Loading
At EasySignup we take many necessary precautions to protect your data.
In practical terms, this means that we have set up procedures in the areas that affect IT security - from system development to customer service management.
These procedures are made to ensure, your data is stored and processed in accordance with GDPR and The Danish Data Protection Act.
EasySignup has an ISAE 3000 audit report. This ensures you, that we comply with GDPR and the agreed data processing when we as data processors process personal data on behalf of you.
When you collect information on your participants, you are the data controller of the personal information you receive and store.
This could e.g. be signups for a meeting, course, or a conference, that you have received in your mailbox after having sent out invitations to your event.
You are responsible for registering, processing and storing these data in compliance with GDPR.
These are just some of the many considerations, that may lead to a giant GDPR-headache, and which requires a little extra energy to take into consideration each time you register signups for an event.
Don't worry. We have made it easier for you to comply with GDPR and The Danish Data Protection Act when you receive signups for your events.
As a general rule, personal data about your participants is deleted in the system two years after your event is over. You can, however, set up individual rules for deletion of each piece of information you collect.
Create more users in the system and choose what the individual users should have access to. An overview of users and their access can be found on your EasySignup account.
EasySignup has no sub-processors and does not transfer your data to other EU countries or to third countries.
Our audit report (ISAE 3000) acts as an insurance that EasySignup complies with the agreed data processing agreement - and makes it easier for you as the data controller to ensure compliance.
Previously, the "Privacy Shield Framework" was a valid transfer basis of personal data to e.g. the US or American companies with servers in Europe. That's not the case any longer. EasySignup ensures you that we do not transfer the personal data, we process for you, to other EU countries or third countries.
Our servers are placed in Denmark and we only have employees in Denmark. Thus, your participants' personal data remains safe on Danish land.
EasySignup makes it possible for you to choose when participants' personal information is to be deleted. The time of deletion can be set up individually for each information you collect.
You may for instance want information about participants' dietary restrictions to be deleted two days after the event, and delete the rest of the collected information at a later date. As a general rule, personal data about your participants is deleted in the system two years after your event is over.
Do you want to invite your participants to future events? Or do you need a separate consent to collect sensitive personal information? With EasySignup you can easily collect separate consents from your participants when they register for your event.
Furthermore, you can easily identify and delete personal data in the IT-system, in case a participant withdraws his or her consent.
To comply with GDPR you need to be able to document who has access to your participants' personal data. This can be rather difficult, if not impossible, to do if lists of participants are being shared on email or printed out and handed to colleagues.
With EasySignup your participants' information is gathered in one secure system. And if you are multiple people to administrate your events, you can create more users in the system - users which can all be assigned individual access to the system. For instance, a user can be granted access to create events but not be able to access personal data about the attendees.
On your EasySignup account, you can get an overview of your users and their individual access to the system. Overall, the IT-system makes it easier for you to administer and document access to your participants' personal data.
As the data controller, you are responsible for monitoring that we, as your data processor, comply with the agreed data processing agreement. We've made this easier for you by having an audit report (ISAE 3000).
EasySignup's audit report (ISAE 3000) has been obtained based on a thorough review by an auditor of how we process personal data relative to the agreed in the data processing agreement.
Therefore, the ISAE 3000 audit report is a recognition that EasySignup complies with the data processing agreement. This will make it easier for you as the data controller to ensure compliance when using EasySignup as your data processor. The audit report is updated yearly.
ISAE 3000
When you collect information about your attendees, you are obligated to inform them how their personal information is being processed. This can easily be done when you collect signups through EasySignup.
With EasySignup, your participants can read about how their data is being processed in the terms of registration when signing up for your event.
When EasySignup processes personal data on your behalf, we have a number of obligations. To ensure you we process your data in compliance with current legislation, we enter into a data processing agreement with you.
Read EasySignup's data processing agreement
Janni Henriksen
Commercial lawyer and operations manager
- Helle Boyding, Marketing Assistant, Beierholm
- Lone Schlüter, Seminar manager / administrative officer, Statistics Denmark
- Lene Høffner, Organizer and Fundraiser, Ronald McDonald House Charities
- Anitta Olesen, Staff Member of the Secretariat, VÆKST Jammerbugt, Jammerbugt Municipality
