5 GDPR Questions to Ask Your Event Tech Provider

Baffled by GDPR? Scared by talk of £17 million fines? Not sure where to start when it comes to collecting compliant data at your events?

Guest Author, August 30, 2017

When you work with an event tech provider, one of the things they will do is gather data about your delegates. Because they work with data all the time, your event tech provider should be able to help ensure that all data you collect during the course of your event is fully compliant and in line with regulations. That way, you can rest assured that your compliance isn’t in jeopardy when you collet data at your event.

The new General Data Protection Regulations come in to force on May 25th 2018. They will apply to anyone who gathers or stores data about EU citizens (which still includes us post-Brexit Brits). This could be any data that would allow you to identify the data subject - including name, email address or computer IP address.

BlogBanner-GDPRFAQ.png

1. Are you GDPR compliant?

Pretty obvious really, but if they’re not able to give a clear answer and to talk you through their GDPR response, there could be an issue. GDPR covers all forms of data, so even your registration lists will need to be compliant in order to avoid any issues. If your event tech provider isn’t willing to talk you through the steps they have in place in order to be compliant, you could be at risk.

2. How will you respond to GDPR enquiries?

As part of the new regulations, members of the public are able to check the data you keep about them. Once a request is made, you have 72 hours to respond with a clear list of all data you hold about that person. They can then ask you remove that data. If this happens, you have a further 72 hours to ensure that it is wiped from your system. Failure to comply could result in fines. At Noodle Live, we have created an automated system that will respond to requests and automatically wipe data when requested. This ensures that we always respond on time and that we are following the guidelines.

Once your event tech company hands over the data to you to store on your system, you will also need to work out a way to ensure you are able to respond to these enquiries quickly and efficiently.

3. Are all of your staff informed about GDPR?

When you’re working with data on a daily basis, it is essential that all staff are informed and aware about the new regulations. From the interns to the head of operations, everyone should be aware of the risks and responsibilities in order to ensure that no one slips up.

At Noodle Live we are holding company-wide trainings for every member of staff. All new hires will also receive training and there will be an annual update training to ensure that the entire team remain fully informed about developments and changes.

4. Is there someone I can talk to about GDPR?

Find out who is responsible for ensuring the company is GDPR compliant. If there is someone who is fully informed and ultimately responsible for ensuring that data is fully compliant, you know the company will take the regulations seriously. If you have any concerns, ask your GDPR lead to speak to the GDPR officer before signing the contract.

5. How can you demonstrate compliance?

Under the rules of GDPR, it’s up to you to prove that someone is happy for you to store their data. You will have to be able to demonstrate that they’ve given you permission. Your event tech provider should be able to show clear evidence that your delegates are aware that you’re storing their data and what you might use it for. Ask to read the written terms supplied to everyone who signs up for your event to ensure that you’re being fully transparent and clear when asking people to supply you with data about themselves.

Remember – once your event tech company hand over the data to you, you are also responsible for ensuring that you store it and manage it in a way that is compliant.

Still confused by GDPR? Take a look at what Glisser’s Mike Piddock and Noodle Live’s Glyn Roberts had to say during a panel debate about GDPR compliance for #EventProfs at this year’s BNC Event Show.

Share this article:

GDPR, Brexit and Events - Part 2 - International Data Transfer

In the second part of our GDPR, Brexit and Events duology, we dive into the impacts Brexit will have on the international transfer of data.

GDPR, Brexit and Events

In the confusion over Brexit and its impact, part one of our GDPR, Brexit and Events duology will help shed light on Brexit's impact on GDPR and the events industry.

5 Reasons to Live-Stream your Event

The use of live streaming has grown in popularity over the last couple of years, thanks in part to the ease of posting across social media platforms such as Facebook, YouTube and Instagram.
© 2018 Glisser, all rights reserved