The EU General Data Protection Regulation – What compliance means for Yapsody?

By April 20, 2018Policies
GDPR

Overview

May 25, 2018 will bring about a mandatory enforcement of the General Data Protection Regulation or GDPR, as directed by the European Union (EU). This new regulation will succeed the existing EU Data Protection Directive of 1995 and will secure a paradigm shift in how organizations will collect, store, process, and protect the personal data of European citizens.

Scope

The realm of the GDPR will extend far and wide. It applies to every business that organizes events in the EU as well as any company that collects data of EU residents/citizens – irrespective of whether the event is held in the EU.

The data collection channels are many for the events industry – from registration systems that capture sensitive personal data viz. attendee name, contact details, credit card information, dietary preferences, physical disabilities, IP addresses etc. to surveys, lead capture tools, social media, and mobile apps that tracks your exact location. Consequently, both Yapsody and event planners, will come under the realm of and must abide by the GDPR – failing which one has to cough up a fine to the tune of €20m or 4% of annual turnover, whichever is higher.

Benefits of the GDPR

Authorization Consolidation Security
Empowers data subject’s right to protect their personal data Unifies information that is present in silos or stored in inconsistent formats Enhance cyber security policies to bolster the protection of event and stakeholder data

While being dedicated to safeguard our data subject’s personal information, Yapsody is committed to support all its stakeholders to understand the requirements and action plan to become GDPR-compliant.

A harbinger of change

The GDPR will herald several changes for both event attendees and organizers. At Yapsody, we strive to be that binding force – that strictly adheres to the recommended standards and frameworks laid down by the regulation – capable of providing you with an efficient, scalable, and robust cloud ecosystem for the safe processing of both yours and your customer’s data.

Let’s look at the primary mandates of GDPR and how Yapsody complies with those.

Event attendees will have the right to Event presenters will have to demonstrate that How Yapsody helps with GDPR compliance?
Access and ask for their data to be updated or deleted at no extra cost They are keeping personal data safe, up to date, and accessible as per user request Yapsody performs regular scan of its IT assets to ensure integrity and uninterrupted availability of personal data.

We also audit our applications on a regular basis to ensure that erroneous and obsolete data is wiped out. 

Understand how their data is being used They process personal data only in an appropriate and permitted way At Yapsody, we have a comprehensive identity and access management (IAM) ecosystem in place that enables only the authorized individuals from our team to access the right resources for the right reasons, and at the right time.
Stop or restrict their data process They can respond within 72 hours in case of a data breach Yapsody uses real-time alert applications to detect and prevent any data breach or attacks in our network and cloud ecosystem.

With forensic analysis capability available with these applications, we can determine the source of breach and contain any damage within 72 hours of occurrence.

Getting GDPR ready with Yapsody

The GDPR is just a month away. As your events partner we want to make your event planning and management process as seamless as possible, so that you can focus on running your business and not worry about data security. Read our GDPR Addendum page to understand in detail about how we collect, store, process, and delete your events data securely. For more clarification about GDPR in context with Yapsody, you can write to us at gdpr@yapsody.com.

 

Yapsody

Author Yapsody

More posts by Yapsody