In May 2018, the new General Data Protection Regulation (GDPR) takes over from the Data Protection Act 1998 and the updated requirements will impact on anyone who sells tickets for an event. Data Protection is no longer just about who you can send a marketing email to and whether you can share customer contact details with a third party.
Anyone who sells tickets for an event and collects customer contact details (known as personal data) will have obligations under the GDPR as a Data Controller and will be required to safeguard their customer data. As a result, all event organisers will need to undertake some work to ensure their compliance.
Many of the GDPR’s requirements are much the same as the those under the old Data Protection Act. However, there are several new requirements and enhancements that you will need to consider. GDPR is all about how you use and safeguard your customers’ personal data so it is important that you understand what data you hold, how you store it, why you store it, what you do with it and who you share it with. Most importantly, make sure this information is documented to demonstrate your compliance. The fines for non-compliance and data breaches have risen significantly so it’s important that you understand your obligations.
Although you are using the TicketSource platform to sell tickets to your events, you retain full control of your customers’ personal data (personal data being anything that identifies a customer such as their name, address, email, phone number) and therefore the event organiser is the Data Controller. You have contracted TicketSource to process your customer bookings, and therefore TicketSource is the Data Processor.
To assist event organisers in meeting their compliance with GDPR, we have launched a range of new features. All new features have a knowledgebase article to help provide further detail.
GDPR system features:
Should you have any questions regarding your use of TicketSource and GDPR, please contact our support team by email at email@example.com