As 2018 approaches, the European Union’s GDPR, or General Data Protection Regulation, is on the minds of event planners not just in Europe, but around the world. In case you don’t know about GDPR, simply put, it is a new set of regulations intended to give the power back into the hands of EU citizens over how their data is processed and used. Under the new regulations, EU citizens will be able to request that businesses delete their personal data, among many other requirements related to consent and privacy. The deadline to comply with these regulations before being subject to a fine is May, 25 2018.
While there are several resources out there that tell you what the regulations are and how to comply, there are also many misconceptions out there that are specific to meeting and event planners that they need to know about heading into the new year. Read on to learn more about these common GDPR myths or take a look at our infographic below.
Myth: “I don’t have to worry about GDPR, because my business is located outside of Europe.”
Fact: The location of your company headquarters, offices or meetings/events is irrelevant when it comes to GDPR. At any time, if you collect an EU citizen’s data outside or inside the EU, you are subject to comply. A person’s citizenship status isn’t always obvious, so it may be a good idea to include citizenship as a required information field in your event registration form.
Myth: “GDPR is only for large businesses and organizations.”
Fact: Again, the size of your organization or meeting/event doesn’t matter. If you’re collecting data from an EU citizen, you need to comply with GDPR.
Myth: “I only plan internal meetings, so GDPR does not apply to me.”
Fact: From the largest conferences and trade shows, to the smallest meetings inside and outside your organization—you guessed it! Every sized meeting involving EU citizens is subject to GDPR.
Myth: “I have to delete all information about an EU citizen if asked.”
Fact: GDPR mostly relates to personal data (name, title, location, etc.), however data related to certain types of transactions, payments and invoices you cannot delete for audit and tax purposes. What you can and cannot delete needs to be relayed to the person requesting the removal of their data. This is why it’s important to go over the consent and disclosure elements of the new regulations.
Myth: “We have excellent data security, the GDPR regulator will give us a warning without a fine.”
Fact: There’s so much more to GDPR than data security. If you’re concerned about the specifics, consult with your tech providers, IT department and especially your legal team. Also, you should take the GDPR penalties very seriously; the fine is 4% of your annual global turnover or €20 Million—whichever is greater!
Myth: “I don’t have to worry about complying with GDPR until May 2018.”
Fact: This is perhaps the biggest misconception. While the deadline to comply is several months away, event planners should be taking steps …read more
Via:: E Touch Technology