What Data is Captured
As part of our service some personal data is collected from your event attendees, speakers and staff. In general, information such as name, job title, telephone, email, employer and notes they take during the event, comments and answers to your survey or poll questions are all regularly captured during the lifetime of your event. However, profile fields, poll and survey questions are all customisable by you and can potentially contain other sensitive data.
GDPR is a EU regulation set to be enforced by May 25th 2018. GDPR introduces clear definitions on what constitutes personal data, which entities are data processors and data controllers along with clear guidelines on providing data subjects clear rights regarding that data.
As the data processor, Eventfuel provides you, the data controller, with the facility to define customised terms and conditions and require each attendee to agree to those terms before accessing your event data. We strongly encourage you to use this feature and involve any legal department in defining these terms.
As per GDPR guidelines, default terms and conditions use simple language that clearly state what and for what purpose personal data is used, as well as asking attendees for explicit consent.
The Eventfuel Attendee App also empowers data controllers to be regulation compliant by enabling attendees to review terms and conditions for any current or past event as well as to enforce their right to be forgotten.
Please contact us and we will be more than happy to help you in setting up terms and conditions for upcoming events.
Fine Grain Data Controlling
We provide the facility to add a data expiry to your event so attendee and staff access is blocked after that date.
We provide the option for automatic removal of any personally identifiable data from our system and after an event is expired for 180 days all data can be automatically anonymized or scrubbed from our servers and backups.
Security by Design
To protect personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Any infrastructure platforms we use, for example Amazon Web Services and Digital Ocean, are all certified with ISO27001 and are either Privacy Shield compliant or European infrastructure in Europe is used exclusively.