Best Practices
GDPR: The Four Letters Transforming The Event Industry
30 Jul 2018 | RainFocus | 3 minutes
The EU General Data Protection Regulation, or GDPR, has taken a starring role in news headlines lately. This law aims to protect individuals with respect to the collection, use, and sharing of their personal data. It has revolutionized the way companies run events — and the way attendees experience them. The GDPR’s expansive focus on protecting all personal data means that it touches every aspect of event management and execution.
The recent update of this data privacy law has generated a rigorous set of rules that demand even greater diligence from companies operating within the event industry. As companies that fail to comply risk fines of up to 4 percent of their global revenue, it’s crucial to stay on top of the latest technology requirements. Leveraging RainFocus can help ensure compliance and make the GDPR easier to navigate.
With GDPR obligations becoming increasingly stringent, RainFocus remains committed to tracking and utilizing industry best practices, guidance from the European Union, and EU enforcement activity. Such efforts — along with RainFocus’s curated tech expertise — can also make the process less daunting for those operating in the event industry.
Any organization that collects or processes personal data must follow the GDPR, regardless of their location. Since data collection is prevalent at tech conferences and other similar events,
…it’s all the more critical to operate with these four letters at the forefront of your mind.
To avoid noncompliance and the severe penalties that result, event organizers must be dedicated to communicating how and why attendees’ data will be processed as clearly and plainly as possible. They must be accountable for their guests’ full comprehension and consent at every stage of data collection and usage. Additionally, planners need to ensure that all collected data is up-to-date and accurate; safeguarding mechanisms should also be in place to guarantee the confidentiality of attendees’ information.
Many companies in the event industry are making strides to minimize data as well, a tactic that further protects organizers and attendees. This can be as simple as adjusting registration and survey forms to avoid unnecessary data collection. Data minimization lies at the heart of the new data protection law. Attend to your event registration and survey forms to make the necessary improvements in relation to the reduction of unnecessary questions.
The GDPR is changing the way businesses operate, along with the way they market, plan, and execute key events.
Under the guidelines of GDPR, organizers need to have several things on their mind as they plan their events:
- Privacy and data collection policies should be extremely clear to the attendees.
- Data collection should be limited to what is needed by the organization.
- Cookie consent must be given by EU subjects before tracking cookies are used.
- Cookie usage notification must be shown to non-EU subjects, as needed.
- Documentation of policies and controls around data collection, usage, and destruction. This includes the primary registration software and all sub-processors of the data.
Download Our Security Guide For Help Choosing
the Right Event Management Platform
Read Now!