Data Privacy Requirements - One Pager With the General Data Protection Regulation (GDPR) coming into effect on 25 May 2018, there are certain things you need to know when collecting attendee data that will help you meet your GDPR obligations. As an event organiser, we want to help you understand what GDPR means for your business and how we can help you ensure that you can properly serve your attendees and your business under the new law. Eventbrite takes data privacy and security very seriously. We take steps to make sure that we comply with our data privacy law obligations in the EU and the GDPR and to make it easy for our organisers to comply with their obligations. Consent You must clearly define the reasons for capturing, processing and storing data relating to your event attendees. Usually, when asking for attendee data, you must also ask for consent from the attendee to use that data. When collecting such data, you must also be transparent about how you intend to use it. Our products and systems ensure that you can easily capture the required consent when asking for data from your attendees and tell them how it is being used. Data Storage and Security Eventbrite safely transfers personal data from around the globe to our US-based servers. Eventbrite is certified under the EU-US Privacy Shield Framework which means that we comply with a heightened standard when handling personal data transferred to the US from the European Union. Data and The Right To Be Forgotten We help you to only process as much personal data as you need and keep personal data accurate, complete and up to date. We ensure that your attendees have the right to access, modify or erase their personal data, or object to it being used for certain purposes. If an attendee requests that their data be erased, let us know and we will execute on behalf of our organisers. Our Integrations: We have over 100 integrations on our Spectrum platform. Our API Terms of Use include a data processing addendum for all of our spectrum partners that process data with their integrations. We require all of our API integration partners to apply the same protective obligations as those to which we apply ourselves. At Eventbrite, we have a focus on security and data management and can satisfy the GDPR criteria. If you are concerned that you are not currently meeting GDPR requirements and would like to speak to Eventbrite about your event management solutions please contact us. The content of this page is provided for informational purposes only and to help event organisers understand the GDPR but should not be used in place of legal advice.

For more information, visit our Legal Terms pages.