Curious to hear more about how you all are handling GDPR documentation with tradeshows. Are you relying on their contracts as a data processing agreement? Or are you asking them to sign your DPA? Our InfoSec team wants each show vendor to sign a DPA (including those not in EU, in case people from the EU are in attendance), and the vendors are pushing back on this, saying that their regular contract is sufficient. I'm not sure how other businesses are handling this and would love to see how this is going for other members of the Marketing Nation!