GDPR guide


Disclaimer: This isn’t legal advice, this is a short guide to answer common questions and to help you make the best use of our system. 


For the LIVE IT/Bookitbee GDPR statement, please visit: terms.liveit.io/gdpr-compliance/




Accessing your customer data and usage.

Customers who have opted in for email marketing during the booking process can be accessed via the ‘Mailing lists’ section of your organiser account. You can connect this list to your Mailchimp account, or manually download the csv list and upload to your preferred service. Only this data can be used for marketing purposes. 



All other data reports (ticket, booking and sales reports) cannot be used for marketing under any circumstances. You can, however, use this data to contact customers with ‘status’ emails. For example, you may wish to email your attendees of reminding them of your event opening hours or to send them an FAQ regarding your event. You cannot include marketing messages as part of a status email. 



Providing your privacy policy.

Under the GDPR, every organiser must tell attendees why they are collecting their personal data and how they are using it. As part of our booking system, you can provide this statement during the checkout process, and we’ll ask your customers to confirm acceptance of these terms when making a booking.



Some examples that you may wish to consider:

Will they be included in photographs or video footage at your event?

Are you uploading their contact data to any marketing services or websites, such as mailing list software?

Have you added Facebook tracking pixels to the booking pages? 



Data collection and custom questions. 

As one of the core principles of the GDPR is data minimisation, consider whether the data that you are requesting is important for your needs. Are you asking mandatory questions? Questions should only be mandatory when you have a specific purpose for this data. 



Acceptable use: Requiring participants at your sporting event to provide emergency contact details for the sole purpose of their safety. 



Not acceptable: Requiring all attendees to provide their date of birth and gender, with no opt-out, for marketing and demographics. 



For custom questions which are not important to your needs, set these as optional questions. Also, consider whether you are asking too much information. Do you need to ask for their full date of birth, or will just their age or birth year suffice?




Still have a question? Contact us