A new research study from Eventsforce has found that 90% of event planners are still facing a number of challenges meeting GDPR requirements, one year after the EU data protection law first came into effect.
Though 81% believe they are complying to the new regulation, on-going issues include consent management, running GDPR checks with event suppliers and controlling how third parties are using attendee data.
The findings of the research study are based on responses from over 110 event professionals in the US and the UK and represent corporates, associations, government, PCOs and event management agencies.
“Our research shows that despite the on-going challenges event organisers are still facing around GDPR, the regulation has also brought about a number of positive changes to our industry, especially with regards to event marketing, data management and data security,” said George Sirius, CEO of Eventsforce.
“Events are also starting to promote their data protection credentials a lot more than before in an effort to show attendees that they can be trusted with their most valuable asset – their personal information.”
The research study looked at what impact the legislation has had on the industry over the past 12 months, including the kind of changes organisers have had to make in the way they plan and manage events.
The findings show that 44% of respondents are now sharing a lot less data with stakeholders and suppliers (ex. hotels and venues) and another 41% have implemented more transparent and efficient processes to manage event data.
Data security is another key priority for many organisers with tighter security controls (40%) and new GDPR checks for suppliers and third parties they deal with around events (25%).
Event marketing is another important area where GDPR has made an impact with 36% claiming the legislation has improved the quality and creativity of their communication campaigns.
Other changes include more targeted communications (24%) and better-quality mailing lists (17%). Surprisingly, only 12% have stopped buying mailing lists after GDPR.
The study also investigated the challenges organisers still face in meeting GDPR requirements. Top of the list is the management of attendee consent at 36%, whilst assessing the GDPR compliance of tech providers, event agencies and suppliers is also a problem for 30% of organisers.
Other risk factors include difficulties in controlling what third parties do with attendee data (28%), not having the right processes in place to access or delete personal information (26%) and limited understanding internally of GDPR and the consequences of non-compliance (20%).
Sirius added: “The risk-factors unveiled in the research study show how important it is for organisers to manage their data effectively and deal with event tech systems that can support them with things like tracking consent, deleting personal information and securing access so that attendee data doesn’t end up in the wrong hands.
“Having these processes in place will not only minimise the risk of non-compliance, but also provide an opportunity to show attendees that they’re looking after their information properly. Building this kind of trust is the whole point of GDPR and will be key in deciding which organisations people choose to deal with in the future.”