Call us +1 464 222 9660

Blog: Data & analytics

Who owns your event data, and what are they doing with it?

6 June 2023 minute read

Ian Dickie
Managing Director
AttendZen

I hope your answer to this question (as an event organiser) is something like:

‘We own our data. We use it to market and improve our own events, and nobody else uses it without our express permission’.

And I hope that’s actually the case.

Because for thousands of event owners, it’s not. They don’t have full ownership and control of their attendee data, because they signed it away (often unwittingly) to an event platform or app.

Data ownership can be a minefield for event organisers.

Event technology has fundamentally changed the relationship between organisers and their attendees, sponsors and other stakeholders. Before the widespread adoption of online event platforms, attendees tended to deal with event organisers directly at every stage of the process.

When you signed up for an event, it was generally understood who was handling the attendees’ data (the organiser), and what they were going to do with it (deliver the event).

As the amount of technology required to run an event has increased, things aren’t quite the same.

Today an organiser will typically use a registration provider, a virtual platform and maybe an attendee app. But who owns the data about an attendee’s activity on the various websites, platforms and apps?

As the event owner, you would expect that you’d own that data, right? Well, don’t bet on it.

Data processors vs data controllers.

When it comes to data policies, event platforms essentially fall into one of two camps – those that act as Data Controllers (and can therefore use attendee data for their own purposes), and those that act solely as Data Processors (so that complete control over attendee data always rests exclusively with the event organiser).

AttendZen, for example, is strictly in the Data Processor camp. Our clients retain total ownership and control of their data at all times. Nothing gets sent to a contact or attendee unless our client sends it. The event organiser owns the customer.

Eventbrite, on the other hand, is perhaps the most prominent example of a platform that acts as a Data Controller. When an attendee registers for your event on Eventbrite, the platform (not the organiser) has control over the attendee data. Eventbrite owns the customer.

Many of the virtual platforms that came to prominence during the pandemic are also based on the Data Controller model, and plenty of events have been caught out by this.

Organisers – already overwhelmed by the sudden pivot to virtual – didn’t necessarily read the Terms of Service or ask questions about event data when partnering with virtual platforms, and many have unknowingly given up control of their attendee data.

In truth, one of the reasons so much capital flowed into these companies was the attraction of owning data on millions of event attendees which, in turn, can be leveraged for a vast range of B2B marketing intelligence and sales opportunities.

If you ever wondered why some of these platforms let you register people or run some virtual events for free (or cheaply) – well, that’s why. The value is in your data.

 

Image of Sherlock Holmes using magnifying glass to read the Data Processing Addendum

Data is boring! Why care as long as everything works?

Well, there are a bunch of reasons why you should own your own attendee data and retain total control over how it’s used. But we’ll start with the most important.

Your attendees trust you with their data.

When they register for your event, your attendees are trusting you with their data. So it would be wise for you, as the event owner, to know where that data is kept, who has access to it, whether it can be shared, sold or otherwise used to sell things to your customer.

Since the choice of platform is not within the attendees’ control, the responsibility to protect their information lies with the event organiser.

Suppose your chosen platform decided to sell your attendees’ data to third parties. If you’ve agreed that they can act as a Data Controller, doing so would not be a breach of your contact with the platform.

Now your attendees are getting inundated with spam.

Because the data comes from an event registration, it includes mobile phone numbers so they’re getting unsolicited phone calls and SMS messages too. Who are they going to blame? The event platform – the name of which they can probably no longer remember?

No. They’re going to blame you.

And there’s another problem.

Platforms can use your data against you.

The key thing to understand here is that platforms that act as Data Controllers have a different business model and different incentives, compared with those that just want to be Data Processors.

Platforms like Eventbrite and Hopin are actually a bit like eBay. They are a marketplace for thousands of events from thousands of organisers. Like eBay, they work by leveraging visitor data to suggest other events a customer might be interested in.

And here’s the thing. Many of these other events will likely be in direct competition with your event!

Eventbrite event suggests other competing events at the bottom of the page where you describe YOUR event! So before your customer has even clicked the ‘REGISTER’ button, they’re being shown alternatives to your event.

And it gets worse. By only allowing users to delete their accounts, these platforms are creating a direct relationship with attendees that excludes the organiser. Put simply, they own the customer.

While platforms might argue that collection of attendee data in this way has some benefits for attendees, such as enabling them to use the same login across events on the same platform, it is very much not in organiser’s best interest.

And what happens when you want to leave the platform?

Chances are you’ve invested years and thousands of dollars cultivating the attendee data and analytics stored in your event management platform. Do you get to take that data with you? In full? Or do they have you over a barrel and you’re now effectively locked into that platform, whether it still fits your needs or not?

Always read the small print.

Tediously, the platforms that acquire rights to use your attendee data for their own cross-marketing purposes, tend not to advertise the fact that they do this. You have to read the small print, and sometimes you have search through a lot of lengthy Ts&Cs to find out what the platform can and can’t do with your attendees’ information.

More often than not, the place to look is in something called the Data Processing Addendum (DPA) which will typically be an appendix to the Terms of Service for Organisers.

And it can be hard work to figure out precisely what’s going on.

For example, in its privacy policy, Hopin clearly distinguishes between ‘Event Content’ and ‘Attendee Data’, noting that the event organiser (Hopin Customer) is the controller of the former, but that ‘both Customer and Hopin are Controllers of Attendee Data.’

This type of policy is unfortunately a lot more common than many event organisers realise.

Customer data is a major strategic asset for event organisers. It represents the foundation of the direct and exclusive relationship you should have with your event participants.

Giving up even part of this ownership brings significant risk.

Look at how most publishers now have to rely on Facebook and Google to reach readers – forced to pay to access their own audiences, with content having become a commodity. The same thing could happen in the event industry if organisers aren’t careful, with events becoming a commodity and the lion’s share of the value being captured by technology platforms – rather than the individual organisers who do all the heavy lifting.

Your event. Your data.

Maybe we’re old-fashioned but we take the view that all your event data should belong to you. No exceptions.

Your event management platform didn’t earn your data. They sure as hell didn’t pay for it.

Their only plausible motivation for controlling the attendee data you put into them is to sell it to third parties for money, or to use it in ways that are contrary to your interests (like marketing competitor events or locking you in indefinitely).

With AttendZen you’ll always own and control all your data. Our only obligation is to our individual clients – providing them with the tools to build, grow and monetise their own audiences more successfully. We’re not the only platform that leaves data ownership in customer hands, or the only one that commits not to sell customer data. But we strongly advise you to check the small print of your suppliers’ data policies and to know exactly where you stand.

Your reputation, and maybe even your commercial survival, could depend on it.