Is your event GDPR proof?

To give participants access to the event or to provide information, participant data is often needed. For private meetings or events, it is important that not everyone has access to the event and that the digital environment is closed to non-participants. Therefore, to be sure that only those invited get access to the event, personal details such as name, telephone number and email address are often required.

The General Data Protection Regulation (GDPR) is an EU data privacy and security law which was put into effect on the 25^th of May 2018. The EU-wide regulation focuses on how companies and organisations handle personal data.

It protects the “fundamental rights and freedoms of natural persons” within the EU.

This law applies to all organisations that process EU citizen/resident data or sell goods and/or services to EU citizens/residents. This law also applies to companies and organisations that do not reside within the EU but do collect data on EU citizens.

The regulation needs to be taken into account with every step of the business process, including tasks such as sending quotations, invoices and newsletters.

Whenever a company or organisation does not comply with and violates the law, consequences such as large fines can be handed out as well as compensation for damages to EU citizens/residents.

One of the main action points is to use a Data Processing Agreement (DPA). Every one of Savvy Congress’s customers needs to sign a DPA before starting a project. The main reason for this is to preserve the privacy of the participants and the client. The personal data will only be used in the organisation of the event and to inform the participants. Three weeks after the event, Savvy Congress deletes all participant data, and none of the information will be saved.

Do you want to know more on how to work GDPR-proof? Do not hesitate to contact us for extra information.