GDPR will have a profound effect on the meetings and events landscape, as the processing of personal data is critical to the entire event lifecycle. Which is why, here at Cvent, we’re taking GDPR very seriously and have been working for the past 12 months to prepare for the regulation.
At Cvent, we follow the letter of the law, but we are also inspired by the spirit of the law. The spirit of GDPR can help us create value for our business, our customers and delegates, and add value for everybody who’re involved in the meetings and events industry. GDPR is essentially about trust and transparency, both of which are at the heart of a great event, and Cvent strives to help bring great events to life. In a world where we’re enabling people to have control over their own data, attending a live event shows willingness to share. GDPR is also about embracing the power of live events, events give you the opportunity to develop trusting relationships with attendees.
In our latest webinar, we talk about the updates Cvent is making across our platform of products to drive your compliance with GDPR and how we’ve validated these efforts with trusted third parties.
Some of the things highlighted in the webinar are:
The three main players in the GDPR ecosystem
- Data Controller – In the B2B event space, this will be the event organiser or host, as they are the ones who collect the data for the purpose of hosting an event.
- Data Processor – Cvent squarely fits in this category (which also includes third party planners, venues, exhibitors). We process the data that controllers provide to us.
- Data Subjects – These include your attendees, invitees, and speakers.
Cvent’s data privacy & security processes
Cvent has steadily been growing its global security function. Our security team is organised into seven functional areas that span across all business units. Each plays a critical role in safeguarding your data.
Cvent maintains a strong security compliance programme, some of which require third party certification (such as ISO and PCI), while others require self-certification (such as Privacy Shield). We’ve taken our Privacy Shield certification a step further by tying up with TrustArc to audit our responses to demonstrate the importance of gaining our customer’s trust.
Updates to Cvent products to support compliance
We’ve made enhancements to our products to ensure our customers can be in compliance with GDPR. We use the most current and cutting-edge processes and technologies to make the Cvent platform as secure as possible for our global customers and their attendees.
Some of the updates made to our solutions include –
1. Event website – Cvent only uses essential cookies (cookies needed for the website to function) and also provides the ability to enable a cookie banner overlay on the event website. The overlay provides a link to the privacy policy which details how cookies are used within Cvent. The privacy policy also documents how we at Cvent process data. The privacy policy is visible and enabled in all Cvent event websites and registration pages. We’re currently working with an external GDPR legal counsel to review and update our privacy policy, to ensure it’s in compliance with GDPR.
2. Event Registration – Included new consent field types. These can be stored as either registration questions or custom contact fields stored in your address book. These fields will have special audit tracking capabilities which would enable us to store a history of what exactly the attendee consented to during the registration process. The fields will also be time-stamped, so you know when exactly the consent was given or withdrawn.
3. Email Marketing – We provide robust email marketing capabilities that include things like opt-in, opt out and unsubscribe functionalities.
4. Hotel Room Block Management – A great example of how you can use technology to become GDPR compliant is by working with hotels that use Cvent Passkey. Many events have rooming lists which contain sensitive information (personal info and credit card data). This data is often exported from a registration system and into unsecure excel files and then emailed directly to hotels. With the Cvent platform, you can make this manual and unsecure process completely automated. We have a seamless and secure two-way integration between Cvent registration and Passkey, which in turn delivers info directly to hotel reservation systems. This process ensures that your data is safe.
5. Onsite Check-in & Registration – Consent questions can also be added during the check-in process or during lead capture. It is also important to consider acquiring consent for RFID tracking, with Cvent we can anonymise the attendee so you can still track their journey throughout the event, with a random number assignment.
If you want to learn about the other updates we’ve made to our solutions or know about what’s next in the world of GDPR, watch the full webinar here.