You may have heard about GDPR (General Data Protection Regulation) stirring up a lot of change in the business environment, especially when it comes to protecting your EU clients’ personal data. So how does this impact vFair's data collection practices and what are the steps we’ve taken to it ensure its safety for all our customers serving an EU audience?
We're here to provide the answers so that you can be confident in our dedication to always being on the forefront of compliance, with transparency and control in sync with data protection laws.For every event delivered, vFairs takes responsibility as a data processor, whereas the data controller is our client. With implementation going into effect on the 25th of May 2018, the vFair’s team has taken various measures to secure alignment with GDPR guidelines to spearhead uncompromising data protection and security.
GDPR Readiness Outline:
To help you gain familiarity with our new principles to be complied with, we have broken down these new directives into a series of steps so that you can be sure that our standards remain focused on honoring our platform users’ rights and consent:
1. vFairs will enforce GDPR on all standard registration pages as a default measure to confirm lawful consent so that your event attendees take control of the data they choose to share.
2. GDPR is enforced based on the country the user selects on the registration page, this means that all users from EU member states fall under the revised data protection legislation.
3. Clients will have the ability to customize their own country list as well as the GDPR message that appears on the registration page for clear, easy to understand consent request and disclosures across all levels.
4. In the circumstance that a user does not agree to the terms of sharing adequate and relevant data, they will not be registered.
5. Users have the right to be forgotten; when requested, the user’s profile data will be anonymized within the specified webcast or event domain.
6. If a user requests to be forgotten, it is the responsibility of the event owner to notify the third party contact of the user’s request (This is currently a manual process; third parties do not allow someone else to externally make an automated call to “forget” a user).
7. A report will be made available to display all registered GDPR users from a given event.
8. When using the mass upload tool, it is the client's responsibility to provide a list of users who have opted into the GDPR policy.
9. When utilizing a third party (i.e. salesforce) for registration, it is the responsibility of the third party to confirm that they’re only passing users who have accepted the GDPR policy.
10. We will work with our integration partners as and when required to ensure our GDPR process is aligned with regulation throughout the data transfer.
Committed to serving our clients responsibly, our updated controls and processes protect the data of all EU audiences and uphold their new rights to stay compliant with the GDPR. We look forward to providing greater value and transparency, and will continue working harder and smarter to prioritize compliance management.
At vFairs, we strive to build a top-class online event platform that will help event organizers make memorable connections with their target audience. We’re obsessed with taking out the hassle normally associated with physical events and leaving organizers and exhibitors to focus on what’s most important: engagement with the audience.
Get in touch with an expert to learn more about vFairs here.