Security and Compliance
Cvent employs a robust set of policies, procedures, and protocols to ensure you and your clients' data remains safe and confidential. These include:
Data Encryption
We use industry-leading 256-bit encryption to secure all client data, both at rest and in transit, using two-factor authentication.
European Data Centre
Our European data centre provides world-class, highly secure infrastructure to help you maintain the localisation of your data in the EU and prevent it from falling under foreign legal jurisdiction.
GDPR Compliance
When it comes to event management, we have led the GDPR discussion from day one and have been providing data security and privacy resources to help our clients maintain compliance. Additionally, our technology makes it easier for our customers to comply with their respective data privacy law obligations.
Compliance with Industry Standards
Cvent continues to demonstrate compliance with rigorous third-party security frameworks and standards including:
- SOC 1 and SOC 2 Type II Compliance (application-specific)
- Cvent Core
- CrowdCompass
- EMI
- OSS
- OnArrival
- Conference
- Passkey
- Meetings
- Business Transient
- RegOnline
- ISO 27001:2013
- Privacy Shield
- PCI-DSS (application-specific)
- Cvent Core
- OnArrival
- Passkey
- Meetings
We continue to seek additional certifications and accreditations that are important to our customers.
Data Processing Agreements
We also protect client data by entering Data Processing Agreements/Model Clauses with each of our clients and sub-processors. These agreements ensure that each entity in the partnership is operating in compliance with the GDPR and other applicable privacy laws. As such our clients can trust that data transferred to Cvent can be done so without disruption and is subject to data processing best practices. Our Data Processing Agreement is up-to-date and satisfies the GDPR requirements.