General Data Protection Regulation
Last Modified: December 17, 2022
Here's what we know about how the General Data Protection Regulation (GDPR) might affect GruupMeet and our users. This article is provided as a resource, but it's not legal advice. We encourage you to speak to legal counsel to learn how the GDPR may affect your organization.
As meeting professionals, it is our job to ensure our customer’s attendees and contacts are valued and treated with respect. GDPR is making that a priority, with a focus on transparency and accountability. Successful meeting planning hinges on communication and collaboration so transparency is key.
What and Who
The GDPR is a European Union (EU) privacy law that affects businesses around the world when it became enforceable on May 25, 2018. It regulates how any organization that is subject to the Regulation treats or uses the personal data of people located in the EU. Personal data is any piece of data that, used alone or with other data, could identify a person. If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you'll need to comply with the GDPR. The GDPR replaces an older directive on data privacy, Directive 95/46/EC, and it introduces a few important changes that may affect GruupMeet users.
From the start, we have aimed to create a B2B software solution based on high-levels of attention and respect to our customer’s data so that we focus on facilitating and supporting more value to customers. We're also in the process of ensuring that each aspect of our software solution is fully GDPR-compliant so that it will make it easier for our users to effectively and efficiently handle their customer's data appropriately.
Review Application Privacy Policy: https://www.gruupmeet.com/privacy.html.
GruupMeet's data processing obligations.
How does GruupMeet secure personal data? Transparent data processing is mandatory, and it's also an opportunity to strengthen your marketing relationships and attendee meeting experiences. Unlike many mobile and event apps, and registration solutions, information and data saved and managed within GruupMeet cannot be accessed without an account login, by way of secure (SSL encrypted) connection. There is no login or app to download that is required for customer’s meeting attendees, so the tool is secure and convenient.
To learn more about GruupMeet’s safekeeping, check out Security. GruupMeet is committed to maintaining the highest level of security to protect personal data as provided by Organizers. In this effort, GruupMeet has implemented numerous security measures and extensive monitoring procedures. GruupMeet's information systems are protected by industry standard firewalls and intrusion detection systems. In addition, regular vulnerability scans are performed, both automatically and manually. You can find out more about the security and privacy measures GruupMeet has implemented in the "Security Policy," available at www.gruupmeet.com/security.html.
What else is GruupMeet doing because of GDPR?
We’ll provide updates and resources as it relates to GDPR and GruupMeet’s customer success. Please do not hesitate to contact us with questions. Please see our Knowledge Base for more information. You may also connect with us by sending an email to [email protected], Attn: Russell Wyman, CEO, or via postal mail:
GruupMeet, Inc.
Attn: Russell Wyman, CEO
9540 Garland Rd
#381-252
Dallas, TX 75218
To view the DPA, click here.
Here's what we know about how the General Data Protection Regulation (GDPR) might affect GruupMeet and our users. This article is provided as a resource, but it's not legal advice. We encourage you to speak to legal counsel to learn how the GDPR may affect your organization.
As meeting professionals, it is our job to ensure our customer’s attendees and contacts are valued and treated with respect. GDPR is making that a priority, with a focus on transparency and accountability. Successful meeting planning hinges on communication and collaboration so transparency is key.
What and Who
The GDPR is a European Union (EU) privacy law that affects businesses around the world when it became enforceable on May 25, 2018. It regulates how any organization that is subject to the Regulation treats or uses the personal data of people located in the EU. Personal data is any piece of data that, used alone or with other data, could identify a person. If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you'll need to comply with the GDPR. The GDPR replaces an older directive on data privacy, Directive 95/46/EC, and it introduces a few important changes that may affect GruupMeet users.
From the start, we have aimed to create a B2B software solution based on high-levels of attention and respect to our customer’s data so that we focus on facilitating and supporting more value to customers. We're also in the process of ensuring that each aspect of our software solution is fully GDPR-compliant so that it will make it easier for our users to effectively and efficiently handle their customer's data appropriately.
Review Application Privacy Policy: https://www.gruupmeet.com/privacy.html.
GruupMeet's data processing obligations.
- GruupMeet as a data controller. Where an Organizer creates an admin planner account with GruupMeet to manage communications and logistics for their events, GruupMeet will be a data controller over the personal data that Organizers provide about themselves as part of their account creation process. In addition, GruupMeet will also be a data controller of www.gruupmeet.com regarding the personal data that GruupMeet obtains while an Organizer or Consumer's use of GruupMeet Services, which GruupMeet may then use to conduct research and analysis, improve our products and features, and provide targeted recommendations.
- GruupMeet as a data processor. GruupMeet will be a data processor over a Consumer's personal data that GruupMeet obtains because of providing its core messaging and logistics services to our Organizers. For example, allowing Organizers to learn more about their attendees during the on-site experience or event services booking process, facilitating the transmission of emails and/or text messages to Consumers at the request of the Organizer or providing event reports and tools so Organizers can gain insights into the effectiveness of various on-site tactics.
- Messaging Tools. We offer the ability for Organizers to email and communicate via 2-way text messages to Consumers directly through our platform. This functionality was built to send service-related communications specific to an Organizer's event attended by the recipient of such message. If an Organizer wants to use this function for marketing purposes, you (the Organizer) needs to secure your own compliant opt-in consents for the sending of marketing emails or messages. GruupMeet does not do this on an Organizer's behalf.
- Data Deletion. In the event an Organizer’s data retention needs require that GruupMeet no longer provide such Organizer with access to the personal data of its former attendees, the Organizer can accomplish this by removing the event from its dashboard. Should the Organizer still need access to the nonpersonal event data, it should first download the event to an Excel file and manipulate that file as it sees fit. You must follow U.S. export and economic sanctions laws. See GruupMeet’s Terms of Service for more information. Should one of your attendees ask you directly to have GruupMeet remove or answer questions regarding that attendee's personal data as related to our system, please forward the request to us at [email protected]. Our support team may reach out to the Consumer directly to confirm the request.
- Data Incident Notifications. In cases where we are a data controller (even if we are both a data processor and a data controller) over data accessed in an unauthorized manner, we will notify the affected Consumer directly rather than the Organizer of each event associated with that Consumer. As a reminder, we are a data controller for all Organizers.
How does GruupMeet secure personal data? Transparent data processing is mandatory, and it's also an opportunity to strengthen your marketing relationships and attendee meeting experiences. Unlike many mobile and event apps, and registration solutions, information and data saved and managed within GruupMeet cannot be accessed without an account login, by way of secure (SSL encrypted) connection. There is no login or app to download that is required for customer’s meeting attendees, so the tool is secure and convenient.
To learn more about GruupMeet’s safekeeping, check out Security. GruupMeet is committed to maintaining the highest level of security to protect personal data as provided by Organizers. In this effort, GruupMeet has implemented numerous security measures and extensive monitoring procedures. GruupMeet's information systems are protected by industry standard firewalls and intrusion detection systems. In addition, regular vulnerability scans are performed, both automatically and manually. You can find out more about the security and privacy measures GruupMeet has implemented in the "Security Policy," available at www.gruupmeet.com/security.html.
What else is GruupMeet doing because of GDPR?
- Accountability and Training. We're revamping our internal data privacy guidelines to make sure they're in line with the GDPR and we're making sure that all our employees are trained on them appropriately. This means that everyone at GruupMeet plays a role in handling personal data in a legitimate and fair way.
- Privacy by Design. We're implementing enhanced guidelines to help ensure that all our systems and tools that collect and store personal data are designed in a privacy-friendly way. By doing this, we can reduce privacy risks at the outset and offer our Organizers and Consumers more control over their information.
- Data Privacy Impact Assessments. We're implementing new internal protocols to make sure that certain activities involving personal data will go through a Privacy Impact Assessment, measuring compliance with the GDPR while also allowing for ease of record keeping. This means we can be confident that new products and services that we offer respect privacy rights and data trust.
- Our Privacy Policy. We recently updated our privacy policy as an additional step towards our commitment to transparency about what we do with personal data provided to GruupMeet.
- Vendors. We've reviewed our vendors and sub-processor contracts to make sure that each meets the new requirements of the GDPR and are compliant with rules on international data transfers. We'll be requiring and expecting more from our vendors and sub processors handling personal data on our behalf.
We’ll provide updates and resources as it relates to GDPR and GruupMeet’s customer success. Please do not hesitate to contact us with questions. Please see our Knowledge Base for more information. You may also connect with us by sending an email to [email protected], Attn: Russell Wyman, CEO, or via postal mail:
GruupMeet, Inc.
Attn: Russell Wyman, CEO
9540 Garland Rd
#381-252
Dallas, TX 75218
To view the DPA, click here.