GDPR in events
As we have already pointed out, events deal with a massive amount of personal data, it is part of its essence; for that reason, we reiterate that the GDPR is much more than a technological initiative, it is essentially an initiative with fundamental impacts on how we do business.
For this reason, it should not be addressed solely by IT, legal or operations departments.
A large part of the actions that event organizers do or are faced with on a daily basis can put the organization/agency/company in severe financial risk.
In this article we alert you to some actions that can put your company at risk:
- Using forms with marked pre-consent boxes without making explicit the way to opt out;
- Failure to ensure a consent storage process;
- Freely sharing lists of participants with sponsors, venues and other participants in the event;
- Making registrations on paper and leaving them on registration counters;
- Not paying attention to the access of data consultation/treatment given to temporary collaborators and/or not defining the scope of access to that same data (only those who unequivocally need to should access the data, and should do so in a regulated way);
- Sending via email non-secure lists;
Return to our GDPR index: Are your events ready for the GDPR?
Still have questions about this? Talk to us!