Knowledge Base

      • Home
      • General Data Protection Regulation (GDPR)

      General Data Protection Regulation (GDPR)

      Posted:

      GDPR ensures that any personal data collected, stored, or processed by organizations is handled with strict confidentiality and security. Personal data includes any information that can identify an individual, such as names, addresses, phone numbers, and even IP addresses.

      • Organizations must obtain explicit consent from individuals before collecting or processing their data. The consent must be clear, specific, and easy to withdraw.

      • GDPR gives individuals several rights over their personal data, including the right to access their data, the right to have their data corrected, the right to have their data deleted (known as the “right to be forgotten”), and the right to object to certain types of data processing.

      In Eventbuizz, Generally, when the attendee has accepted the event organizer’s GDPR policy from the registration site or event app, the attendee information will be visible to other attendees.

      Each time an event is created in the Event Center the event organizer is responsible for which of the two following options for GDPR policies to be activated in settings.

      1. ENABLE GDPR
      When this option and policy is enabled, and the attendee has not accepted the event organizer’s GDPR policy, the attendee will only appear with “First Name” and “Last Name”.

      2. INVISIBLE VISIBLE
      When this option and policy is enabled, and the attendee has not accepted the event organizer’s GDPR policy, the attendee will not appear with any information at all.

      Note, that the attendee’s information will always be visible to the event organizer in the Event Center. If event organizer export data to excel, the participant list will contain information of whether or not the attendee has accepted your GDPR policy.

      GDPR for Event organizer

      The information that is collected within the system and the information that the organizers can export will remain the same, although for export: Attendees, sub-registration results & orders, we have added a new field to indicate, if the attendee have accepted your GDPR regulations or not. The data that is collected, exported or distributed is the organizers responsibility at all time.

      GDPR disclaimer management

      The content of the GDPR disclaimer is maintained on each event and can be found in Setting -> GDPR -> GDPR disclaimer.

      “Subject” field contain the header text and the “Inline text” field is the description you see after the checkbox that the attendee has to select on the registration site or in the app, to accept the GDPR. In the “Inline text” field between {detail_link} and {/detail_link} all text will contain the hyper link for the GDPR description.

      The GDPR disclaimer is versioned and the system is keeping log of each version. The system is also logging which version of the GDPR the attendee has accepted.

      A “GDPR policy link” link usually directs users to a page that outlines the policy of the event. You can integrate it in anywhere within the app or event.

      GDPR Activation

      The GDPR needs to be activated on each Event and can be found under Setting->GDPR->Settings

       

      Enable GDPR

      When this option and policy is enabled, and the attendee has not accepted the event organizer’s GDPR policy, the attendee will only appear with “First Name” and “Last Name”.

      Attendee invisible

      When this option and policy is enabled, and the attendee has not accepted the event organizer’s GDPR policy, the attendee will not appear with any information at all, the functionality will be limited to display only. Please note the attendee will not be displayed/visible within the full app and it will not be possible to scan this attendee with the “Lead scanner app”.

      If “Attendee invisible” feature is activated, then the attendees who have not accepted the GDPR, will have limited access to the features of the app. Their “First Name” and “Last Name” will appear in following modules:

        • Attendee
        • Chat
        • Survey
        • Polls
        • Q&A
        • Social Wall
        • Groups
        • Speaker list
        • Sponsor/Exhibitor will not be able to scan your name badges

      GDPR required

      When GDPR is required, it means that certain actions, such as agreeing to terms or providing consent for data processing, must be completed before you can proceed. In simple terms, it ensures that your personal data is protected according to strict rules, and you can’t move forward without acknowledging or accepting these terms.

      GDPR auto selected in registration flow

      When this option and policy is enabled, the click-box for the acceptance of GDPR is by default on. Meaning that the attendee will have to click off the box to not accept the GDPR policy.

      GDPR in Registration Flow

       

      GDPR in Registration site “Edit profile”

      When the attendee log on the app and the GDPR has not been accepted earlier, a popup window will be displayed, with the option to accept the GDPR. The attendee has the possibility to skip this screen.

       

      Attendee GDPR log

      The organizer will have a full overview off when the attendee has accepted GDPR and when they made changes to it. The log can be found in Setting ->GDPR ->GDPR disclaimer              ->Attendee GDPR log.

       

       

      GDPR – Delete data flow

      Below is listed different types of data deletion options:

      • Event deleted by the organizer
      • Event attendees deleted by the organizer
      • Event sub-registration results deleted by the organizer
      • Event poll results deleted by the organizer
      • Event survey deleted by the organizer
      • We have automated DB backups midnight and we retain backups for 35 days

      Event deleted by the organizer

      Organizers who deletes an event, will always be “soft” deleted, meaning that Eventbuizz will be able to undo the deletion. After 30 days the system will automatically “hard” delete all data, meaning that Eventbuizz will not be able to undo the deletion.

      Event attendees deleted by the organizer

      Attendee deleted in the event by the organizer will be “soft” deleted and “hard” deleted after 30 days of the event end date. Please note “hard” deleted data cannot be restored at any time.

      Event sub-registration results deleted by the organizer

      Sub-registration results deleted in the event by the organizer will be “soft” deleted and “hard” deleted after 30 days of the event end date. Please note “hard” deleted data cannot be restored at any time.

      Event poll results deleted by the organizer

      Poll results deleted in the event by the organizer will be “soft” deleted and “hard” deleted after 30 days of the event end date. Please note “hard” deleted data cannot be restored at any time.

      Event survey results deleted by the organizer

      Survey results deleted in the event by the organizer will be “soft” deleted and “hard” deleted after 30 days of the event end date. Please note “hard” deleted data cannot be restored at any time.