Free Word download • Edit online • Save & share with Drive • Export to PDF
A Thanks For Visiting Our Exhibit letter is a formal post-event communication sent by an exhibiting company to individuals who visited their booth or display at a trade show, conference, or exhibition. It does more than express gratitude — it creates a documented record of the interaction, discloses how the visitor's contact information was collected and will be used, confirms any consent given for follow-up marketing communications, and establishes the specific next steps in the business relationship. In jurisdictions governed by GDPR, CASL, or the CAN-SPAM Act, the letter also functions as the required privacy notice that must accompany any data collected at a live event before follow-up marketing commences.
Without a structured exhibit follow-up letter, your trade show investment loses most of its value at the door. Badge scan data sitting in a spreadsheet without a documented follow-up process is not a lead pipeline — it is a liability. Sending an unstructured mass email to event contacts without disclosing your data collection method or providing an opt-out exposes your business to regulatory action under GDPR (fines up to 4% of global annual revenue), CASL (up to CAD $10 million per violation), and US state privacy laws. Beyond compliance, a personalized letter sent within 72 hours of an event — referencing the specific conversation, confirming what materials were shared, and committing to a concrete next step — converts warm event contacts into active sales conversations at a meaningfully higher rate than a generic follow-up blast. This template gives you the structure to do both: meet your legal obligations and turn exhibit visitors into customers.
| If your situation is… | Use this template |
|---|---|
| Following up with a warm lead who expressed strong purchase intent at the booth | Sales Follow-Up Letter |
| Confirming a product demonstration scheduled during the event | Meeting Confirmation Letter |
| Sending a formal product or service proposal after initial exhibit contact | Business Proposal |
| Capturing exhibit visitor data under a formal NDA before sharing proprietary information | Non-Disclosure Agreement |
| Following up with a corporate buyer who requested a formal quotation | Price Quotation Letter |
| Converting an exhibit contact into a signed distribution or partnership agreement | Distribution Agreement |
| Thanking an event organizer or sponsor rather than a visitor | Thank You Letter (Business) |
Why it matters: A letter that does not reference the specific conversation, product discussed, or materials shared signals to the recipient that it is generic spam — reducing open rates and increasing opt-out and spam complaints.
Fix: Use merge fields or CRM segmentation to insert at minimum the visitor's name, employer, and a one-sentence reference to what was discussed at the booth before sending.
Why it matters: Sending marketing communications to EU residents without a disclosed lawful basis and a functional opt-out violates GDPR and can result in fines of up to 4% of global annual revenue. CASL violations carry penalties of up to CAD $10 million per violation.
Fix: Include the data collection disclosure, opt-out mechanism, and privacy rights notice in every letter sent to recipients in the EU, UK, or Canada — regardless of whether the event was held in those jurisdictions.
Why it matters: Language like 'we will be in touch soon' creates no enforceable obligation and no expectation in the recipient's mind, effectively ending the conversation.
Fix: State a specific action and a specific date — 'We will send you a formal proposal by [DATE]' — and assign an internal owner to ensure delivery.
Why it matters: Without an express confidentiality clause, pricing or product roadmap information shared at a trade show is treated as public information — a departing visitor may share it with your competitors or post it publicly.
Fix: Activate the confidentiality clause whenever non-public pricing, pre-release specifications, or strategic roadmap information was shared at the exhibit, and reference it explicitly in the follow-up letter.
Why it matters: A letter signed 'ACME' instead of 'Acme Technologies Inc.' is not traceable to a legal entity — the recipient cannot verify who contacted them, which undermines trust and creates a compliance gap for opt-out and data access requests.
Fix: Always include the company's full registered legal name, registered address, and the signatory's full name and title in the closing block.
Why it matters: Visitor recall of booth interactions drops sharply after 72 hours. A letter sent two weeks after the event feels like a cold outreach rather than a warm follow-up, significantly reducing conversion.
Fix: Establish a post-event SOP requiring all follow-up letters to be drafted, personalized, and sent within 48–72 hours of the event's closing day.
In plain language: Identifies the exhibiting company and the specific visitor being contacted, including the event name, date, and location.
This letter is sent by [COMPANY NAME], [ADDRESS], on behalf of its representative [REP NAME AND TITLE], to [VISITOR FULL NAME], [VISITOR TITLE], [VISITOR COMPANY], [VISITOR ADDRESS], following your visit to our exhibit at [EVENT NAME], held [EVENT DATE(S)], [EVENT VENUE], [CITY, COUNTRY].
Common mistake: Using only first names or nicknames from a badge scan without confirming the visitor's full legal name and employer — creating ambiguity about which individual or entity you are addressing.
In plain language: Opens the letter with a specific, non-generic thank-you that references what was discussed at the exhibit, establishing context for the follow-up.
Thank you for taking the time to visit the [COMPANY NAME] exhibit at [EVENT NAME] on [DATE]. We appreciated the opportunity to discuss [SPECIFIC PRODUCT / SERVICE / TOPIC] with you and your team.
Common mistake: Writing a generic 'thank you for stopping by' without referencing the specific conversation — which signals a mass-blast email and reduces the recipient's likelihood of engaging.
In plain language: Documents which products, services, or proposals were presented or discussed at the exhibit, creating a shared record of the interaction.
During your visit, we presented [PRODUCT/SERVICE NAME], including [KEY FEATURE OR BENEFIT]. We also provided [BROCHURE / SAMPLE / DEMONSTRATION] covering [SPECIFIC TOPIC]. A summary of the materials shared is enclosed.
Common mistake: Omitting any reference to what was discussed — leaving the letter legally thin and giving the recipient no memory-jogger of the interaction if they received materials from dozens of exhibitors.
In plain language: Discloses how the visitor's contact information was collected, what it will be used for, and confirms that the recipient has the right to withdraw consent at any time.
Your contact information was collected at the [COMPANY NAME] exhibit on [DATE] via [BADGE SCAN / SIGN-IN SHEET / BUSINESS CARD EXCHANGE]. This data will be used to send you information about [COMPANY NAME]'s products and services. You may withdraw consent at any time by contacting [PRIVACY CONTACT EMAIL] or by using the opt-out link below.
Common mistake: Skipping this clause entirely on the assumption that a badge scan at a trade show constitutes blanket consent. Under GDPR and CASL, the purpose of data use must be disclosed at or before collection — and confirmed in the follow-up.
In plain language: States the type and frequency of future communications the visitor will receive, and provides a clear, functional mechanism to opt out.
By responding to this letter or any linked digital form without opting out, you confirm your interest in receiving [EMAIL NEWSLETTERS / PRODUCT UPDATES / PROMOTIONAL OFFERS] from [COMPANY NAME]. To unsubscribe from all future communications, click [OPT-OUT LINK] or reply with 'UNSUBSCRIBE' in the subject line.
Common mistake: Burying the opt-out mechanism in small print at the bottom of the letter without making it clearly accessible — a violation of CAN-SPAM and CASL that can result in regulatory penalties.
In plain language: Documents any specific next steps promised at the exhibit — a proposal, a demo, a follow-up call — and commits to a timeline for delivery.
As discussed, [COMPANY NAME] will [SEND A FORMAL PROPOSAL / SCHEDULE A PRODUCT DEMONSTRATION / ARRANGE A CALL] by [DATE]. To confirm your availability, please contact [CONTACT NAME] at [EMAIL / PHONE] no later than [DATE].
Common mistake: Vague language like 'we'll be in touch soon' with no specific commitment — which is unenforceable and signals poor follow-through, reducing conversion rates and exposing the company to accusations of misleading prospects.
In plain language: Addresses any proprietary product details, pricing, or roadmap information shared at the exhibit, and the basis on which the visitor agrees to treat it as confidential.
Any proprietary technical information, pricing, or product roadmap details shared by [COMPANY NAME] representatives during the exhibit are shared in confidence and may not be disclosed to third parties without [COMPANY NAME]'s prior written consent.
Common mistake: Sharing unreleased product specs or non-public pricing at a trade show without any confidentiality notice — leaving the company with no basis to prevent a visitor from sharing that information with competitors.
In plain language: Clarifies that the letter and any exhibit materials constitute general marketing information and do not constitute a binding offer, warranty, or guarantee.
The information provided during the exhibit and in this letter is for general informational purposes only. It does not constitute a binding offer, warranty, or representation. Any product specifications, pricing, or availability are subject to change without notice.
Common mistake: Failing to include a disclaimer when exhibit staff have made verbal representations about pricing or delivery timelines that differ from current product documentation — creating the basis for a misrepresentation claim.
In plain language: Informs the recipient of their rights regarding their personal data — including the right to access, correct, or request deletion of their information — and how to exercise those rights.
Under applicable privacy law, you have the right to access, correct, or request deletion of the personal data [COMPANY NAME] holds about you. To exercise these rights, contact our Privacy Officer at [PRIVACY EMAIL] or [POSTAL ADDRESS]. We will respond within [30] days.
Common mistake: Omitting the data subject rights notice entirely for correspondence sent to EU or Canadian residents — a direct GDPR and PIPEDA compliance gap that can trigger regulatory investigation.
In plain language: Closes the letter with the full name, title, and signature of the authorized company representative, along with the company's legal name and registered address.
Yours sincerely, [AUTHORIZED REPRESENTATIVE NAME] | [TITLE] | [COMPANY LEGAL NAME] | [REGISTERED ADDRESS] | [EMAIL] | [PHONE] | [DATE]
Common mistake: Signing with only a first name or job title without the company's legal name and contact details — undermining the letter's traceability and making it impossible for the recipient to identify and contact the sender for opt-out or data requests.
Fill in your company's registered legal name, trading address, and the name and title of the representative who attended the event. Do not use a brand name or abbreviation in place of the legal entity name.
💡 If multiple representatives staffed the booth, name the one who specifically interacted with this visitor — personalized attribution increases open and response rates significantly.
Enter the visitor's full name, job title, employer, and the event name, date(s), and venue. Verify these details against your lead-capture records before sending.
💡 Badge scans sometimes capture an abbreviated employer name — confirm the visitor's full legal employer name before completing the letter, especially for B2B follow-up where you may be contacting a subsidiary.
Reference the specific product, service, or topic discussed and any materials provided — brochures, samples, pricing sheets, or demo access codes. Attach or enclose any referenced materials.
💡 Pull from your booth rep's notes or CRM log captured immediately after the visit. The more specific the reference, the higher the recipient's recall and engagement.
State exactly how the visitor's data was collected (badge scan, sign-in sheet, business card), what it will be used for, and include a working opt-out mechanism. This clause is non-negotiable for GDPR and CASL compliance.
💡 If you are sending to recipients in the EU or Canada, confirm that your legal basis for processing is documented internally before the letter goes out — GDPR requires you to identify the lawful basis at the time of collection, not just at follow-up.
Enter any specific actions promised at the exhibit — a proposal, a call, a demo — and the exact date by which you will deliver or initiate them. Include your contact's name, email, and phone number for the recipient to respond.
💡 Set calendar reminders for every commitment listed in this clause the moment you send the letter. A missed follow-up date after a written commitment is harder to recover from than no commitment at all.
If you shared non-public pricing, pre-release product information, or roadmap details at the exhibit, activate the confidentiality clause. Always include the limitation of liability clause for any letter referencing product specifications.
💡 If your exhibit staff shared pricing or delivery timelines that have since changed, note in this section that all figures are subject to current terms — and follow up with an updated quote.
For any recipient located in the EU, UK, or Canada, complete the data subject rights block with your privacy officer's contact details and a stated response timeline of no more than 30 days.
💡 Use a dedicated privacy inbox (e.g., privacy@yourcompany.com) rather than a personal address — this ensures requests are tracked and responded to even when staff change.
Have the authorized company representative sign the letter before dispatch. For digital versions, use a tracked e-signature. Print and wet-sign for formal B2B or government contacts in jurisdictions where digital signatures are not universally accepted.
💡 Send the signed letter within 72 hours of the event close — response rates drop significantly after the first week as visitor recall of the interaction fades.
A "Thanks For Visiting Our Exhibit" letter is a formal post-event communication sent by an exhibitor to individuals who visited their booth or exhibit at a trade show, conference, or exhibition. It expresses gratitude for the visit, references what was discussed, documents how visitor data was collected and will be used, confirms consent for follow-up communications, and outlines the next steps in the business relationship. When properly structured, it also satisfies data privacy disclosure requirements under GDPR, CASL, and the CAN-SPAM Act.
The letter itself is generally not a binding contract in the traditional sense — it does not create an obligation to purchase or sell. However, specific clauses carry legal weight. The data consent and opt-out provisions create enforceable privacy commitments. Any next-step commitments stated in the letter (such as a promise to deliver a proposal by a specific date) can be treated as representations the sender is expected to fulfill. The confidentiality clause, if signed and accepted, can be enforceable as a standalone undertaking.
It depends on the jurisdiction and how contact information was collected. In the US, the CAN-SPAM Act permits B2B email follow-up with an opt-out mechanism, but some state laws are stricter. In Canada, CASL requires express or implied consent — exchanging business cards at an event or scanning a badge typically qualifies as implied consent for a limited period. Under GDPR, EU residents must be informed of the lawful basis for processing at or before collection; follow-up based on legitimate interest is permitted but must be documented. Always confirm your legal basis before sending.
Best practice is within 24–72 hours of the event's closing day, while the visitor still has clear recall of the interaction. Letters sent within this window enjoy meaningfully higher open and response rates than those sent a week or more later. At a minimum, send within five business days. If your team needs more time to personalize letters at scale, prioritize your warmest leads first and send the remaining letters in batches within the five-day window.
For EU recipients, include: the identity and contact details of the data controller (your company), the specific purpose for which their data is being processed, the lawful basis for processing (typically legitimate interest or consent), the categories of data held, the retention period, the recipient's rights (access, correction, deletion, portability, objection), a functional opt-out mechanism, and the contact details of your Data Protection Officer or privacy contact. Failure to include these elements constitutes a breach of Article 13 or 14 of the GDPR and can trigger regulatory investigation.
Yes. The template applies equally to follow-up after virtual exhibitions, online conferences, and hybrid events where visitors registered digitally or attended a virtual booth. Adjust the event reference details to reflect the online format and update the data collection method (e.g., "registration form" or "virtual booth visit log") in the consent clause. Note that for virtual events with EU participants, GDPR obligations are identical to in-person events.
Yes. An authorized company representative should sign the letter before it is sent. For email delivery, a digital or e-signature is sufficient in most jurisdictions. For formal B2B follow-up — particularly in government procurement, regulated industries, or cross-border trade scenarios — a wet signature on a printed version may be expected. The signature block should include the signatory's full name, title, company legal name, and contact details.
A standard business thank-you letter expresses gratitude with no legal or compliance content. This template goes further by documenting the data collection method, confirming consent, providing a privacy rights notice, and establishing enforceable next-step commitments. The additional clauses are what make it appropriate for trade show follow-up in jurisdictions with active data privacy regulation — where a plain thank-you letter can inadvertently create a compliance gap.
Two to three follow-up contacts after the initial letter is standard B2B practice. Space them 5–10 business days apart and vary the channel (email, phone, LinkedIn). Under GDPR and CASL, you must honor opt-out requests immediately and permanently — once a recipient unsubscribes, remove them from all follow-up sequences and do not re-add them without fresh express consent. Tracking opt-outs in your CRM at the point of this letter is the cleanest way to ensure compliance.
Yes, but you should review which privacy regime applies to each recipient and adjust the consent and data rights clauses accordingly. The strictest framework — typically GDPR — should be used as your baseline, since it covers EU residents regardless of where the event was held. For Canadian recipients, add CASL-specific consent language. For US-only recipients, CAN-SPAM compliance is the minimum, though some US states (California under CCPA, Colorado, Connecticut, and Virginia) impose additional requirements.
A standard thank-you letter expresses appreciation with no legal or compliance content. The 'Thanks For Visiting Our Exhibit' template adds data consent disclosure, opt-out provisions, a privacy rights notice, and next-step commitments. Use the standard thank-you for informal relationship-building; use this template whenever trade show visitor data has been collected and will be used for follow-up marketing.
A sales follow-up letter focuses exclusively on advancing a commercial opportunity — it assumes the outreach relationship is already established. The exhibit follow-up letter precedes it by establishing the legal basis for contact, referencing the event interaction, and securing consent before moving into sales mode. For warm trade show leads, send this template first; deploy a sales follow-up letter once consent is confirmed.
An NDA is a standalone bilateral contract that prohibits disclosure of specific confidential information. This template includes a lighter confidentiality clause covering exhibit-shared information, but it is not a substitute for an NDA when significant proprietary information was shared. If a booth interaction involved a product demonstration under confidentiality or a deep technical briefing, accompany this letter with a separate NDA.
A business proposal is a formal commercial document that defines scope, pricing, deliverables, and terms for a specific engagement. This exhibit follow-up letter is the communication that precedes and triggers a proposal — it documents the event interaction, confirms interest, and commits to a proposal delivery date. The two documents are sequential: this letter opens the conversation; the proposal advances it to a commercial decision.
Exhibitors in capital equipment and industrial sectors follow up with procurement managers and engineers who need detailed spec sheets and compliance certifications attached to the letter.
Tech exhibitors use the letter to confirm demo access codes, free trial activations, or integration consultation appointments promised at the booth, with data consent tailored for GDPR and CCPA.
Regulated products require the limitation of liability clause to be prominent; any clinical claims made at the exhibit must be referenced carefully to avoid off-label promotion violations under FDA and Health Canada rules.
Consumer product brands exhibiting at trade and gift shows use the letter to follow up with retail buyers, including wholesale pricing schedules and minimum order commitments discussed at the exhibit.
Law firms, consultancies, and accounting practices use the follow-up letter to reference a specific business problem discussed at the event and confirm the next consultation or proposal delivery date.
Food and beverage exhibitors at industry expos attach product specification sheets, certifications (organic, kosher, allergen), and pricing tiers to the letter, with next steps focused on sample shipments and distributor agreements.
The CAN-SPAM Act governs commercial email follow-up and requires accurate sender identification, a physical postal address, and a functional opt-out mechanism honored within 10 business days. There is no federal opt-in requirement for B2B email, but California (CCPA/CPRA), Colorado, Connecticut, and Virginia impose additional consumer data rights that apply when visitors are California or multi-state consumers. Badge scan data collected at US trade shows is generally treated as implying interest in follow-up, but do not add recipients to automated marketing sequences without a clear opt-out pathway.
CASL requires express or implied consent before sending any commercial electronic message. Exchanging business cards or having a badge scanned at a trade show qualifies as implied consent under CASL Section 10(9), but only for follow-up related to the purpose evident at the event. This implied consent lasts up to two years from the event date. Quebec's Law 25 (effective September 2023) adds provincial requirements including a privacy policy and mandatory breach notification. Unsubscribe requests must be honored within 10 business days.
Post-Brexit, the UK GDPR (retained from EU GDPR) continues to govern personal data of UK residents with near-identical requirements. The lawful basis for trade show follow-up is typically legitimate interest, but a Legitimate Interest Assessment (LIA) should be documented before the letter is sent. The ICO (Information Commissioner's Office) has published specific guidance on marketing to individuals met at events. PECR (Privacy and Electronic Communications Regulations) also applies to direct marketing emails sent to individuals rather than corporate addresses.
GDPR applies to all EU residents regardless of where the trade show was held. Exhibitors must identify a lawful basis for processing at the time of data collection — legitimate interest is the most common basis for B2B follow-up, but requires a documented balancing test. Articles 13 and 14 require the data controller to provide a privacy notice at or before the first follow-up communication. Member state implementations vary: Germany's UWG imposes stricter rules on unsolicited B2B email; France requires CNIL-compliant consent for some marketing uses. Data retention periods must be defined and communicated.
| Path | Best for | Cost | Time |
|---|---|---|---|
| Use the template | Exhibitors following up with domestic visitors at standard B2B trade shows where standard privacy laws apply | Free | 15–30 minutes per letter or batch |
| Template + legal review | Companies following up with EU, UK, or Canadian visitors, or exhibiting in regulated industries such as healthcare or financial services | $200–$500 for a privacy counsel review of your template and data practices | 2–5 business days |
| Custom drafted | Multinational exhibitors collecting large volumes of visitor data across multiple privacy regimes, or companies subject to industry-specific marketing regulations | $800–$2,500 for a customized, jurisdiction-specific follow-up program drafted by privacy counsel | 1–3 weeks |
This document is one of 3,000+ business & legal templates included in Business in a Box.
Access over 3,000+ business and legal templates for any business task, project or initiative.
Customize your ready-made business document template and save it in the cloud.
Share your files and folders with your team. Create a space of seamless collaboration.
"Fantastic value! I'm not sure how I'd do without it. It's worth its weight in gold and paid back for itself many times."
"I have been using Business in a Box for years. It has been the most useful source of templates I have encountered. I recommend it to anyone."
"It has been a life saver so many times I have lost count. Business in a Box has saved me so much time and as you know, time is money."
Stop downloading documents. Start operating with clarity. Business in a Box gives you the Business Operating System used by over 250,000 companies worldwide to structure, run, and grow their business.
Free Forever Plan · No credit card required
