Simon Clayton: Just how long are you allowed to keep that data?

Simon ClaytonReftechTech blogData retention+-
Laptop-stock-new-resized.jpg

Simon Clayton, chief ideas officer at RefTech, on how long data can be kept, what can be kept and how to determine what’s safe to retain.

 

Two of the core principles of European data protection law, under both the old and new regimes, are that the data you collect must be relevant to the ways you are using it and that it must not be retained for longer than is necessary. Exhibition organisers should consider these two standards together.

 

Because every exhibition’s circumstances are different, there is no set rule on the length of data retention. Some data is only relevant for the duration of your exhibition, but other data may be relevant for years – if you can properly justify it as such. It is important for you to have a clear and considered policy and a rationale to defend the terms of that policy. You can, however, devise an acceptable policy by asking these questions about your data:

 

  1. Why do we need this data?
  2. How much will it cost us to keep this data?
  3. What value might it have in future?
  4. What risks are there in keeping it?

 

Under the GDPR (General Data Protection Regulation) you will need to explain your data retention rationale in your privacy notices and terms and conditions. It is not enough to simply guess what a good data retention policy, or its length, should be. You have to prove that you have created a valid policy through the appropriate evaluation process.

 

Organisers wishing to retain data for future use should remove sensitive personal data - information pertaining to health, disability, ethnicity, or religion - from those records. For example, you may retain the contact data for this year’s visitors in order to invite them back next year. However, you should not retain data such as requests for a kosher meal, a wheelchair ramp, or a prayer room, as associating these requests with individuals is retaining sensitive personal data.

 

The retained data must be also be used solely for its original intended purpose. For example, the list of attendees should not be sold to third parties after the exhibition if this was not explicitly consented to at the time of registration.

 

You should also consider where your data is kept. Leaving data on the internet is far less secure than storing it on an internal server that is properly protected and secured. But even then, don’t be complacent; only last week, it was reported that a data breach at large UK software company Sage may have compromised personal information for employees at 280 UK businesses. The breech is thought to be as a result of an “unauthorised access" of data held on an internal server by someone using an "internal" company computer login.

 

What should you do with data concerning a Code of Conduct violation at an exhibition? Unless litigation ensues, the identifying details of both the victim and the perpetrator should be deleted after a reasonable period of time. For example, it is acceptable for the organisers of an industry exhibition to maintain a secure list of individuals banned from future exhibitions for unacceptable behaviour at previous events, but it is not acceptable for the details about those incidents, or who they were directed against, to be retained with that list.

 

Following the deletion of personal data, an account of the incident, anonymised to persons X and Y, can be retained securely and indefinitely for the purposes of institutional memory.

 

For more information and advice on data protection within the events industry, download our free white paper:

 

www.eventreference.com/promo-www/datasafety/download.php

Simon Clayton
Posted by Simon Clayton
PopularComments
Twitter Facebook Google+ LinkedIn

Related Stories

Media 10 summer party gives back to the community

On 30 June, local pensioners were invited to a morning of live entertainment and high tea put on by Media10, with a fundraising initiative supporting charity War Child and a rare Spitfire performance.

Comexsposium to acquire organiser MFV

Comexposium Group has announced its entry into an agreement to acquire the group MFV, organiser of The Franchise Show in London.

Fashion SVP portfolio expands with new launches

Fashion sourcing event Fashion SVP, currently held at Olympia, is being extended with a series of new initiatives and launches, taking it further into international markets.

Others on EN

In any event...

In any event...

In his regular column, David Chalmers, Cvent ’s senior marketing director – Europe, speculates on the fate of the large trade show.
Ticking all the boxes

Ticking all the boxes

Paul Edwards, operations director at deckle edge, examines the minefield that is health and safety.
Getting social

Getting social

Michael Gietzen, MD of Identity Group, runs through the social media marketing tools available to event profs.

Poken by GES

Most Read Stories

Fit for the 21st century

Fit for the 21st century

Andrew Harrison, ESSA director, says we should always fight to bring talent into the industry and encourage an appetite for success.
I'm a believer

I'm a believer

Sam Cande, group commercial director at Centaur Media, says no secret sales technique can compete with belief in a product.
Lourda Derry: Making the connection

Lourda Derry: Making the connection

Lourda Derry, director of Easyfairs UK addresses the science behind operations and the profile of our audiences.

Latest News

UFI and Explori sign three-year partnership

UFI and Explori sign three-year partnership

UFI, the Global Association of the Exhibition Industry, has signed a three-year research partnership deal with London based insight specialists, Explori.
Media 10 summer party gives back to the community

Media 10 summer party gives back to the community

On 30 June, local pensioners were invited to a morning of live entertainment and high tea put on by Media10, with a fundraising initiative supporting charity War Child and a rare Spitfire performance.
Major new event campus coming to Newcastle Gateshead

Major new event campus coming to Newcastle Gateshead

A new multi million pound, state-of-the-art entertainment arena, and conference and exhibition centre is set for the North East, as plans by Gateshead Council push forward.

Latest Features

On the road

On the road

Ed Vickery head of drpexhibition, discusses driveable, portable, and innovative exhibitions.
Standing out from the crowd

Standing out from the crowd

EN meets the industry’s stand designers, who are helping change the face of exhibitions around the globe.
Child's play

Child's play

Age restrictions, buggy parks and guerrilla marketing – meet the event profs conquering the children’s market.

Latest Galleries

East of England Arena and Events Centre open day

East of England Arena and Events Centre open day

Following a refurbishment, rebrand and £4.4m investment, the East of England Arena and Events centre opened to event professionals on 21 June to explains developments at the venue and provide an insight into future plans. Guests were also treated to a once in a lifetime experience in various classic cars and more unusual vehicles.
London Dungeon Lates

London Dungeon Lates

The London Dungeons has launched a unique nighttime experience with the theme of the seven deadly sins. The adults only tour includes seven themed food offerings and a range of themed drinks.
This Morning Live

This Morning Live

Tens of thousands of fans descended on the NEC on 18-21 May for This Morning Live, to see talent from ITVs award-winning daytime programme arrive in style.