Simon Clayton: Just how long are you allowed to keep that data?

Simon ClaytonReftechTech blogData retention+-
Laptop-stock-new-resized.jpg

Simon Clayton, chief ideas officer at RefTech, on how long data can be kept, what can be kept and how to determine what’s safe to retain.

 

Two of the core principles of European data protection law, under both the old and new regimes, are that the data you collect must be relevant to the ways you are using it and that it must not be retained for longer than is necessary. Exhibition organisers should consider these two standards together.

 

Because every exhibition’s circumstances are different, there is no set rule on the length of data retention. Some data is only relevant for the duration of your exhibition, but other data may be relevant for years – if you can properly justify it as such. It is important for you to have a clear and considered policy and a rationale to defend the terms of that policy. You can, however, devise an acceptable policy by asking these questions about your data:

 

  1. Why do we need this data?
  2. How much will it cost us to keep this data?
  3. What value might it have in future?
  4. What risks are there in keeping it?

 

Under the GDPR (General Data Protection Regulation) you will need to explain your data retention rationale in your privacy notices and terms and conditions. It is not enough to simply guess what a good data retention policy, or its length, should be. You have to prove that you have created a valid policy through the appropriate evaluation process.

 

Organisers wishing to retain data for future use should remove sensitive personal data - information pertaining to health, disability, ethnicity, or religion - from those records. For example, you may retain the contact data for this year’s visitors in order to invite them back next year. However, you should not retain data such as requests for a kosher meal, a wheelchair ramp, or a prayer room, as associating these requests with individuals is retaining sensitive personal data.

 

The retained data must be also be used solely for its original intended purpose. For example, the list of attendees should not be sold to third parties after the exhibition if this was not explicitly consented to at the time of registration.

 

You should also consider where your data is kept. Leaving data on the internet is far less secure than storing it on an internal server that is properly protected and secured. But even then, don’t be complacent; only last week, it was reported that a data breach at large UK software company Sage may have compromised personal information for employees at 280 UK businesses. The breech is thought to be as a result of an “unauthorised access" of data held on an internal server by someone using an "internal" company computer login.

 

What should you do with data concerning a Code of Conduct violation at an exhibition? Unless litigation ensues, the identifying details of both the victim and the perpetrator should be deleted after a reasonable period of time. For example, it is acceptable for the organisers of an industry exhibition to maintain a secure list of individuals banned from future exhibitions for unacceptable behaviour at previous events, but it is not acceptable for the details about those incidents, or who they were directed against, to be retained with that list.

 

Following the deletion of personal data, an account of the incident, anonymised to persons X and Y, can be retained securely and indefinitely for the purposes of institutional memory.

 

For more information and advice on data protection within the events industry, download our free white paper:

 

www.eventreference.com/promo-www/datasafety/download.php

Simon Clayton
Posted by Simon Clayton
PopularComments
Twitter Facebook Google+ LinkedIn

Related Stories

Others on EN

Opportunity knocks

Opportunity knocks

Paul Byrom, AEO chairman and MD at Upper Street Events on the formation and goals of the new AEO Development Board
The height of safe practice

The height of safe practice

Andrew Harrison, ESSA director on continuing to build a robust, safety-first, working culture in events and exhibitions.
All part of the plan

All part of the plan

Kevin Horler, project director of Vividfish Ltd, on the importance of creating an inbound marketing strategy for your next exhibition.

WATCH THE EN AWARDS 2016 HIGHLIGHTS


silverstream.tv

Most Read Stories

Lourda Derry: Making the connection

Lourda Derry: Making the connection

Lourda Derry, director of Easyfairs UK addresses the science behind operations and the profile of our audiences.
Steve Monnington: The Dealmaker in March

Steve Monnington: The Dealmaker in March

Steve Monnington of Mayfield Media Strategies, runs the rule over the latest global exhibition deals.
Helen Lowe: Marketing déjà vu

Helen Lowe: Marketing déjà vu

Helen Lowe, events and marketing manager at Europa International, talks about the importance of keeping up with the creativity amidst the chaos.

Latest News

Fast Forward 15 launches 2017 mentoring programme

Fast Forward 15 launches 2017 mentoring programme

Fast Forward 15, the programme which aims to champion women working in events and hospitality, is looking for talented event profs to be mentors in 2017.
Tarsus Group acquires Connect Meetings

Tarsus Group acquires Connect Meetings

B2B media group Tarsus Group has acquired 80 per cent of the share capital of US business travel and meetings event organiser Connect Meetings.
AEO launches Development Board

AEO launches Development Board

The Association of Event Organisers (AEO) has announced the formation of a Development Board, with the aim of ensuring that the AEO delivers value to all members.

Latest Features

The big picture

The big picture

Imagine you could find all the photos taken at your event...well now you can, says Gaggletag founder Gideon Summerfield.
The talent of a nation

The talent of a nation

Following the launch of Connect16 this year, EN catches up with founder Nicola McGrane on experiencing the essence of Ireland.
EN30/30 Breakfast Club in November

EN30/30 Breakfast Club in November

Tasting the delicacies of ExCeL London’s River Cottage, members of the EN30 gather to discuss recruitment, working from home and the potential death of email.

Latest Galleries

ESSA 2016 Conference of Things

ESSA 2016 Conference of Things

This year’s ESSA Conference achieved a record attendance of delegates from across the events supplier industry, representing over 100 companies at Ricoh Arena, on 24 November.
The Prosthetics Event 2016

The Prosthetics Event 2016

Exhibition, education and shopping show The Prosthetics Event, returned to Conference Aston in Birmingham for the third consecutive year on 19 November.
World Travel Market London 2016

World Travel Market London 2016

World Travel Market (WTM) London 2016, which took place on 7-9 November at ExCeL London, celebrated its most successful show yet with a joint record attendance of 51,500.