When the EU’s General Data Protection Regulation (GDPR) came into effect on May 25th, 2018, it changed the way people could collect attendees’ data. This post will help you understand your GDPR obligations when hosting your event.

As an event organiser, we want to help you understand what GDPR means for your business, and how we can help you ensure you can properly serve your attendees and your business under this regulation.

Eventbrite takes data privacy and security very seriously. We take steps to make sure that we comply with our data privacy law obligations in the EU and the General Data Protection Regulation (GDPR), and make it easy for our organisers to comply with their obligations.

  1. Consent

  • You must clearly define the reasons for capturing, processing and storing data for your event attendees.
  • When asking for attendee data you most often must also ask for consent to use that data how you say you will. You must also be transparent about how you will use this data.
  • Our products and systems ensure that you can easily capture the required consent when asking for data from your attendees and tell them how it is being used.
  1. Data storage and security

  • Eventbrite safety transfers personal data from around the globe to our US based servers.
  • Eventbrite is certified with the EU-US Privacy Shield Framework which means that we comply with a heightened standard when handling Personal Data transferred to the US from the European Union.
  1. The right to be forgotten

  • We help you to only process as much personal data as you need, keep personal data accurate, complete and up to date.
  • We ensure that your attendees have the right to access, modify or erase their personal data, or object to it being used for certain purposes.
  • If a customer requests that their data be deleted, let us know and we will execute on behalf of our organisers.

Our Integrations: We have over 100 integrations on our Spectrum platform. Our API Terms of Use include a data processing addendum for all of our spectrum partners that process data with their integrations. We require all of our API integration partners to apply the same protective obligations to which we hold ourselves.

At Eventbrite, we have a focus on security and data management and can satisfy the GDPR criteria. If you are concerned that you are not currently meeting GDPR requirements, visit https://www.eventbrite.co.uk/l/legalterms/, call us on 0800 652 4993 or contact an events expert.

Note: the content on this page is provided for informational purposes only and to help event organisations understand the GDPR and should not be used in place of legal counsel.


For more information, visit our Legal Terms pages.

  • Was this article helpful?
  • yesno