GDPR

Manage/administer guests and participants GDPR compliant

Data protection was already in the first place during the conception of guestoo. With the GDPR becoming known, we and our lawyer have done everything necessary to make a GDPR compliant guest or participant management possible.
All information on this site does not replace any legal advice and does not claim to be complete!

Your data & the data of your guests in good hands:

  • Server in Germany
  • Contract for order data processing according to GDPR
  • Iso 27001 certified data center
  • technical & organizational measures

General information about guestoo and the GDPR

You should note this at the guest or participant administration after 25 May 2018.

Here are some general but important information on the topic of guest administration / participant management and the Basic Data Protection Regulation.

  • The collection and processing of personal data, it requires a legal permission or consent of the data subject.
  • Each company is fully responsible for data collection.
  • When working with subcontractors who are entrusted with the processing of personal data, a so-called contract for order processing is necessary.
    How you can conclude this contract for guestoo can be found below on this page.
  • For the collection of guest data you need an explicit consent or a legal permission from the addressees.
  • The invitation of guests may also only take place with the consent of the addressees in accordance with the law.
  • The data to be collected must serve the purpose. No more data may be collected than is necessary to fulfil the purpose.
    At guestoo you can determine for each event which data the guest needs.
  • The guest must have access to the data collected about him at all times and can demand, among other things, its deletion.
    At guestoo, guests have the simple option of viewing, changing or deleting their data via the guest dashboard. Tax-relevant information is retained, the rest is deleted.
  • The data processor must formulate a comprehensive data protection declaration in accordance with Article 13 of the DSGVO and inform the addressees of the data processing operations.
    Guestoo gives you the opportunity to deposit general or per event data protection provisions, conditions/terms of use and an imprint which the guest must accept upon registration and which is sent in the DoubleOptIn mail.
  • After the purpose has been fulfilled, the data must be deleted, unless the guest has agreed to permanent storage.
    At guestoo you have a cleansing function that shows you all no longer relevant guests and gives you the opportunity to delete. Tax-relevant information remains stored at the event.
  • In addition, guestoo offers you the opportunity to request properly logged and DOI-secured individual declarations of consent when registering for the event. For example, a guest can subscribe to your newsletter or must agree to a waiver (e.g. for driving training).
  • Your data belongs to you. We offer Excel exports and an API, so you have the possibility to use the data outside of guestoo at any time (provided you have the consent of the guests or legal permission).

order data processing contract

How do I conclude a new contract for order data processing according to Art. 28 EU-GDPR for guestoo?

In order to comply with the DSGVO, it is imperative that you conclude a contract for order processing in accordance with Art. 28 EU-DSGVO with us as the order data processor. How it works:

  1. Download the contract: ADV contract (PDF)
  2. Follow the statements in the document
  3. Info: The contract is valid for all our tools (persoo, guestoo, jodoos, clientoo)

Häufige Fragen & deren Antworten zum diesem Bereich (FAQ)

  • Can I delete my account again?

    Yes, you can delete your account completely at any time. Just go to your profile and click "Delete account".

  • Can I also export the data from guestoo?

    YES! WE HAVE PUT A LOT OF EMPHASIS ON EXPORT OPPORTUNITIES! We have attached great importance to export opportunities and there is an event and guest API.