As an event organiser your ticketing system will need to be compliant, and you need to be aware that by accessing your customer information you will also become responsible and liable as a data controller.
1. UK data privacy law faces its biggest change in 20 years
Technological advances have massively increased the amount of personal data being generated and it is still rapidly increasing.
We generate data every time we book or shop online, tweet, use our favourite app or ‘like’ a photo on Instagram – which is why the law needed updating to better protect people in the 21st Century.
The result is the mutually agreed European General Data Protection Regulation (GDPR), which came into force on May 25 2018. It changes how businesses and public sector organisations can handle the information of their customers.
2. GDPR is all about giving individuals more control on how their personal data is used
It will give them greater visibility and control over the personal data organisations hold – whether it’s something as simple as a name, or as complex and sensitive as medical information. This means people can have greater confidence that information about them is accurate, up-to-date and properly managed.
3. Individuals can choose who contacts them, and how
You may notice organisations asking for your consent so they can contact you about offers, products or services they think you’ll find useful or interesting. To comply with GDPR, these requests need to be really clear and straightforward. You get to choose who contacts you and how, for example by email, social media or phone. To be GDPR compliant it’s not compulsory to discard all of your existing consents and get fresh consents from users but you must have records of how and when you gained their consent and what they were told at the time.
4. They can also change their mind at any time
If an individual gives their permission for you to contact them, it doesn’t mean they can’t change their mind in the future. Under the new rules, it should be easier for them to update preferences on what they want to receive and how. So keep your communications relevant, consider the frequency messages and always make it clear that they can withdraw their consent.
5. There will be better protection around data
GDPR also aims to make sure that all organisations holding personal data have the right processes in place to protect it. Organisations who put customer data at risk will face hefty penalties. If you don’t wish to be considered a data controller for your event we have a way to ensure you can see ticket sales but have a restriction against seeing personal data to ensure you remain GDPR compliant, get in touch if this service is of interest to you.
Your customers personal data is in safe hands with LIVE IT Group
- We do: use personal data to help us provide a great customer service, which includes tailoring the information we share to help ensure that it’s relevant, useful and timely.
- We do: respect privacy and work hard to ensure we meet strict regulatory requirements.
- We don’t: sell personal data to third parties.
We’ll always go the extra mile to protect personal data and as part of this, we regularly review our privacy notice and please be aware that further changes relating to GDPR may be made to our Privacy Statement in the future as this new regulation evolves.