On May 25 2018, the European privacy law, the General Data Protection Regulation (GDPR) took effect.
GDPR places new obligations on all organisations that offer goods and services to people in the EU regardless of where your business is located.
GDPR compliance is a shared responsibility amongst data controllers and data processors.
A controller is the entity that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity which processes personal data on behalf of the controller.
Entegy is the data processor and Event Organisers are the data controller.
It is both the event organiser and Entegy’s responsibility to ensure data is kept confidential and the integrity of data is maintained. Entegy has existing processes and policies in place to maintain the integrity and confidentiality of data, and we ask our partners and event organisers to do the same.
As an event organiser, it is your responsibility to be aware of your roles and responsibilities when it comes to GDRP compliance and your attendee's data.
DISCLAIMER This article is neither an overview on EU data privacy nor legal resource for your company to use in complying with GDPR or other EU data privacy laws. Rather, it provides background information to help you better understand how Entegy is addressing GDPR. The contents of this article are not the same as legal advice. We encourage you to consult an attorney if you’d like advice on your interpretation of this information or its accuracy. In short, you may not rely on this article as legal advice, nor as a recommendation of any particular legal understanding.