Hi all,
I'm in need of a sanity check as my head is now in a spin. As part of our professional body we organise various events often using universities and colleges for venues. As part of this we collect registration via our own website, making us the data controller. Often the venues we use require the names of those attending to be provided for security purposes (reception sign-in sheets) and delegate badges. Given the broad definition of data processing under the GDPR are Data Processing Agreements required when working with other venues to permit them to handle the personal data of our delegates or can this be covered in the terms and conditions of the event?
Any input is much appreciated.
Kind regards,
Martin
-- Martin Hawksey Chief Innovation, Community and Technology Officer
Association for Learning Technology (ALT)
Registered Charity Number 1160039
All archives of messages are stored permanently and are
available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html and are sent in the body of an otherwise blank email to [log in to unmask]
Any queries about sending or receiving messages please send to the list owner [log in to unmask]
(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)
