What is GDPR?
The GDPR legislation is a set of rules on data handling and processing for the digital age. It's aimed at enhancing the protection of EU citizens' personal data, and increasing the obligations of organisations to deal with that data in transparent and secure ways.
The GDPR is an EU law that determines how any organisation must treat the personal data of any EU citizen. It applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens. It doesn't matter where your business is based — if you're dealing with customers in the UK and the EU, you need to ensure compliance with these regulations.What about PECR?
The Privacy and Electronic Communications Regulations
(PECR) sit alongside the Data Protection Act and the GDPR. They give people specific privacy rights in relation to electronic communications. There are specific rules on:
How GDPR & PECR will affect the events and trade show industries?
- Marketing calls, emails, texts and faxes;
- Cookies (and similar technologies);
- Keeping communications services secure; and
- Customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.
In the events industry, a huge amount of personal data is collected and processed in various ways. Everyone involved with the events industries is likely to feel the effects of the GDPR – from event organisers to attendees.
To clarify, we're going to focus our comments here on how event exhibitors will be affected by the new regulations.
For the majority of event and trade show exhibitors, their primary goal is to capture leads by collecting contact details of event attendees. GDPR & PECR will have a profound impact on the way businesses can capture, process and follow-up with leads during and after an event. For event lead capture, there are two major considerations for gathering data in a way that complies with both the GDPR & PECR:
- Consent — attendees need to give clear, unambiguous and informed consent for you to contact them. This needs to be opt-in, rather than opt-out.
- Purpose — exhibitors need to provide clear information to attendees about why they need this data, what it will be used for, and how long they will store it for. It's no longer enough to say "we'll use your data for marketing purposes"; you need to be specific.
One thing it's important to note is that the GDPR has a wide definition of personal data – as an example, business email addresses and phone numbers are also covered under this legislation. What is FlippingBook Limited doing to comply with the GDPR?
At FlippingBook Limited, our entire organisation is hard at work ensuring that our own practices are GDPR compliant. We have spent a lot of time consulting with legal experts about GDPR and how to handle data in a compliant way. To ensure we're ready as an organisation, we have done the following:
How using FlippingBook Limited will help our customers comply with GDPR when collecting leads at events
- As a Leadership team, created an internal strategy for GDPR compliance
- Appointed a designated contact for privacy matters with a dedicated email address: firstname.lastname@example.org
- Communicated with our entire organisation the responsibilities and requirements of GDPR
- Conducted a thorough internal audit of all aspects impacted by the GDPR of both the FlippingBook Salespal platform and systems we use for processing customer data
- Established clear guidelines between FlippingBook Limited and our sub-processors
- Documented all types of personal information we hold, the source of that information, how it is stored and for how long
- Implemented changes to several internal processes around sales and marketing activity
It's important to us that we help our customers understand what GDPR means for their businesses and build compliant lead capture processes of their own. This means we've put a lot of work into ensuring that the FlippingBook Salespal Lead Capture solution sets you up to comply with the GDPR when capturing leads at events.
FlippingBook Salespal' solution operates in a way which naturally helps you work towards being compliant with the requirements of GDPR (and in turn, PECR). Of course, there are no silver bullets to compliance, but we can help you ease the load for a significant part of that journey.
Different organisations use event lead capture forms in different ways, and as a result customise the forms to suit their own business requirements and privacy assessments. It's important that you double-check your forms to ensure you are asking the right questions, securing consent, and providing the right information to comply with the GDPR. Features in the FlippingBook Salespal app and dashboard that will help you comply with GDPR include:
FlippingBook Limited's commitment to helping our customers with GDPR
- The ability to add the URL with your own privacy statement & terms and conditions in the admin panel. So the leads can view the pop-out window with your own privacy statement & terms and conditions, before submitting their details in the FlippingBook Salespal app. This means you can provide specific information about what you are gathering attendees' details for, and what they will be used for in the future.
- The ability to gather specific opt-in consent during the lead capture process by checking the specific checkbox in the form.
- Lead data captured through the FlippingBook Salespal app is automatically associated with a specific event, date and time-stamped together with a record of who in your business collected the information, so for audit purposes you know exactly when, where and by who that lead was captured.
We are fully committed to developing the FlippingBook Salespal Lead Capture solution to make it easy for event and trade show exhibitors to comply with GDPR when collecting leads at events. We are working closely with our customers to help them adopt event lead capture best practice, and help them maintain compliance with GDPR.