Request Demo
Submit RFP

Global Solutions

Madison Recognition

Employee rewards and engagement
Madison Travel

Incentive travel experiences

Company

About

History

Careers

Contact Us

Knowledge Center

mBlog

Case Studies

Destinations

Infographics

Performance Perspectives

Press & Media

Travel Journal

Webinar

White Papers

Pioneering Excellence

Madison is a global leader in employee recognition and incentives, pioneering digital programs since 1995. As an employee-owned company, we deliver recognition, events, and incentive travel solutions that strengthen culture and drive results.

Learn More
employee traveling
Travel Journal
What Actually Drives a Successful Incentive Travel Program After 20 Years in the Field
Incentive travel has never been about the destination. That may sound surprising in an industry that...
employees working together
Travel Journal
Sustainability Without Operational Discipline Is Just Messaging
Sustainability is now standard language in meetings and incentive travel. RFPs reference ESG commitments....
Lake Tahoe
Travel Journal
Planning a Corporate Retreat in the U.S.? Here’s Why South Lake Tahoe Belongs on Your List
South Lake Tahoe isn’t your typical meeting destination. Nestled where California and Nevada meet, this...

Services

Event Design

Event Sourcing

Event Marketing

Event Transportation

Budget Management

Housing & Registration

Events

Conferences

Gifting & Amenities

Incentive Travel

Product Launch

Sales Meetings

Trade Shows

Warehouse Dashes

VIP Experiences

Destinations

London

Scotland

Jumby Bay

South Africa

Explore All

Madison Performance Group Privacy Notice

Effective on: June 18, 2026

Introduction and Scope

488 Performance Group Inc. d/b/a Madison Performance Group (“Madison”, “we”, “us”, “our”) takes the protection of personally identifiable information (“Personal Information”) very seriously. This Privacy Notice (the “Notice”) addresses data subjects whose Personal Information we may process on behalf of our customers in the course of providing, implementing, and supporting our Maestro web application, including our merchandise catalog (collectively, the “Services”). This Notice does not apply to Personal Information we collect by other means, such as Personal Information that we receive directly through our marketing website(s) or the Personal Information of our employees.

Controllership

Madison acts as an agent, also known as a data processor, for the Personal Information we process for our customers when providing our Services. This means that our customers determine the type of Personal Information they provide for us to process on their behalf. We typically have no direct relationship with the individuals whose Personal Information we receive from our customers.

Purpose of Processing

We process Personal Information for the purposes of:

(1) Contact with customers

  • Responding to inquiries about products and services
  • Visiting customers, sending catalogs, contacting customers by telephone or e-mail, or providing product and service information
  • Collecting and managing receivables

(2) Contact with partner companies

  • Managing liabilities, including the payment thereof

(3) Other purposes

  • Analyzing the status of access to the Company’s website or improving the said website
  • Responding to complaints or inquiries, etc. to the Company about matters that do not fall under (1) through (2).

When the purposes of processing are satisfied, we will delete such PII within one (1) year. 

Basis of Processing

Within the scope of this Notice, we process Personal Information based on the instructions of our customers.

How We Receive Personal Information 

We may receive your Personal Information when:

  • you provide it directly to us as part of using our Services;
  • our customers (including their employees, contractors, and other representatives of the company) provide it to us; or
  • our service providers provide it to us.

Categories of Personal Information

We may process the following types of Personal Information:

  • Log-in information, such as username and password;
  • Profile information;
  • Contact information, such as email address and postal address;
  • Professional information, such as employer company and position; and
  • Shipping information.

Data Retention

We retain Personal Information for as long as instructed by the respective customer (who typically acts as a data controller). We delete the Personal Information submitted to us within six (6) months of the end of our service agreement with the customer, unless applicable laws or the specific agreement with that customer require otherwise.

Sharing Personal Information with Third Parties

We may share Personal Information with our service providers, who process Personal Information on our behalf, and who agree to use the Personal Information only to assist us in providing our Services or as required by law. Our service providers may provide:

  • Internet hosting services;
  • cloud storage services;
  • call center services; and
  • merchandise vendor services.

Some of these third parties may be located outside of the United States. However, before transferring your Personal Information to these third parties, we will either ask for your explicit consent or require the third party to maintain at least the same level of privacy and security for your Personal Information that we do. We remain liable for the protection of your Personal Information within the scope of our Data Protection Framework  certification that we transfer to third parties, except to the extent that we are not responsible for the event that leads to any unauthorized or improper processing.

Other Disclosure of Your Personal Information

We may disclose your Personal Information to the extent required by law, or if we have a good-faith belief that we need to disclose it in order to comply with official investigations or legal proceedings (whether initiated by governmental/law enforcement officials, or private parties). We may also disclose your Personal Information if we sell or transfer all or some of our company’s business interests, assets, or both, or in connection with a corporate restructuring. Finally, we may disclose your Personal Information to our subsidiaries or affiliates, but only if necessary for business purposes, as described in the section above.

We reserve the right to use, transfer, sell, and share aggregated, anonymous data for any legal business purpose. Such data does not include any Personal Information. The purposes may include analyzing usage trends or seeking compatible advertisers, sponsors, and customers.

If we have to disclose your Personal Information to governmental/law enforcement officials, we may not be able to ensure that those officials will maintain the privacy and security of your Personal Information.

Cookies

A “cookie” is a small file stored on your device that contains information about your device. We may use cookies to provide basic relevant ads, website functionality, authentication (session management), usage analytics (web analytics), and to remember your settings, and generally improve our websites and Services.

We use session and persistent cookies. Session cookies are deleted when you close your browser. Persistent cookies may remain even after you close your browser but always have an expiration date. Most of the cookies placed on your device through our Services are first-party cookies, since they are placed directly by us.

If you would prefer not to accept cookies, you can change the setup of your browser to reject all or some cookies. Note, if you reject certain cookies, you may not be able to use all of our Services’ features. For more information, please visit https://www.aboutcookies.org/.

You may also set your browser to send a Do Not Track (DNT) signal. For more information, please visit https://allaboutdnt.com/. Please note that our Services do not have the capability to respond to “Do Not Track” signals received from web browsers.

Data Integrity & Security

We have implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect Personal Information from unauthorized processing. This includes unauthorized access, disclosure, alteration, or destruction.

Access & Review

If we process your Personal Information, you may have the right to request access to (or to update, correct, or delete) such Personal Information.

If we have received your Personal Information in reliance on the Data Protection, you may also have the right to opt out of having your Personal Information shared with third parties and to revoke your consent to our sharing your Personal Information with third parties. You may also have the right to opt out if your Personal Information is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you subsequently authorized. To submit these requests or raise any other questions, please contact us by using the information in the “Contact Us” section below.

EU-U.S., UK Extension, and Swiss-U.S. Data Privacy

Frameworks
Madison complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Madison has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Information received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  Madison has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this Privacy Notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  

To learn more about the Data Privacy Framework (DPF) program and to view our certification, please visit https://www.dataprivacyframework.gov/.

Dispute Resolution

Where a privacy complaint or dispute cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework (DPF) Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://verasafe.com/privacy-solutions/data-privacy-framework-dispute-resolution-program/ 

Binding Arbitration

If your dispute or complaint can’t be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you under the Data Protection Framework’s  “Recourse, Enforcement and Liability Principle” and Annex I of the Data Protection Framework.

U.S. Regulatory Oversight

Madison is subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).

Changes to this  Notice

If we make any material change to this Notice, we will post the revised Notice to this web page. We will also update the “Effective” date. By continuing to use our Services after we post any of these changes, you accept the terms within the modified Notice.

Contact Us

If you have any questions about this Notice or our processing of your Personal Information, please write to our Privacy Department by email at privacy-madison@madisonpg.com or by postal mail at:

Privacy Department

Madison Performance Group
315 Madison Avenue, Suite 4056
New York, NY 10017
USA

Please allow up to four (4) weeks for us to reply.

European Union Representative

We have appointed VeraSafe as our representative in the EU for data protection matters. While you may also contact us, VeraSafe can be contacted on matters related to the processing of Personal Information. To contact VeraSafe, please use this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative/ or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:

VeraSafe Ireland Ltd
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland

VeraSafe Netherlands BV
Keizersgracht 555
1017 DR Amsterdam
The Netherlands    

VeraSafe Czech Republic s.r.o.
Rohanské nábřeží 678/23
Prague 8, 18600
Czech Republic
Databox ID: eicpabq

Data Protection Officer

We have appointed VeraSafe as our Data Protection Officer (DPO). While you may contact us directly, VeraSafe can also be contacted on matters related to the processing of Personal Information. VeraSafe’s contact details are:

VeraSafe

100 M Street S.E., Suite 600
Washington D.C., 20003
USA

Email: experts@verasafe.com

Web: https://www.verasafe.com/about-verasafe/contact-us/