GDPR in events

As we have already pointed out, events deal with a massive amount of personal data, it is part of its essence; for that reason, we reiterate that the GDPR is much more than a technological initiative, it is essentially an initiative with fundamental impacts on how we do business.

For this reason, it should not be addressed solely by IT, legal or operations departments.

A large part of the actions that event organizers do or are faced with on a daily basis can put the organization/agency/company in severe financial risk.

In this article we alert you to some actions that can put your company at risk:

  • Using forms with marked pre-consent boxes without making explicit the way to opt out;
  • Failure to ensure a consent storage process;
  • Freely sharing lists of participants with sponsors, venues and other participants in the event;
  • Making registrations on paper and leaving them on registration counters;
  • Not paying attention to the access of data consultation/treatment given to temporary collaborators and/or not defining the scope of access to that same data (only those who unequivocally need to should access the data, and should do so in a regulated way);
  • Sending via email non-secure lists;

Return to our GDPR index: Are your events ready for the GDPR?

Still have questions about this? Talk to us!


Sergio Pinto

Sergio Pinto

With more than 15 years of experience in IT and telecom industry has passed the last years investigating and developing tech solutions for the events industry.