At streamGo we are very aware that we, along with our clients, are capturing and processing a lot of Personally Identifiable Information as part of our webinar and webcast registrations, so we thought it would be important to share with you our approach to the upcoming changes in legislation, which will impact on how customer data can be captured and managed. We will continue to update this information as new insight is provided into how the GDPR legislation will be interpreted and applied.

Under GDPR, individuals have the right to:
1)The right to access– Individuals have the right to request access to their data at any time and ask how their information is being used.
2) The right to object– Individuals have the right to object to their data being collected. Any processing of data must cease as soon as a request is received.
3) The right to be informed – Individuals must be informed of any data collection. Consumers will have to opt-in and give consent in order for data to be stored and collected.
4) The right to have information corrected– Individuals have the right to update or correct information is out of date or incomplete.
5) The right to data portability– Individuals have the right to transfer their data from one service provider to another.
6) The right to restrict processing– Individuals can request the restriction of data processing. Their record can remain in place but not be used.
7) The right to be notified– Individuals have the right to be notified within 72 hours if there has been a data breach.
8) The right to be forgotten –Individuals can withdraw their consent from a company at any time. All data must be deleted.

That’s a lot of new rights, right?!

Change of legislation on this scale can be daunting and certainly we take our new responsibilities as a Data Processor seriously, which is why we will be working closely with each client, new and existing, to ensure that our webcasts and webinars are capturing and handling data in a compliant manner. For each business, this will mean something a bit different – understanding the impact of the new GDPR can be complex.

Here are some simple steps to get you started:

1) Awareness: Develop a strong company-wide awareness of the legislation. Help your colleagues understand how the new regulation challenges will affect your business and systems.

2) Resources: Create a list of the new resources that will be needed to transform how your company handles Personal Data.

3) Data Protection Officers: Appoint a Chief Data Officer to drive the data internally and assess the data protection requirements.

4) The information you hold: Audit and review the existing systems, procedures and contracts with suppliers.

5)Procedure: Finally assess privacy notices and current procedures and make sure you have the right procedures in place.

6) Seek Legal advice: Seeking professional legal advice will ensure all your new changes are compliant.

We are ready

While this all sounds quite challenging, rest assured that in reality, there won’t need to be sweeping changes to the way we manage your webcasts and webinars. We’ll be working alongside our clients to gather, manage and process registration data in a way which is GDPR compliant:

We will be able to create registration pages which allow us to evidence the receipt of consent to receive our emails, and/or your wider marketing material.
We won’t be automatically opting customers in.
We will retain data in a secure way.
We won’t share it with any third parties.
We will enable our clients to delete or amend their customer data as necessary.