5 Replies Latest reply on Mar 13, 2018 3:36 PM by Dan Stevens

    EU GDPR Compliance for Physical Events

    Michelle Tang

      Hey Marketo Users!


      We have physical events in Europe this year such as Tradeshows, Happy Hours, Seminars, etc. What are your plans to getting opt in consent to send Marketing communications to these folks?


      For example, at a Tradeshow, are you sending an email to those who were scanned at the booth or do you plan on getting consent by signing a piece of paper at the event? Is it the Event vendor's responsibility to add in verbiage when they sign up for the event that they are opting in to booth sponsors marketing email comms? 


      Any recommendations or resources would be great!

        • Re: EU GDPR Compliance for Physical Events
          Loren Posendek

          Hey Michelle, thanks for starting this thread! Definitely interested to see everyones feedback and input. I'm no Legal expert, so these are just my opinions. My gut tells me that the event vendor would have verbiage about opting-in and/or opting-out in to receive emails from vendors. However, I wouldn't necessarily rely on that. I may send an opt-in email after the event list is imported + processed appropriately to gain consent.


          Some of the countries in the EU (looking at you, Germany) already require double opt-in for email consent, so it may be worth following these guidelines for most EU countries.


          The second component of GDPR is cookie consent, which is something that I think is very much a gray area right now as it relates to event list imports. We're still figuring this out with our Legal team.


          Hope that helps!

            • Re: EU GDPR Compliance for Physical Events
              Dan Stevens

              To build on what Loren said - and I'll also start that I'm no legal expert, and suggest you work directly with your legal team on this - there's a key aspect of GDPR called "legitimate interest".  This is still a very gray area and up for interpretation.  For example, if you collected a bunch of business cards at your tradeshow booth and had an initial conversation with these folks, it may be OK to send them a follow-up email just after the event.  But that's it.  They haven't given you their consent for any longer term permission to market to them (unless they did as part of this follow-up email).  Here's more info around LI: Legitimate interests | ICO

              1 of 1 people found this helpful
            • Re: EU GDPR Compliance for Physical Events
              Matjaž Jaušovec

              We thought of exactly this challenge prior to attending the trade show in early February.


              We tried one idea and it worked out fairly well: for those who stopped by at our booth & showed interest, we had a  GDPR-compliant web registration form prepared and our representatives simply explained and asked them to fill it out on iPad and subscribe/give consent to marketing communication(s). We managed to capture a fair portion of visitors that way.

              • Re: EU GDPR Compliance for Physical Events
                Amy Connor

                We're making sure that each tradeshow is GDPR compliant before importing leads from booth scans.