What event planners need to know about GDPR

'Now is the time to become GDPR compliant' says Nicola Rossetti, vice president of European Markets at etouches.

Image credit: iStock
Image credit: iStock

Nicola Rossetti is an expert on data protection and the upcoming GDPR changes happening on 25 May 2018.

----------------------------------

Data collection plays an increasingly important role in the events industry. The more personal data event managers can collect about the people who attend their events, the better they can customise the event experience, as well as future products and services.

But there is risk associated with the collection and handling of all that data. That is why the EU approved the General Data Protection Regulation (GDPR), which goes into effect on 25 May 2018.

For event planners, this means the personal data of EU citizens who attend their events or work in their companies must be handled in compliance with GDPR.

What is GDPR and why does it matter?

GDPR replaces and improves upon existing regulations, notably, the EU Data Protection Directive of 1995, and addresses developments in mobile and cloud technology. GDPR also combines various existing regulations into one harmonised and simplified set of rules for all EU nations.

GDPR gives EU citizens more insight into, and control over, how their personal information is collected and used. To ensure this, GDPR adds significant fines and penalties for non-compliant data controllers and processors of up to 20 million Euro or 4% of annual global turnover, whichever is greater.

Managing event data under GDPR

Event planners and agencies are data controllers. That is, they collect and control the personal data of their customers, in this case, event attendees. As data controllers, event planners must be prepared to perform the following processes in compliance with GDPR:

  • Discover: Identify where personal data transit and resides in your ecosystem.
  • Manage: Document how personal data is used and accessed.
  • Protect: Prevent data breaches through data security technology and practices.
  • Reveal: Give EU citizens access to, and control over, their data.
  • Report: Track related event data to comply with regulator’s audits.

Because customer data is typically shared across multiple functions, such as sales, marketing and event management, compliance requires cooperation by the entire ecosystem of technology solutions, partners and employees with access to the data.

The role of technology vendors in GDPR compliance

Data processors – the technology vendors that process the data owned by the event planner – play a significant role in GDPR compliance, although the onus is on the data controller to define GDPR requirements to their technology partners.

Under GDPR, data controllers appoint a Data Protection Officer (DPO), responsible for ensuring compliance with GDPR. Vendors are also required to provide adequate staff training in principles of data protection and must employ a variety of encryption technologies to alleviate the risk of noncompliance, data breaches, security failures or lack of reactiveness.

While a good data processor will support adherence to GDPR standards, it’s worth noting the more solutions and vendors an event planner uses, the higher the risk to data security and non-compliance. Comprehensive technology platforms and end-to-end solutions can help alleviate the burden of compliance.

Now is the time to begin the journey to GDPR compliance

Meetings and events are highly exposed to complex data collection and management, which makes compliance with GDPR a must. Considering many 2018 events are already in the planning phase or have even opened registration, there is no time to delay. The road to GDPR compliance can be long and complex. All corporate and agency planners should begin the process now to ensure compliance before their next event takes place.

Disclaimer: This content is intended to convey general information only and in no way constitutes legal advice or opinion. 


If you’re interested in registering for the 2018 C&IT Corporate Forum, find out more here.

Have you registered with us yet?

Register now to enjoy more articles
and free email bulletins.

Register now
Already registered?
Sign in
BCD Meetings & Events appoints new country director in China

BCD Meetings & Events appoints new country director in China

New Shanghai-based country director joins BCD M&E after recent roles with Uniplan and Pico.

How do you win a C&IT Award?

How do you win a C&IT Award?

Award winner-turned-judge explains what the panel was looking for in this year's entries and how accolades affect agency life.

4 things event tech fans should be excited about

4 things event tech fans should be excited about

The good folk of Clive show us some of the latest developments that have caught their attention.

TAG opens new office in Hong Kong

TAG opens new office in Hong Kong

The travel and event management company expands its reach in Asia and now has ten offices worldwide.

Gray Dawes Group acquires Amber Road Travel

Gray Dawes Group acquires Amber Road Travel

Travel management specialist boosts its presence in the north of England and will exceed £200m turnover.

'Clients have to understand our turnaround times'

'Clients have to understand our turnaround times'

Laura Law, conference director at Venues & Events International, argues that agencies need sufficient time to get under a brief's skin.

28% of event professionals have taken time off for mental health issues, finds survey

28% of event professionals have taken time off for mental health issues, finds survey

Research by Stress Matters discovers that many are still experiencing anxiety and a blame culture at work, despite more wellbeing initiatives.

Why we must 'reshape the conversation' around gender equality

Why we must 'reshape the conversation' around gender equality

Event professionals at IMEX America discussed mentoring and how to get everyone involved in debates about equality at work.

Ruby Hotels' first UK property to open in Southbank in 2020

Ruby Hotels' first UK property to open in Southbank in 2020

The carnival-themed Ruby Lucy will bring 'lean luxury' to London in January and have a Marshall guitar amp in every room.

Five ways ICC Belfast and the wider city is mastering sustainability.

LATEST JOBS