What event planners need to know about GDPR

'Now is the time to become GDPR compliant' says Nicola Rossetti, vice president of European Markets at etouches.

Image credit: iStock
Image credit: iStock

Nicola Rossetti is an expert on data protection and the upcoming GDPR changes happening on 25 May 2018.


Data collection plays an increasingly important role in the events industry. The more personal data event managers can collect about the people who attend their events, the better they can customise the event experience, as well as future products and services.

But there is risk associated with the collection and handling of all that data. That is why the EU approved the General Data Protection Regulation (GDPR), which goes into effect on 25 May 2018.

For event planners, this means the personal data of EU citizens who attend their events or work in their companies must be handled in compliance with GDPR.

What is GDPR and why does it matter?

GDPR replaces and improves upon existing regulations, notably, the EU Data Protection Directive of 1995, and addresses developments in mobile and cloud technology. GDPR also combines various existing regulations into one harmonised and simplified set of rules for all EU nations.

GDPR gives EU citizens more insight into, and control over, how their personal information is collected and used. To ensure this, GDPR adds significant fines and penalties for non-compliant data controllers and processors of up to 20 million Euro or 4% of annual global turnover, whichever is greater.

Managing event data under GDPR

Event planners and agencies are data controllers. That is, they collect and control the personal data of their customers, in this case, event attendees. As data controllers, event planners must be prepared to perform the following processes in compliance with GDPR:

  • Discover: Identify where personal data transit and resides in your ecosystem.
  • Manage: Document how personal data is used and accessed.
  • Protect: Prevent data breaches through data security technology and practices.
  • Reveal: Give EU citizens access to, and control over, their data.
  • Report: Track related event data to comply with regulator’s audits.

Because customer data is typically shared across multiple functions, such as sales, marketing and event management, compliance requires cooperation by the entire ecosystem of technology solutions, partners and employees with access to the data.

The role of technology vendors in GDPR compliance

Data processors – the technology vendors that process the data owned by the event planner – play a significant role in GDPR compliance, although the onus is on the data controller to define GDPR requirements to their technology partners.

Under GDPR, data controllers appoint a Data Protection Officer (DPO), responsible for ensuring compliance with GDPR. Vendors are also required to provide adequate staff training in principles of data protection and must employ a variety of encryption technologies to alleviate the risk of noncompliance, data breaches, security failures or lack of reactiveness.

While a good data processor will support adherence to GDPR standards, it’s worth noting the more solutions and vendors an event planner uses, the higher the risk to data security and non-compliance. Comprehensive technology platforms and end-to-end solutions can help alleviate the burden of compliance.

Now is the time to begin the journey to GDPR compliance

Meetings and events are highly exposed to complex data collection and management, which makes compliance with GDPR a must. Considering many 2018 events are already in the planning phase or have even opened registration, there is no time to delay. The road to GDPR compliance can be long and complex. All corporate and agency planners should begin the process now to ensure compliance before their next event takes place.

Disclaimer: This content is intended to convey general information only and in no way constitutes legal advice or opinion. 

If you’re interested in registering for the 2018 C&IT Corporate Forum, find out more here.

Have you registered with us yet?

Register now to enjoy more articles
and free email bulletins.

Register now
Already registered?
Sign in
CitizenM opens Copenhagen RĂ„dhuspladsen Hotel

CitizenM opens Copenhagen Rådhuspladsen Hotel

First Nordic opening from the design brand CitizenM is 238-room overlooking the historic city centre in Denmark's capital.

Brand Brewery wins Diversity and Inclusion in Grocery conference

Brand Brewery wins Diversity and Inclusion in Grocery conference

Brand Brewery will be the sole lead agency for the management and implementation of Diversity and Inclusion in Grocery.

BCD M&E consolidates all European acquisitions

BCD M&E consolidates all European acquisitions

BCD M&E will bring all acquisitions under one name from January 2019, including Grass Roots Meetings & Events.

In pictures: C&IT Incentives Retreat

In pictures: C&IT Incentives Retreat

Day one featured an incentive case study, panel talk and gala dinner, held at Chewton Glen Hotel & Spa.

Central London Venue Goes Single-Use Plastic Free in 2019

Located just off London's South Bank, 15Hatfields is an award winning sustainable venue which offers a range of contemporary, flexible and stylish event spaces.

Fears over long haul Brexit challenge among buyers

Fears over long haul Brexit challenge among buyers

Cutting costs pushed off the top among fears highlighted in a survey by the Business Travel Show.

How to justify the ROI of events

How to justify the ROI of events

More than half of corporate event planners find justifying ROI difficult according to C&IT's SOTI Corporate survey.

9 parts in the anatomy of a successful event

9 parts in the anatomy of a successful event

Report uses anatomical metaphor to describe the key features of putting on a successful event.

State of the Industry: Corporate Report first findings

State of the Industry: Corporate Report first findings

C&IT subscribers can begin reading our new report on corporate events from today including stats, trends and industry insights.

Mansion54 set to open in downtown Las Vegas

Mansion54 set to open in downtown Las Vegas

Venue set to open with a collection of unique and flexible spaces for special events set in a historic location.