Bulletin 5: Data Privacy and Event Registration
IEEE Technical Activities Bulletin #5
Topic: Data Privacy and Event Registration
Bulletin Type: Action
Audience: Conference Sponsors and Event Organizers
Version 6 - July 2021
To comply with the recent data privacy regulations, including the European Union’s General Data Protection Regulation (GDPR), IEEE should provide the ability to store, access, and erase personal data and remove consent if previously obtained. For example, IEEE must be able to prove what, when, and how consent was given in an event registration system.
This applies to all types of events that are delivered by IEEE communities that capture attendee information. Some examples of the types of events include, but are not limited to:
- Award Ceremonies
- Trade shows
- Virtual events
What do I need to keep in mind to comply with data privacy regulations regarding event registration?
As an event organizer, you need to look at how data is collected, how consent is stored, and how to incorporate data security into the event planning and management processes.
How can event organizers obtain attendee consent?
The following checklist should be used to ensure you’re following the guidelines for managing consent under data privacy regulations:
- Unbundled: Consent questions must be separate from other specific conference policies.
- Active Opt-In: Pre-checked boxes are no longer valid.
- Specific: Provide options to allow individuals to consent to specific activities, communications, or processes, e.g. call for papers, call for reviewers, registration, conference details.
- Keep Records: Maintain records of consent, how they gave consent, and when.
What do I need to incorporate into the registration process?
Where should these questions be placed during the registration process?
As a rule of thumb, place these questions on a stand-alone page allowing the attendee to focus on these questions as well as ensure they are not lost during the registration process. If possible, place them before the registrant enters any personally identifiable information.
How can I learn more?
The latest information on GDPR and other data privacy regulations can be found on the Technical Activities Data Privacy Resource Page or the IEEE Data Privacy page. Or, send an email to email@example.com.
Please share this information with additional volunteers, contractors, temporary employees, interns, and consultants as needed.