Integritet är viktigt

Eventorganisatörer har mycket att hålla koll på. En viktig fråga är deltagarnas personuppgifter och hur de används. Personuppgifter behövs för att hantera evenemanget och för att kommunicera med deltagarna.

Datahanteringen är oerhört viktigt. Genom att använda Invajo kan vi hjälpa dig som arrangör att hålla reda på dina och dina deltagares rättigheter, samt se till att inte datan hamnar på fel ställe. Det här är inte en på eller av-knapp utan något som behöver arbetas med löpande i den dagliga verksamheten.
Genom att använda verktyg som Invajo kan personuppgifter hanteras på ett korrekt sätt och processen göras enklare.

Vad är personuppgifter?

Personuppgifter är all typ av information eller data som kan hänföras till en enskild person.
  • Vad är GDRP?

  • Roller

  • Schrems II

  • Invajo och Schrems II

GDPR is the European Unions General Data Protection Regulation, introduced May 25, 2018

The purpose is to increase the individual's rights over their own personal data and set a common standard for data storage throughout the EU. The regulation demands stricter requirements on how personal data is processed.


As an event organizer, it is important that you are aware and know how both you and Invajo handle the participants' data, not only to comply with the GDPR directive, but also to make your participants feel safe and secure.

As a Invajo user you act as the Personal Data Controller while Invajo act as the Personal Data Processor

The Personal Data Controller is responsible for defining the purpose for collecting the specific data. The Controller is also responsible for keeping the data up to date. Data that is no longer needed shall be deleted immediately.

As Personal Data Processor Invajo will provide the needed tools so that the Controller can handle the data. Invajo stores all personal data within the EU and according to best practice in the industry. Data sent between participants and the system is always sent encrypted.

The CJEU made the Privacy Shield invalid, not SCC:s by default

In 2020 the Court of Justice of the European Union (CJEU) ruled that the EU-US Privacy Shield are not a lawful mechanism for transferring personal data outside of the EU.  This became known as the ‘Schrems II’ judgement, based on the initiator Max Schrems. 

The Court also held that the standard contractual clauses (or SCCs) remain a valid data transfer mechanism but clarified that the SCC data transfers need to be analyzed on a case-by-case basis to ensure EU standards of data protection are met.

Invajo quickly moved into adding SCC to its current DPAs with subcontractors

Even though SCC´s are in place for all US-based subcontractors we did not stop there. As there can be new judgements and to make it easier to comply to GDPR for our users we decided to create an alternative platform with subcontractors fully owned by Europeans companies. Now we can offer an alternative platform which is based on subcontractors which are solely European companies. It’s s important to note that the old platform remains and relies on SCC:s, which means it’s also valid.

Viktigt att tänka på som eventarrangör

Bara relevanta uppgifter

Samla in och spara enbart den information som du behöver från dina deltagare.

Radera uppgifter

Radera eller anonymisera uppgifter som du inte längre behöver.

Skydda din data

Skydda känslig data genom att tex inte skicka runt uppgifter i onödan.

Subcontractors

As any modern service we rely on sub-processors in order to deliver our service. Our Privacy Policy and DPA will define in detail the way Invajo works with its sub-processors when it comes to IT-security and compliance.

List of Invajos subprocessors

The only event system you will need. Dont take our word for it, try it yourself. Get an account in less than 30 seconds. No strings attached.