or unsubscribe
option. Any database used for marketing purposes should record opt-out and unsubscribe activity. Third Parties that conduct marketing activities on our behalf or in collaboration with us should follow our written guidelines and should comply with
our policies, including this Privacy Policy, and with applicable laws.

We are compliant with General Data Protection Regulations (GDPR). GDPR mandates certain rights for European Nation Countries (“EU Countries”) and as such, we provide our customers with the right:

(1) To consent to, or withdraw consent to providing Personal Information,

(2) To remove or erase Personal Information previously provided or consented to,

(3) To “data portability”; a customer may elect to have their Personal Information transferred to a different electronic processing system without being deterred from doing so and,

(4) To notice of a data breach involving their Personal Information.

3. Third Party Information Processing:
We choose trustworthy vendors and suppliers to process our Personal Information and we ask them to commit to adequate privacy and data security standards. We require our partners to commit to privacy policies and standards that we consider
adequate. The Legal team and the Information Technology team determine privacy and data security policies and standards applicable in our relationships with vendors and suppliers. When choosing a vendor or supplier, we should conduct a Third Party
interview that will establish whether the Third Party can satisfy our standards or industry best practice around privacy and data security standards. Every contract with vendors and suppliers that process Personal Information for IMC, or on our
behalf, should include a clause regarding privacy and data security protections approved by the Legal team. The Legal team must review and approve any changes to our pre-approved privacy and data security language. Before sharing Personal
Information with any of our partners, we ensure that adequate privacy terms are in place.

4. Privacy by Design:
We apply privacy requirements and the principles of our Company Privacy Policy, Employee Privacy Policy and Web Privacy Statement when designing our products and services and when implementing new technologies internally. The Designated Department Advocates work with the Legal team to determine whether new products or services within their respective departments will have an impact on current privacy practices and policies. The Legal team provides guidance to the Designated Department Advocates on applicable privacy requirements for such new products or services. IMC’s departments are responsible for tracking and documenting collection and use of Personal Information elements collected by the department in the ordinary course of business so that we can inform our customers and partners as appropriate. We track and document how we process Personal Information, in order to support our customers’ compliance with their privacy obligations. The Information Technology team involves the Legal team for a risk-based privacy impact assessment, when adopting, configuring, or implementing applications and tools that process Personal Information.

5. Data Integrity and Data Proportionality:
We collect Personal Information to use it for specific and legitimate business purposes. We collect what we need to get the job done, we keep it accurate and we retain it only as long as needed for its purpose. We process Personal Information to
facilitate IMC’s Mission, and for internal business operational purposes only. For each category of Personal Information, we define and document the purpose for which we collect and use it. If the Personal Information has no impact on the
functionality of our products and services, we provide customers with the option to limit the Personal Information collected or shared with us. Designated Department Advocates are responsible for enforcing the governance and compliance standards
for data retention and data integrity within their specific departments.

6. Customer Benefit and Value:
We share with our customers the benefits and value we derive from processing their Personal Information. Whenever compatible with security best practices and with the functionality of our products and services, we provide customers with the ability
to access their Personal Information collected by our products or on our website.

7. Security:
We implement technical, organizational, and physical security measures to ensure an appropriate level of security of the Personal Information we process. The Information Technology team determines and manages data security policies and standards
for the protection of Personal Information. We grant access to Personal Information on a “business need-to-know” principle and with the lowest possible access privilege. The Information Technology team recommends and adopts data security best
practices, such as encryption and, together with the Legal team, provides guidance on data classification policies and standards. Employees are responsible for reporting incidents or violations of data security policies to the Information
Technology and Legal teams as follows:

Legal Team:
Neil Patton
General Counsel
240 Peachtree Street
NW Suite 2200
Atlanta, GA 30303
Phone: 404-220-2020
Email: npatton@americasmart.com

Information Technology Team:
Thomas Williams
IT
209 S. Main Street
14th Floor
High Point, NC 27260
Phone: 336-888-3700
Email: twilliams@imcenters.com

POLICY MAINTENANCE AND TRAINING
This Privacy Policy is subject to review as needed on a periodic basis.

IMC may change or edit the Company Privacy Policy at any time without prior notice, or otherwise in accordance with applicable law. We will post and send notice of any changes to appropriate management for distribution to all Personnel.

All Personnel and other affected parties are responsible for reviewing and maintaining ongoing compliance with this Privacy Policy. Please direct any questions to the Legal Team.

Compliance with this Privacy Policy is mandatory for all Personnel. IMC will provide appropriate training on the various aspects of the Privacy Policy to all departments based on priority and relevance. The Human Resources department will train
new-hires on the Privacy Policy during the on-boarding process. Additional training on the Privacy Policy and privacy requirements is available by contacting the Privacy Team.

DISCIPLINARY ACTION
Individuals found to be in violation of the Privacy Policy are subject to disciplinary action up to, and including termination, in accordance with applicable law. Failure to report known violations of the Privacy Policy is a violation of the
Privacy Policy.