It’s been a few months since the GDPR (General Data Protection Regulation) took affect and you may think it’s old news. After all, U.S.-based exhibitors are immune from the effects of GDPR if they don’t exhibit in Europe, right?
Wrong! Because the GDPR effects any EU citizen, no matter where they are in the world. That means if you’re scanning badges at a show in Texas, but some of the attendees came from France or Germany (or any other EU country), you need to know what to do.
First of all, you’ve got to ensure you get documented consent from the attendee saying they wish to be contacted in the future. That means simply swiping badges or collecting business cards doesn’t cut it anymore. There’s no “automatic consent” in that. So while they may be entering your in-booth contest or agreeing to get some kind of specific information from you, that doesn’t give you permission to market to them endlessly in whatever manner you see fit.
You must inform attendees what personal data you’re collecting (name, e-mail address, etc.) and for what reason. When they explicitly consent to future marketing, you must keep documentation of that permission. Then you can only send them the types of communications that they agreed to, unless you get further permission from them. And you’re not allowed to share that personal data with any third party without their consent.
There are still many nuances that need to be figured out, and I’m not a legal expert. So I recommend you check out the following resources for more details, then consult with your own legal experts to find out how your trade show lead gathering needs to change.
- GDPR & Trade Show Marketing Guide: What You Need to Know (gives some good examples of what to do/not do)
- How GDPR Affects Your Lead Generation at Trade Show Exhibitions (good overview of GDPR & what it means for exhibitors)
- A Question of Scanning: Data Sharing Event Style (breaks down what has changed)
- Lead Capture at Events: GDPR Best Practices (great checklist of what to do)
- Do Your Event Lead Capture Practices Comply with GDPR? (covers various options; bear in mind it’s written by a software company)
And even if you’re in the U.S., be prepared. There’s a prevailing theory that the EU regulations are just the beginning of what’s soon to be the norm worldwide. So if you focus now on making your lead gathering GDPR-compliant, you’ll be ahead of the game as other countries follow.