Online events, also known as virtual events, are the event format of the moment. Webinars, online seminars and after-work parties in online format have been booming since Corona made face-to-face meetings impossible. If the Corona regulations do allow it, hybrid events can also be held. In this event format, both guests at the venue and virtual visitors are present.
Above all, the aspect of interactivity is emphasized here and entertains the guests - present in analogue or digital form. With both event formats - online events and hybrid events - data protection must be considered from the outset to ensure that the events are safe (and) successful.
At the moment, many people are missing the chance to meet in person. However, online events do have their appeal: important meetings no longer have to be day-long events because there is no need to travel to and from the event. Event planners have also been quick to adapt and focus on virtual events. A study of event professionals conducted by Global Meeting Industry Day in mid-2020 clearly showed how much potential there is in digital formats: more than 60% of event organizers said they wanted to hold more hybrid events, even after Corona. Even international trade fairs are now being held online or in hybrid formats.
However, it is important to plan such formats well, not only for organizational reasons, but also to take data protection into account right from the start. The Internet forgets nothing - unfortunately, this applies not only to embarrassing videos, but also to possible data leaks that can quickly occur due to organizationally faulty preparation for online events. So smart planning in advance is a must here. We give you an overview of the absolute basic steps of every online event - whether purely virtual or hybrid.
Virtual events offer many advantages - from reach and increased interaction to optimal evaluation of the data obtained. However, systematic preparation is required to ensure that the data required and collected is secure and can also be used on the marketing side afterwards. The most important points to remember here are:
According to Art. 5 GDPR, one of the most important basic principles of the GDPR is the so-called data economy. This states that only those data may be collected that it really needs. Especially when collecting subscriber data, for example via contact form, you should keep this in mind. For example, it is usually irrelevant where the participants live. Basically, you don't even need a name - an e-mail address and possibly the company name are already sufficient for registration.
Personal data is collected during registration. These must be protected (principles of integrity and confidentiality according to Art. 5 DSGVO), which is why sufficient encryption of the website and data transmission is mandatory. Always follow the current standards here.
The event stands and falls with the video conferencing tool or online event tool used. Here it is essential to look for a tool that not only meets the technical requirements (such as the unlimited number of participants or streaming without a time limit), but above all also the data protection requirements. Here it is important to check whether personal data is processed via the tool (the answer is yes in 99% of cases, because the participants usually register by name / cell phone number or e-mail address and are present in image and / or sound) and where this data is stored or processed. As a rule, you need an order processing contract with the provider of the tool. If it is a non-European tool that also processes the data outside the EU, remember that the EU-U.S. Privacy Shield has been overturned and you must therefore agree additional contractual provisions with the tool provider.
In order to protect the interested parties from unwanted information, the use of data for further advertising purposes generally requires consent pursuant to Art. 6 (1) a) DSGVO and § 7 (2) and (3) UWGIn this case, a confirmation email must be sent after registration, which contains a confirmation link. Only when this link is confirmed is the data processing for advertising purposes lawful. Important: If interested parties register for the digital event but do not perform a double opt-in, the e-mail address may not be used for further advertising (see also Section 7 (2) Nos. 2 and 3 UWG).
Before, during and after the event, the data of the participants must be protected as best as possible by you as the person responsible. This means, for example, that no list of participants may be published unless they have given their express consent, that the names of those present may not be shown online unless they request it, or that no images or sound recordings may be made unless consent has been given in advance. In addition, you also need a concrete concept of how to proceed internally if a data protection breach occurs.
The latest developments in the event industry!
We keep you up to date with the latest developments in digital and analogue event trends. Register now and receive the 2022 State of Event Management Report!
These are the basic points that need to be taken into account for a digital event - whether hybrid or purely virtual. This checklist on the subject of data privacy at events provides you with further important points. If you have any doubts about a data protection measure to be taken, be sure to clarify them with your data protection officer, because the Internet is rarely forgiving of mistakes and the number of DSGVO fines rose rapidly in 2020 - despite Corona. Or precisely because of it.
Virtual event: This does not have to be a boring webinar or a pixelated conference livestream. With a few good ideas and the right tools, it can become an event with real added value that will inspire your participants.
Hardly any other EU regulation has affected German and European companies as profoundly as the GDPR. Whether a company or a start-up, organisations have been obliged to implement the rules for the protection of personal data since 25th May 2018."…"