Data Protection and GDPR Compliance with EventsAir
To professionally manage registration and communication for ISST events, we use EventsAir, an event platform developed by Centium Software. The platform is designed to be compliant with the EU General Data Protection Regulation (GDPR) and other international security and privacy standards. You can find the statement of GDPR Compliance Certificate here
What Data We Process
We collect and process the following information via EventsAir:
- Contact details (e.g. name, email, address)
- Professional and affiliation data
- Preferences for participation, accommodations, dietary needs
- Communication preferences and opt-ins (e.g. marketing, newsletter)
- Payment-related information (processed securely by third parties)
Legal Framework
Data processing is based on:
o Art. 6(1)(b) GDPR – performance of a contract (e.g. event registration)
o Art. 6(1)(a) GDPR – consent for optional communications
A Data Processing Agreement (DPA) is in place with Centium Software to govern all processing activities under Art. 28 GDPR.
Security and Hosting
EventsAir implements strong technical and organizational measures:
- Encryption of personal data at rest and in transit
- Access control, role-based permissions, and audit logs
- MFA and SSO support for admin users
- Hosting on servers located in the EU for all European events
- Regular third-party security audits and penetration testing
Your Rights
In accordance with the GDPR, you have the right to:
- Access and review your personal data
- Request corrections or deletion
- Restrict or object to processing
- Withdraw any previously given consent
- Request data portability
Requests can be submitted to: [ISST Event manager]