The General Data Protection Regulation (GDPR), a new data protection law in the European Union, goes into effect May 25. What does it mean for you?
The new GDPR regulates the collection, use, storage, disclosure, and other processing of “personally identifiable information,” such as passport information or credit card numbers, and requires businesses to protect this information. It applies to every meeting with EU attendees. Here are 5 things you need to know:
Specifically what types of data are affected?
Event planners collect financial (credit card), medical (allergies, for example), travel (passport) and contact data in a typical registration form. If you collect IP address information or “cookies” from visitors to your website, this data also needs to be protected.
What are the consequences of non-compliance?
There will be significant fines for not meeting the requirements. According to the GDPR website, organizations can be fined up to 4 percent of annual global turnover for breaching GDPR.
What if my company is based outside the EU?
The new regulation applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.
How will my marketing practices be affected?
The GDPR will directly affect email marketing to EU residents by creating new requirements for obtaining permission to send commercial messages. Not only will it require consent, it will requires that organizations disclose how any information obtained electronically will be used.
Where can I learn more?
See the following resources: