Officially in effect from May 2018, the GDPR is an update to the 1995 Data Protection Directive. Considering society’s technological advances since then, the update will strengthen its obligation to respect the privacy of its data subjects and cater to modern requirements.
You may be wondering how a European regulation is relevant to Australian businesses. One of the most significant changes that it will be imposing is its geographical spread. The new regulation applies not only to businesses established in the European Union but also to outside businesses who either offer their goods or services to European consumers or monitor the behaviour of them. This is irrespective of whether payment is required. Essentially, the GDPR protects all European citizens, no matter where they are in the world.
So, how does this affect corporate events in Melbourne? Australian corporate event planners must be well informed of the changes, in the event that even just one attendee happens to be a part of the European Union.
1. Transparent Consent
Firstly, it’s important to understand what personal data entails. Personal data refers to any information that, either directly or indirectly, identifies someone. A range of things can identify a person, including a name, photo, bank details, and even social media posts.
There’s no doubt your corporate event relies heavily on data collection to measure success. Often, data collection comes in the form of registration sheets, surveys, event mobile apps, and social media posts. While your attendees must fill out registration forms and surveys, they have ultimate control over their personal information until giving their consent to your business for data processing.
The GDPR demands that a consent is to be clearly stated. Consents must be clearly visible and requested in a way that does not confuse an attendee into blindly signing away the rights to their information. The GDPR even goes as far as prohibiting long or illegible words when asking for a consent. In short, the regulation demands that it “must be as easy to withdraw a consent as it is to give it.”
Upon planning a corporate event, your business must decide on how it is going to ask for a consent. For example, an online registration form should not tick a box by default to enable an attendee to be added to your mailing list. Instead, it should be left open to the attendee to tick, should they choose to. Other methods for requesting a consent may be dependent on your event type, however, your event planner should help with this.
2. A data subject’s rights
Not only should you consider your businesses obligations, you should also consider your attendees rights to their own personal data.
An attendee will now have the right to a confirmation on whether their data is being processed, as well as where and for what purpose. Additionally, an attendee has the right to request that their data be deleted from processing records, including avoiding its spread to third parties. This is known as the Right to be Forgotten, or more formally, Data Erasure. The GDPR places an emphasis on honesty and transparency between your business and its consumers.
If requested either a confirmation or the right to be forgotten, it is the duty of the business to comply. Note that a business must provide this information free of charge.
3. Penalties
 |
| Penalties |
Now that you have an understanding of the elements of the GDPR, it’s important to emphasise the penalties for failing to comply. Should a business breach these regulations, it will be issued a fine of either 4% of their annual global turnover or €20 million – whichever works out to be more expensive.
4. A responsible Event Planner
 |
| Event Planner |
Your business should have an understanding of the GDPR, not only to avoid breaching it but also to show their European Consumers that they care. However, it will prove more significant to work with a responsible event planner that will ensure your business doesn’t mistakenly fail to comply. Your event planner will have, not only your business, but also your consumer’s best interests at heart, and will make sure to style your event around these new regulations.
In short, GDPR is a provision that requires businesses to protect the personal data and privacy of European citizens for transactions that occur within European member states.
If you have any queries regarding GDPR then contact End2End Events in Melbourne on 1300095123 or visit our website end2endevents.com.au
No comments:
Post a Comment