GDPR - signing DPAs with tradeshow vendors

Level 10 - Champion Alumni

GDPR - signing DPAs with tradeshow vendors

Curious to hear more about how you all are handling GDPR documentation with tradeshows. Are you relying on their contracts as a data processing agreement? Or are you asking them to sign your DPA? Our InfoSec team wants each show vendor to sign a DPA (including those not in EU, in case people from the EU are in attendance), and the vendors are pushing back on this, saying that their regular contract is sufficient. I'm not sure how other businesses are handling this and would love to see how this is going for other members of the Marketing Nation!

Amy Goldfine
Marketo Champion & Adobe Community Advisor
Tags (2)
Level 10 - Community Moderator

Re: GDPR - signing DPAs with tradeshow vendors

IMO the only reason they would try to sidestep this is if they cannot comply.

Level 10

Re: GDPR - signing DPAs with tradeshow vendors

Hi Amy,

It's simply impossible to get traceable consent on a Tradeshow. You will not be able to prove that a form fill out on you booth or a badge scanner issued excel file are genuine. Hence the restlessness of every one around this... Unless of course, you have every one on the boot use their own Mobile device to register or have each of them fill out a docusign or else fill out and sign an ultra-modern hand-written paper form.

The way I advize my customers to handle this is the following:

  • Create an untracked Marketo LP with a form and have the booth visitors to fill out a form in roder to receive a documentation package. The form does not contain an opt-in field, as anyway, it would have no legal value. People who fare created in the Marketo database are considered as opt-out by default.
  • On form fill out, preexisting persons receive a simple email with the download link for the documentation package and access to the preference center in the post footer. The newly created receive a different email that contain the documentation package download link plus some mentions about privacy and a button to access the preference center (with some bal bla about the interest of subscribing to more communications).
  • 3 days later, any people who where created from the form and did not access the PC are deleted or anonymized in Marketo.

I could think of another way: post a QR code on your stand that people would scan to access a Marketo LP with an opt-in field from their mobile. That would be traceable and opposable.