GDPR Compliance Statement
At Guidebook, we strive to build software that is satisfying to use. Whenever someone posts on social media about our platform and uses words like “easy,” “helpful,” and “beautiful” to describe our products, we know that we have accomplished our goals. One of the aspects we don’t see being discussed very often in the event-app space, however, is trust. Even if people don’t say it, we know that trust is a cornerstone of the satisfaction they feel when our software helps them.
Today, I want to talk about trust and specifically how seriously Guidebook takes user privacy in order to earn the trust of the people who use our platform. If you use Guidebook, we want you to know that our software is respecting you and your personal data. We have always worked hard to store your data securely and ensure it is used to accomplish the things that you would reasonably expect, and no others. This is why we have always been Privacy Shield compliant. But there is always room to improve.
The EU’s new General Data Protection Regulation (GDPR) sets a whole new bar for user privacy around the world. Despite all the hand-wringing and hedging you may read about this regulation, its core is simple, clear and admirable: tell people how you use their data and give them a choice when it comes to those uses.
Here at Guidebook, we’ve been preparing for GDPR for more than six months. We believe following the principles laid out in this regulation will make for a better experience across our platform, one that protects event organizers and event attendees alike. If you are organizing an event on Guidebook, we want you to be confident that your event will be GDPR compliant no matter who accesses it anywhere in the world. If you are accessing event information on Guidebook, we want you to understand all the ways that we use your data. And when doing so will not interfere with the administration of the event you are attending, we want to give you a say over that usage.
In order to accomplish this, we’re making a few changes at Guidebook. Event attendees will see some new things in their Apps, and event organizers will see some different behavior in some of our administrative features.
The first change is the addition of a consent prompt in our Apps when a guide is used for the first time. This prompt lists the personal data we use (first name, last name, email address, company information, and metrics about the content that is accessed) and how we share this information with the owner of the guide being accessed. This prompt allows Guidebook to record consent to share this information with event organizers on a guide by guide basis.
Next, we have added a Privacy Center to our account settings. Here anyone can review the consent they have granted on a guide by guide basis and consent can be revoked or granted if someone decides to change their mind about the usage of their data at a later time.
Finally, we have performed a thorough audit of our features and made adjustments where necessary. Any features that were not necessary for critical administrative actions (i.e. moderating social feeds, revoking access to disruptive or abusive users, inviting people to a guide, etc.) now only reflect attendee data if that attendee has consented to sharing it.
For a complete rundown on how we use attendee data and which features now require the consent of the attendee, please read this support article. It is my aim to make our usage of data as transparent as possible. Incredible things happen on our platform. Professional connections are forged, students find valuable information about their universities and fandoms come together to celebrate their interests. These things are all possible because we are a platform where the business of organizing the world’s best events can get done. Balancing this business against the privacy needs of a changing world is a job that will never end; but Guidebook celebrates GDPR, because taking data privacy seriously is in the best interests of event organizers and event attendees alike. It is how we build trust.
I am proud of the steps Guidebook is taking to make our software live up to the highest standards of personal data security. These steps will ensure all our customers can confidently tell the world that their event applications are GDPR compliant. They will ensure that anyone who accesses an App built on our platform can be confident that their data is only being used in the ways that they expect. But the path doesn’t end here. GDPR is sweeping and will surely evolve as the world comes to understand its full impact. Guidebook is committed to constant improvement when it comes to data security and transparency. As best practices evolve, so too will Guidebook’s approach, because user privacy is paramount.
Jeff Lewis, CEO