GDPR will change the way we arrange, market, attend and follow up events and how we collect data right from registration through to attending an event.

Data collection has an increasingly important role in the events industry as the more personal data event organisers can collect about the people who attend their events, the better they can customise the event experience.

For the events industry GDPR means cleaner data, better events and closer relationships with clients. Yet, while the benefits are clear to see, how will GDPR change events as we know them and how will GDPR change the way organisers, exhibitors and visitors use data?

Here we answer the GDPR questions that matter most to the events industry.

Collecting Data Before and After Events

Clean data lists are the key to successful events, yet where do event organisers stand when it comes to buying a data list once the new regulations come into force? Before purchasing any data lists, organisers must make sure their supplier has proof and permission that the contacts have given their consent to be marketed to.


The data can be retained for future use, there is no black and white stipulation regarding how long you can hold the data for, but all sensitive personal data should be removed (dietary, political, religious, etc) and if the data is used again, it must be used solely for its original intended purpose and cannot be used to promote other events or sold to a third party unless explicitly consented to at the time.


To process data, organisers don’t always require consent, however, for things like profiling (behavioural advertising), they need to go back and get consent to use the data. Similarly, if they’re using the data to send marketing emails, the recipients must opt-in.


When it comes to registration, the process should be as streamlined as possible. Organisers must only collect the vital data needed for registration and have the ability to demonstrate the necessity of the data collected. This includes collecting event feedback. Data that is not being used for profiling shouldn’t be stored by event organisers.

Systems must be in place to ensure data has been collected in a GDPR compliant way and if event organisers can prove their existing data collection procedure was compliant there is no need to re-validate the data.


For data that was not collected in a GDPR compliant way, those customers must be contacted and they must give opt in consent in order to keep their data. Customers who do not give explicit consent have to be removed from the list and this should happen before May 25th 2018 when the regulation comes into effect. 

Collecting Data at Events

An integral part of any exhibitor’s strategy while on the show-floor is to engage with people in a live environment and inevitably follow up with an email. In fact, measuring ROI for participation at live events in the past was usually measured by how many business cards were collected. Once the GDPR regulations come into force, traditional methods of collecting business cards and scanning visitor passes will take a new direction for exhibitors.

Exhibitors must obtain consent to use customer data from business cards for marketing purposes, which can only be done by email contact after the event. While the act of giving a business card is consent to contact, it cannot be documented so there must also be a system in place to document and prove consent whenever data is received.

Any further communication to the owner of the business card must be relevant to why it was originally collected and any further communication must be explicitly consented to.

Transparency Adds Trust

Aside from GDPR creating cleaner data and better events it will also help event organisers to form closer relationships with their clients. Being transparent not only adds trust but gives control of the data back to the customer. All of this gives the customer a sense of security when handing over personal data.

Though becoming GDPR compliant may seem daunting at first, by obtaining explicit consent from the customer for specific marketing purposes, companies will end up with a more targeted approach and the ability to maximise their marketing efforts with a cleaner and leaner database where they are looking to hear from you rather than ignoring you in their inbox! 

Our next blog will explain in more detail how GDPR is a golden opportunity to embark on a modernisation journey and gain a “Single View of the Customer” is and demonstrate how companies can gain a truly holistic view of the customer whilst also being transparent and uncover trends and insights from their data.