The General Data Protection Regulation (GDPR) represents a crucial milestone in safeguarding personal data. It is essential to remember that this encompasses all information that can identify you, whether directly or indirectly. These data are no longer limited to traditional elements like first and last names but also include specific details such as your diet, hair color, height, and much more.
In this article, we will explore how Eventdrive implements the GDPR to ensure the protection of your personal data.
Eventdrive ensures transparency in data storage
Eventdrive is committed to being transparent about data storage. As a platform dedicated to events, we collect personal data in our databases. A crucial element of the GDPR that we implement is obtaining user consent for the platform. This not only strengthens their trust in our services but also informs them about the collection and storage of their personal data. We clearly explain what data we collect, how long we retain it, who has access to it, and for what purpose. Data that is not essential to providing our service is not retained, ensuring complete transparency for our users.
Your data, your decisions
As an Eventdrive user, you have full control over your data. You can review and update the information we hold about you. Additionally, you have the power to choose the notifications you wish to receive from us, whether by email, push notifications, or otherwise. You also have the option to completely delete your account and all associated data. Furthermore, any personal data collected during your participation in an event is automatically deleted after 24 hours.
Curious to learn more about push notifications? 😉
Security is at the heart of our commitm
Eventdrive is firmly dedicated to safeguarding the confidentiality of your data. We have implemented robust security measures to protect your information.
In particular:
- We use encrypted databases that are not connected to the Internet, making them inaccessible even in the event of an issue.
- We are a French solution, hosted in France. Your data is stored in Europe for enhanced security.
- All communications between our servers and users are protected by encryption, using only HTTPS and WSS.
- The certificates required to secure your data are not stored on the servers that manage our service.
- We have implemented firewalls and web application protection systems (WAF) to detect and prevent any suspicious activity.
- We keep a log of all actions taken by users on our platform to respond quickly in case of anomalies.
👉 We have integrated the best security practices from the outset of our product development to ensure a seamless experience.
An Adapted Organization
The GDPR aims to hold companies accountable for how they handle data. If a company manages a large amount of personal data, it must appoint a data protection expert, known as a DPO. The DPO ensures that the company complies with the law and takes appropriate measures to protect data, including data managed by other companies (such as Eventdrive, which handles all its data internally). The DPO has several roles, including informing, advising, monitoring, alerting, and collaborating with authorities.
Additionally, there are procedures in place to react quickly and effectively in the event of a problem, such as a data breach or service interruption. These procedures are crucial for resolving issues within the company and properly informing clients and users.
Eventdrive has successfully passed all security tests, including those conducted by major companies in the pharmaceutical and banking sectors. We continuously adapt to stay compliant with current regulations and meet our clients' needs.
