On 25 May 2018, the General Data Protection Regulation (GDPR) came into force. By using Konfeo to organize events, you are the Personal Data Administrator (PDA) of your participants and, under the new regulations, you are responsible for proper data protection. The interpretation of regulations will evolve over time, nevertheless today everyone must adapt to them as best they can.
Konfeo is 100% GDPR ready… and more
We have been working for several months to adapt Konfeo to GDPR in legal and system terms. We focused on equipping the system, and thus the organizers of events, with tools that allow us to act in accordance with the new regulations.
We realize that not everyone has heard about the GDPR or was thinking about the consequences of the new regulations. The following regulations concern basically two issues: the relationship between you (the Organizer) and Konfeo and between you (the Organizer) and the participants of the events. In both of these areas we have prepared a set of changes, because we want you to be able to run your business safely and in accordance with the new regulations.
Organizer <=> Konfeo
Data Processing Agreement (DPA)
The GDPR regulations require you to sign a contract to entrust personal data with each entity to which you entrust such data. Although you don’t transfer the participants’ data to Konfeo yourself (participants do it themselves through the registration form), but if it weren’t for your event, their data wouldn’t be stored in our system. Therefore, for your safety, generate and save the DPA available on your Organization’s profile:
Changes in the system
Since the beginning of the year, we have been working on updating the system to the latest versions of the software. Although it is invisible from your point of view, it is extremely important in the process of ensuring the security of information transfer and personal data protection. Today we can say that Konfeo is a highly secure registration system.
Organizer <=> Participant
Remember that the Personal Data Administrator (PDA) of the participants in your events is you. Therefore, it is your responsibility to apply appropriate solutions in the registration process of participants. It sounds scary, but don’t worry too much – we won’t leave you alone with this issue.
Bearing in mind the security of your business, we have prepared a systemic solution for you that will ensure compliance of registration forms with upcoming regulations on the protection of personal data. The choice is yours – you can use our solution or turn it off at any time. The checkboxes in the registration forms look like this:
The Personal Data Administrator of a participant registering for the event is …
You have the right to access your personal data and the right to rectify, delete or limit data processing, the right to object to the processing, and the right to data transfer. In addition, you have the right to lodge a complaint to the President of the Personal Data Protection Office when the processing of personal data violates the law. You can find all information regarding the processing of your data by the event organizer in the [information clause].
By default, the above checkbox and information will appear in all of your events. If you have your own solutions regarding the information obligation and processing personal data then you can turn off our system solution at any time.
However, do it only if you know what you are doing – go to Organization’s profile in the administration panel, and untick the following checkbox:
The right to change, delete and stop processing personal data
The procedures required by the GDPR are available here. They show how to apply the right of participants to change, delete, transfer and limit the processing of personal data in Konfeo.