The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The regulation became effective and enforceable on the 25th May 2018.

eventplus does not store any personal data in the European Union and the majority of users of our services are not EU Citizens, however we support the intention of the regulation to improve data protection for individuals and recognise that the regulation may be in effect for our EU based users.

Data protection is an ongoing process and we are committed to continual review and improvement of our processes and services. Here are some of the steps we are currently undertaking:

• Assess areas of our business affected by the GDPR  Complete
• Update our privacy policy to reflect GDPR defined rights and responsibilities  Complete
• Include GDPR compliance as part of our service development process  Complete
• Setup a data protection officer contact point at dpo@eventplus.net  Complete
• Create internal procedures for handling GDPR requests  In Progress
• Record privacy consent for new policy versions or signups  In Progress
• Provide automatic 'see your information' download  Scheduled
• Update management systems to hide personal info by default  Scheduled
• Investigate encrypting data at rest by default  Scheduled

We encourage you to read our updated privacy policy

If you have any questions or requests relating to the GDPR, data privacy or data protection please contact us at dpo@eventplus.net