Back to Blog
events
14 views17 min read

GDPR and Event Data: Compliance Requirements

Learn essential GDPR compliance requirements for event data management. Discover lawful bases for processing, consent management, data subject rights, and practical guidance for event organizers.

W
WebMobi Team
Author & Contributor
Data privacy and GDPR compliance concept

GDPR and Event Data: Compliance Requirements

The General Data Protection Regulation (GDPR) has fundamentally transformed how organizations collect, process, and store personal data across the European Union and beyond. For event organizers, this regulation presents unique challenges and responsibilities. Every registration form, badge scan, networking interaction, and post-event follow-up involves personal data that falls under GDPR's protective umbrella.

Understanding GDPR events compliance is not merely a legal obligation—it represents a commitment to respecting attendee privacy and building trust with your audience. Non-compliance can result in substantial fines reaching up to 20 million euros or 4% of global annual turnover, whichever is higher. Beyond financial penalties, data breaches and compliance failures damage reputation and erode the attendee trust essential for successful events.

This comprehensive guide explores every aspect of GDPR compliance for event professionals. From understanding lawful bases for data processing to implementing robust consent management systems, handling data subject rights requests, ensuring vendor compliance, managing international data transfers, maintaining proper documentation, and responding to data breaches—you will gain the practical knowledge needed to run compliant events with confidence.

Understanding GDPR Basics for Event Organizers

Before diving into specific compliance requirements, event professionals must grasp the fundamental principles that underpin GDPR. These principles guide every decision involving personal data throughout the event lifecycle.

What Constitutes Personal Data in Events?

Personal data encompasses any information relating to an identified or identifiable natural person. In the events context, this includes:

  • Registration Information: Names, email addresses, phone numbers, job titles, company names, dietary requirements, accessibility needs
  • Attendance Data: Check-in times, session attendance, booth visits, networking connections made
  • Engagement Data: Poll responses, Q&A submissions, survey answers, feedback forms
  • Technical Data: IP addresses, device identifiers, location data, app usage analytics
  • Visual Data: Photographs, video recordings, live stream captures
  • Financial Data: Payment card details, billing addresses, transaction records
  • Communication Records: Email exchanges, chat messages, support requests

Special categories of personal data—including health information (dietary restrictions related to allergies, accessibility requirements), religious beliefs (dietary restrictions for religious reasons), and potentially political opinions (at certain conference types)—require additional safeguards and explicit consent.

The Seven GDPR Principles

All event data processing must adhere to these core principles:

  1. Lawfulness, Fairness, and Transparency: Process data legally, fairly, and openly communicate your practices to attendees.
  1. Purpose Limitation: Collect data only for specified, explicit, and legitimate purposes. Avoid repurposing registration data for unrelated marketing without additional consent.
  1. Data Minimization: Collect only what you genuinely need. Question whether every form field serves a legitimate purpose.
  1. Accuracy: Maintain accurate records and provide mechanisms for attendees to update their information.
  1. Storage Limitation: Retain personal data only as long as necessary for the stated purposes.
  1. Integrity and Confidentiality: Implement appropriate security measures to protect personal data against unauthorized access, loss, or damage.
  1. Accountability: Demonstrate compliance through documentation, policies, and proactive governance.

Who Does GDPR Apply To?

GDPR applies to your event if:

  • Your organization is established in the EU/EEA
  • You process personal data of individuals located in the EU/EEA, regardless of where your organization is based
  • You offer goods or services to EU/EEA residents
  • You monitor behavior of individuals within the EU/EEA

This means international conferences, virtual events with global audiences, and organizations headquartered outside Europe must comply when handling EU attendee data.

Lawful Bases for Processing Event Data

GDPR requires a lawful basis for every processing activity. Event organizers typically rely on several bases depending on the specific use case.

Consent

Consent remains the most common lawful basis for event marketing activities. Valid consent must be:

  • Freely given: Not bundled with other conditions or coerced
  • Specific: Clearly tied to particular processing purposes
  • Informed: Based on comprehensive information about data use
  • Unambiguous: Demonstrated through clear affirmative action
Implementation Tips:
  • Use separate checkboxes for different consent purposes
  • Avoid pre-ticked boxes
  • Provide granular options (e.g., separate consent for email marketing, sponsor communications, photography)
  • Record timestamp, IP address, and exact wording shown when consent was given

Contractual Necessity

Processing necessary to fulfill a contract with the data subject provides a strong lawful basis. For events, this covers:

  • Processing registration details to provide event access
  • Sending essential event communications (schedule changes, venue information, safety alerts)
  • Processing payment information to complete ticket purchases
  • Providing purchased services (workshops, meals, accommodation arrangements)

Legitimate Interests

Organizations may process data based on legitimate interests where those interests are not overridden by the individual's rights. This requires a documented Legitimate Interest Assessment (LIA).

Potentially Applicable Legitimate Interests:
  • Basic networking functionality at events
  • Security measures (badge verification, access control)
  • Fraud prevention
  • Internal analytics for event improvement
  • Post-event feedback collection (limited scope)
When Legitimate Interests May Not Apply:
  • Marketing to attendees who have not consented
  • Sharing attendee lists with sponsors without consent
  • Tracking attendee movements for commercial purposes without transparency

Legal Obligation

Some processing may be required by law:

  • Tax record retention requirements
  • Health and safety reporting obligations
  • Regulatory compliance in certain industries

Consent Management for Events

Effective consent management forms the cornerstone of GDPR compliance for event marketing and many engagement activities.

Building a Consent Management Framework

Registration Form Best Practices

Design registration forms with privacy in mind:

``` CONSENT COLLECTION CHECKLIST

[ ] Clear, plain-language explanations of data use [ ] Separate checkboxes for distinct purposes: [ ] Essential event communications [ ] Marketing from event organizer [ ] Sharing data with event sponsors [ ] Photography/video consent [ ] Post-event surveys and feedback [ ] No pre-ticked boxes [ ] Link to full privacy policy [ ] Easy-to-read format (avoid legal jargon) [ ] Accessible design (screen reader compatible) ```

Sample Consent Statements

Marketing Consent:

"I agree to receive marketing communications from [Organizer Name] about future events, industry insights, and special offers. I understand I can withdraw this consent at any time by clicking unsubscribe or contacting privacy@organizer.com."

Sponsor Data Sharing:

"I consent to sharing my registration details (name, email, company, job title) with the following event sponsors: [List Sponsors]. Each sponsor will contact me independently, and I can unsubscribe from their communications at any time."

Photography/Video Consent:

"I consent to being photographed and/or video recorded during this event. These images may be used for promotional purposes on the organizer's website, social media, and marketing materials. If I prefer not to appear in photographs, I will collect a 'No Photo' indicator from the registration desk."

Managing Consent Throughout the Event Lifecycle

Pre-Event:
  • Collect consent at registration with clear options
  • Send confirmation emails summarizing consent choices
  • Provide easy access to consent preferences in attendee portal
During Event:
  • Display signage about photography/recording
  • Offer "No Photo" badges or lanyards for those who decline
  • Obtain verbal consent before individual interviews or testimonials
  • Ensure lead retrieval apps clearly indicate consent status
Post-Event:
  • Honor consent choices in follow-up communications
  • Provide immediate unsubscribe mechanisms
  • Document and timestamp all consent changes

Consent Withdrawal

GDPR mandates that withdrawing consent must be as easy as giving it. Implement:

  • One-click unsubscribe in all marketing emails
  • Self-service consent management portal
  • Clear instructions for contacting privacy team
  • Prompt processing of withdrawal requests (within 72 hours recommended)
  • Confirmation of consent withdrawal to data subject

Data Subject Rights in Events

GDPR grants individuals extensive rights over their personal data. Event organizers must have processes to fulfill these rights promptly.

The Eight Data Subject Rights

1. Right to Be Informed

Attendees must receive clear information about data processing at the point of collection. Provide:

  • Identity and contact details of the data controller
  • Purpose of processing and lawful basis
  • Categories of personal data collected
  • Recipients or categories of recipients
  • International transfer information
  • Retention periods
  • Rights available to data subjects
  • Right to lodge complaints with supervisory authority
  • Whether provision is mandatory and consequences of non-provision
  • Any automated decision-making, including profiling

2. Right of Access

Data subjects can request confirmation of processing and access to their personal data. Respond within one month with:

  • Confirmation that you process their data
  • Copy of their personal data
  • Supplementary information similar to privacy notice content
Event-Specific Considerations:
  • Include registration data, attendance records, communication history
  • Redact information about other individuals
  • Provide data in commonly used electronic format

3. Right to Rectification

Attendees can request correction of inaccurate data or completion of incomplete data. Enable self-service corrections through:

  • Attendee profile portal
  • Mobile event app settings
  • Direct contact with registration team

4. Right to Erasure (Right to Be Forgotten)

Data subjects can request deletion when:

  • Data is no longer necessary for original purpose
  • Consent is withdrawn
  • They object to processing based on legitimate interests
  • Data was unlawfully processed
  • Legal obligation requires erasure
Limitations for Events:
  • Cannot erase data needed for legal claims (contract disputes)
  • Tax and financial records may have mandatory retention periods
  • May retain anonymized, aggregated statistics

5. Right to Restrict Processing

Data subjects can request restriction (essentially freezing) of processing in specific circumstances:

  • While accuracy is being verified
  • When processing is unlawful but erasure is not requested
  • When you no longer need data but subject needs it for legal claims
  • During objection verification

6. Right to Data Portability

When processing is based on consent or contract and carried out by automated means, data subjects can receive their data in a structured, commonly used, machine-readable format.

Provide registration data, preferences, and engagement history in formats like JSON or CSV.

7. Right to Object

Data subjects can object to processing based on legitimate interests or public interest. You must stop processing unless you can demonstrate compelling legitimate grounds.

For direct marketing, the right to object is absolute—stop processing immediately upon request.

8. Rights Related to Automated Decision-Making

If you use automated decision-making with legal or significant effects (rare in typical events), individuals have rights to human intervention, express their views, and contest decisions.

Data Subject Request Handling Template

``` DATA SUBJECT REQUEST PROCEDURE

RECEIPT (Day 0)

  • Acknowledge request within 3 business days
  • Verify identity of requester
  • Log request in tracking system
  • Assign to appropriate team member

ASSESSMENT (Days 1-7)

  • Determine type of request (access, erasure, etc.)
  • Identify all systems containing subject's data
  • Assess any exemptions or limitations
  • Document assessment rationale

FULFILLMENT (Days 8-25)

  • Compile responsive information
  • Review for third-party data requiring redaction
  • Prepare response in appropriate format
  • Internal review for accuracy and completeness

RESPONSE (Day 28 maximum)

  • Deliver response to data subject
  • Provide information in requested format
  • Include explanation of any limitations or exemptions
  • Inform of right to appeal or complain to supervisory authority

DOCUMENTATION

  • Retain complete record of request and response
  • Store for appropriate retention period
  • Update subject's profile if preferences changed

```

Vendor and Sponsor Compliance

Event organizers rarely process all data themselves. Venues, registration platforms, mobile app providers, catering companies, and sponsors all access attendee information.

Data Processor Requirements

When vendors process data on your behalf (as data processors), you must:

Due Diligence:
  • Verify processor's GDPR compliance capabilities
  • Review their security measures and certifications
  • Assess sub-processor arrangements
  • Evaluate their data breach response procedures
Contractual Requirements (Article 28):

Data Processing Agreements (DPAs) must include:

``` ESSENTIAL DPA CLAUSES

  1. Subject matter and duration of processing
  2. Nature and purpose of processing
  3. Type of personal data processed
  4. Categories of data subjects
  5. Obligations and rights of controller

PROCESSOR OBLIGATIONS: [ ] Process only on documented instructions [ ] Ensure personnel confidentiality commitments [ ] Implement appropriate security measures [ ] Obtain authorization for sub-processors [ ] Assist with data subject requests [ ] Assist with security and breach obligations [ ] Delete or return data at contract end [ ] Provide information for compliance audits ```

Sponsor Data Sharing Framework

Sharing attendee data with sponsors requires careful compliance management:

Consent-Based Sharing:
  • Obtain explicit, specific consent for each sponsor or sponsor category
  • Clearly identify sponsors before consent is given
  • Explain what data will be shared and for what purposes
  • Provide opt-out mechanisms before and after the event
Lead Retrieval Programs:
  • Attendees must affirmatively consent at each interaction (badge scan)
  • Display clear notices about data collection at sponsor booths
  • Provide attendees visibility into which sponsors have their data
  • Enable attendees to request removal from sponsor databases
Sponsor Obligations:
  • Include GDPR compliance requirements in sponsorship agreements
  • Require sponsors to honor consent limitations
  • Establish data retention limits for sponsors
  • Include audit rights and breach notification requirements

Vendor Compliance Checklist

``` VENDOR ASSESSMENT CHECKLIST

SECURITY MEASURES [ ] ISO 27001 certification or equivalent [ ] SOC 2 Type II report available [ ] Encryption at rest and in transit [ ] Access controls and authentication [ ] Regular security testing and audits [ ] Incident response procedures

GDPR COMPLIANCE [ ] Privacy policy compliant with GDPR [ ] DPA template available [ ] Data subject request handling procedures [ ] Breach notification procedures (72 hours) [ ] Data retention and deletion capabilities [ ] Sub-processor list maintained

DATA HANDLING [ ] Clear data processing purposes defined [ ] Data minimization practices [ ] Accuracy maintenance procedures [ ] Secure data disposal methods [ ] Data localization options (EU hosting)

CONTRACTUAL [ ] Standard DPA acceptable [ ] SLA includes compliance obligations [ ] Liability provisions adequate [ ] Audit rights included [ ] Termination and data return provisions ```

International Data Transfers

Events with global reach must navigate complex international data transfer requirements.

Transfer Mechanisms Post-Schrems II

Following the Schrems II decision invalidating Privacy Shield, organizations must use approved mechanisms for transfers outside the EU/EEA:

Adequacy Decisions:

Countries with formal EU adequacy decisions allow free data flow:

  • United Kingdom (under current agreement)
  • Canada (commercial organizations under PIPEDA)
  • Japan
  • South Korea
  • Argentina
  • New Zealand
  • Israel
  • Switzerland
  • Uruguay
Standard Contractual Clauses (SCCs):

For transfers to non-adequate countries (including the United States), implement:

  • New SCCs adopted in June 2021
  • Transfer Impact Assessments (TIAs) evaluating recipient country laws
  • Supplementary measures if necessary (encryption, pseudonymization)
Binding Corporate Rules:

For multinational organizations with internal data flows, BCRs provide a comprehensive compliance framework (requires regulatory approval).

Transfer Impact Assessment Framework

When using SCCs, conduct TIAs:

``` TRANSFER IMPACT ASSESSMENT STEPS

  1. KNOW YOUR TRANSFERS

- Map all personal data flows outside EU/EEA - Identify data categories and purposes - Document transfer mechanisms used

  1. IDENTIFY TRANSFER TOOL

- Adequacy decision available? - SCCs required? - Derogations applicable?

  1. ASSESS THIRD COUNTRY LAWS

- Government access provisions - Surveillance laws and practices - Data protection framework - Effective legal remedies available?

  1. IDENTIFY SUPPLEMENTARY MEASURES

- Technical (encryption, pseudonymization) - Contractual (enhanced obligations) - Organizational (access limitations)

  1. PROCEDURAL STEPS

- Obtain necessary authorizations - Implement supplementary measures - Document assessment and decisions

  1. RE-EVALUATE

- Monitor legal developments - Reassess at appropriate intervals - Update measures as needed ```

Practical Considerations for Global Events

Virtual Events:
  • Attendees join from multiple jurisdictions
  • Clarify data controller location in privacy notices
  • Consider regional hosting options
  • Ensure platform providers have appropriate transfer mechanisms
In-Person International Events:
  • Local data collection may fall under local laws
  • Transfers back to headquarters require compliance measures
  • Consider local data processing where possible
  • Coordinate with local legal counsel

Documentation Requirements

GDPR's accountability principle requires demonstrable compliance through comprehensive documentation.

Records of Processing Activities (ROPA)

Article 30 mandates maintaining records of processing activities. For event organizations, document:

Controller Records Must Include:
  • Organization name and contact details
  • DPO contact (if applicable)
  • Processing purposes
  • Data subject categories
  • Personal data categories
  • Recipient categories
  • International transfers and safeguards
  • Retention periods
  • Security measures description

Sample ROPA Entry for Event Registration

``` PROCESSING ACTIVITY: Event Registration

Controller: [Organization Name] Contact: [Privacy Contact Email] DPO: [If Applicable]

PURPOSE:

  • Collecting attendee information to fulfill event registration
  • Providing event access and communications
  • Managing dietary and accessibility requirements

LAWFUL BASIS:

  • Contract (registration fulfillment)
  • Consent (marketing communications)
  • Legitimate interest (security, analytics)

DATA SUBJECTS:

  • Event registrants
  • Speakers and sponsors

DATA CATEGORIES:

  • Identity (name, title, company)
  • Contact (email, phone)
  • Professional (job role, industry)
  • Preferences (sessions, dietary)
  • Special categories (allergies, accessibility)

RECIPIENTS:

  • Event platform provider [Name]
  • Venue catering [Name]
  • Badge printing [Name]
  • Sponsors (with consent) [Names]

INTERNATIONAL TRANSFERS:

  • Platform hosted in US (SCCs in place)
  • No other international transfers

RETENTION:

  • Registration data: 2 years post-event
  • Financial records: 7 years (legal requirement)
  • Marketing consents: Until withdrawn

SECURITY MEASURES:

  • Encryption at rest and in transit
  • Access controls and authentication
  • Staff training and confidentiality
  • Incident response procedures

```

Policy Documentation

Maintain and regularly review:

Internal Policies:
  • Data protection policy
  • Information security policy
  • Data retention schedule
  • Data breach response plan
  • Data subject rights procedures
  • Employee privacy notice
  • BYOD and remote work policy
External Notices:
  • Website privacy policy
  • Event registration privacy notice
  • Cookie policy
  • Sponsor privacy requirements

Training and Awareness

Document training programs and completion records:

  • General GDPR awareness for all staff
  • Role-specific training for registration, marketing, technology teams
  • Incident response training for key personnel
  • Regular refresher training (annual minimum)

Handling Data Breaches

Data breaches require swift, structured responses under GDPR's strict notification requirements.

What Constitutes a Breach?

A personal data breach is any security incident leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data.

Event-Specific Examples:
  • Attendee list emailed to wrong recipient
  • Lost badge printer containing registration data
  • Event app security vulnerability exposing user data
  • Phishing attack compromising registration database
  • Vendor security incident affecting attendee information
  • Stolen laptop containing event spreadsheets

Breach Response Procedure

``` DATA BREACH RESPONSE PROTOCOL

PHASE 1: CONTAINMENT (Immediate)

  • Identify and isolate affected systems
  • Prevent further unauthorized access
  • Preserve evidence for investigation
  • Activate incident response team

PHASE 2: ASSESSMENT (Within 24 hours)

  • Determine scope and nature of breach
  • Identify affected data categories
  • Estimate number of affected individuals
  • Assess risk to individuals' rights

PHASE 3: NOTIFICATION DECISION (Within 48 hours)

  • Evaluate notification requirements
  • Supervisory authority: required unless unlikely risk
  • Data subjects: required if high risk
  • Document decision and rationale

PHASE 4: SUPERVISORY AUTHORITY NOTIFICATION (Within 72 hours) Required information:

  • Nature of breach and data categories
  • Approximate numbers affected
  • DPO or contact point details
  • Likely consequences
  • Measures taken or proposed

PHASE 5: DATA SUBJECT NOTIFICATION (Without undue delay) If high risk to rights and freedoms:

  • Clear, plain language communication
  • Nature of breach described
  • DPO or contact point details
  • Likely consequences
  • Measures taken and recommendations

PHASE 6: REMEDIATION AND REVIEW

  • Implement corrective measures
  • Update security controls
  • Review and update policies
  • Document lessons learned
  • Conduct post-incident review

```

Breach Notification Templates

Supervisory Authority Notification:

Include details of the breach nature, categories of data and data subjects affected, approximate numbers, consequences assessment, and remedial measures taken.

Data Subject Notification:

Communicate in clear language: what happened, what data was involved, what you are doing about it, what they should do (e.g., monitor accounts, change passwords), and how to contact you for more information.

Breach Documentation

Maintain comprehensive breach records regardless of notification decisions:

  • Date and time of breach discovery
  • How breach was discovered
  • Description of breach circumstances
  • Data categories and volume affected
  • Risk assessment and rationale
  • Notification decisions and timing
  • Communications sent
  • Remedial actions taken
  • Lessons learned and improvements made

Practical Compliance Guidance

Pre-Event Compliance Checklist

``` EVENT PRIVACY COMPLIANCE CHECKLIST

PLANNING PHASE [ ] Privacy impact assessment for new data processing [ ] Vendor due diligence and DPAs completed [ ] Registration form reviewed for data minimization [ ] Privacy notice drafted and accessible [ ] Consent mechanisms designed and tested [ ] Sponsor data sharing agreements executed

REGISTRATION PHASE [ ] Privacy notice linked from registration form [ ] Consent options clearly presented [ ] Special category data handled appropriately [ ] Secure payment processing confirmed [ ] Confirmation emails include privacy information

PRE-EVENT COMMUNICATIONS [ ] Marketing sent only to consented individuals [ ] Unsubscribe mechanisms functional [ ] Event information communications compliant

ON-SITE OPERATIONS [ ] Photography signage displayed [ ] No-photo badges available [ ] Badge scanning consent processes clear [ ] Wi-Fi data collection transparent [ ] Staff trained on privacy procedures

POST-EVENT [ ] Follow-up respects consent choices [ ] Survey data handled appropriately [ ] Lead data shared only per consents [ ] Data retention schedule implemented [ ] Feedback requests compliant ```

Privacy by Design for Events

Embed privacy into event planning from the start:

Minimize Data Collection:
  • Question every form field's necessity
  • Avoid collecting data "just in case"
  • Use progressive profiling rather than lengthy initial forms
Build in Security:
  • Encrypt data at rest and in transit
  • Implement access controls based on need
  • Use secure, compliant technology platforms
  • Regular security assessments
Enable Transparency:
  • Clear, accessible privacy notices
  • Real-time consent preference management
  • Visible data collection points (signage)
Facilitate Rights:
  • Self-service data access and correction
  • Easy consent withdrawal
  • Prompt response to requests

Common Pitfalls to Avoid

Registration:
  • Pre-ticked consent boxes
  • Bundled consent (all-or-nothing)
  • Excessive mandatory fields
  • Missing privacy notices
Marketing:
  • Assuming registration implies marketing consent
  • Not honoring unsubscribe requests
  • Purchasing attendee lists without proper consent
  • Emailing non-responders without lawful basis
Sponsors:
  • Sharing data without explicit consent
  • Not disclosing sponsors before consent
  • Allowing unlimited sponsor use
  • No sponsor compliance requirements
Technology:
  • Unvetted vendors without DPAs
  • Insecure data storage or transmission
  • Excessive data retention
  • Lack of access controls
Post-Event:
  • Retaining data indefinitely
  • Repurposing data without new consent
  • Ignoring deletion requests
  • Not updating inaccurate records

Conclusion

GDPR compliance for events requires a comprehensive, proactive approach that integrates privacy considerations into every aspect of event planning and execution. From initial registration through post-event follow-up, personal data flows through multiple systems, vendors, and processes—each requiring careful attention to regulatory requirements.

The key principles bear repeating: collect only necessary data, process it lawfully and transparently, keep it secure and accurate, retain it only as long as needed, and respect individual rights throughout. Document everything, train your team, and treat privacy as a continuous commitment rather than a one-time checkbox exercise.

Building robust data compliance practices not only protects your organization from regulatory penalties but also builds trust with attendees. In an era of increasing privacy awareness, demonstrating respect for personal data becomes a competitive advantage. Attendees who trust your data practices are more likely to register, engage, and return for future events.

Start by auditing your current practices against the requirements outlined in this guide. Identify gaps, prioritize improvements, and implement changes systematically. Engage legal counsel for complex questions, invest in compliant technology platforms, and ensure every team member understands their role in protecting attendee data.

The investment in GDPR compliance pays dividends in reduced risk, enhanced reputation, and stronger attendee relationships. Take action today to ensure your events meet the highest standards of data protection and privacy.

---

Ready to run GDPR-compliant events with confidence? WebMoBI's event management platform includes built-in privacy features, consent management tools, and secure data handling capabilities. [Contact our team](https://webmobi.com/contact) to learn how we can support your compliance journey.
Topics:
#GDPR events#data compliance#privacy regulations#GDPR compliance#event data protection#data privacy#consent management

Found this valuable?

Share this article with your team and help spread knowledge

Explore More Articles

Stay Ahead of the Curve

Get exclusive insights, event management tips, and AI-powered strategies delivered to your inbox weekly

Join 5,000+ event professionals. Unsubscribe anytime.