Events in Europe? What you need to know about GDPR

By August 23, 2018 Post

Events in Europe? What you need to know about GDPR

There is a big change for those that plan and organize events in Europe. You need to understand the new GDPR and get your data in order pronto.

Beginning on May 25, 2018, the GDPR (General Data Protection Regulation) goes live and bring with it tough new data protection rules that will directly affect all the companies.

The GDPR require you to review and update how you collect, store and process the personal information of your attendees, members, and service providers.

You will need to demonstrate that you and your partners are in compliance with the GDPR. This means that you need to know that your event management company, or others that you share data with, is in compliance.

Here is a quick look at some of the new rules (this is just an overview, there are pages and pages of new rules):

  • Consent to Share – This means that there needs to be “clear affirmative action” before consent to share data is established. No more pre-ticked boxes stating that attendees accept the terms and conditions. They have to check the box themselves.
  • Transparency – You need to be ready to share with your attendees in detail how their data will be used, where it is being stored, how long do you intend to keep it, and what you are doing to make sure that it is safe.
  • Lawful Processing – Basically, you need a valid reason to be collecting the data but you can know more here.
  • Privacy First – Your daily operations must now be privacy first.  You must downsize the amount of data you hold on attendees and you must default to the best privacy settings in all of your technology.
  • Hack and breach notifications – You have 72 hours to notify regulators and the affected individuals in the event of a data privacy breach where there is a risk of harm to individuals.
  • Access to Info – Individuals can access their personal data, have the right to know how that data is being used, and you have a shorter time to respond to their requests for information. There is also a new “right of erasure” and “right of data portability” which means that if they write to you and say “erase my data”, you have just to erase their data (an exception to this is transaction records, of course, if they bought a registration, you don’t have to erase the transaction details).
  • Accountability – You must now be ready to prove that you are complying with the GDPR. Document what you do and how you do it.
  • Data Protection Officer – You must now have one. It just has to be one person to rule them all and who knows what you are doing inside and out. You can even outsource if you must.
  • Penalties – The fines will be huge because they want you to actually do the right thing and be accountable.
  • Non-Traditional Items – Yes, it is primarily computers, networks, and the web that we are talking about but there are other places attendee data lives in electronic form. Name badges, lanyards, and ID Card printer ribbons are just a few things to consider.

GDPR is a serious matter, but at the bottom line, it’s about individual rights and communication. Yes, businesses must be aware of the rules and the penalties for non-compliance – but it will help to see the opportunities in doing so, and the brand value that can be built.


You might also want to read

April 24, 2019

Say hello to the new accreditation app!

You asked we listened! We're happy to announce that we've launched a new accreditation app. Now you can easily print tags for the credentials from the registrations and also create…
March 7, 2019

Last2Ticket takes place in the FT1000!

Last2Ticket, the only SaaS event management company in Portugal, entered the Financial Times ranking for the first time (FT1000: Europe’s Fastest Growing Companies). All thanks to the results achieved between…
October 27, 2018

Join the sustainable event movement. Become green!

Events cause a lot of waste and leave a big carbon footprint. The sustainable event trend is continuing to grow with no signs of stopping so it’s time to join…
October 26, 2018

We’re one of the winners of the European Programme.

Last2Ticket is proud to be one of the winners of the SME Instrument Phase 1 Champs . Well done to all the other proud winners: DART Diagnostics,Smallmatek – Small Materials…

Leave a Reply