Navigating Privacy Laws For Events


As event planners, we often find ourselves juggling a million details to create memorable and successful events. Amidst all the hustle and bustle, it’s easy to overlook a crucial aspect of event planning: privacy laws. You might be wondering, “But you’re an event planner, what do you know about privacy?” Spending more than 20 years working with Canadian federal privacy legislation, I’m here to use that expertise to help educate our industry on this important topic.

To make collecting personal information easier for you, I’ve created a downloadable cheat sheet that can guide you through meeting privacy law requirements. In this article, we’ll explore some key insights on privacy laws and how they apply to event planning, particularly in Canada.

Privacy Principles: A Foundation for Compliance

Canada’s latest privacy legislation introduced 10 fundamental principles that we must adhere to when dealing with personal information. These principles can serve as a guide for event planners not only in Canada but also around the world. Let’s break down these principles to understand how they apply to event planning:

  1. Accountability: Within your organization, designate someone responsible for managing personal information.
  2. Identifying Purposes: When collecting personal information, inform individuals about why you are gathering their data.
  3. Consent: Obtain individuals’ consent before collecting their personal information.
  4. Limiting Collection: Collect only the personal information necessary for your intended purpose, which often means assessing whether certain information is a “need to have” or simply a “nice to have.”
  5. Limiting Use, Disclosure, and Retention: Use the collected information only for the stated purpose, disclose it only to those mentioned, and dispose of it as specified when collecting the data.
  6. Accuracy: Ensure the information you hold about individuals is accurate.
  7. Safeguards: Implement appropriate safeguards to protect personal information.
  8. Openness: Be transparent about how you collect, use, safeguard, and dispose of personal information.
  9. Individual Access: If someone requests access to their personal information in your possession, provide it to them.
  10. Challenging Compliance: Individuals can submit complaints if they believe you mishandled their information.

Consent and Limiting Collection: Key Considerations

Two of these principles, consent and limiting collection, are particularly relevant to event planners.

Consent: You must obtain individuals’ permission to collect their personal information. This can be as simple as a checkmark or a signature. Be transparent and honest in your explanations when seeking consent, avoiding any attempts to trick people into agreeing.

Limiting Collection: This principle emphasizes the importance of collecting only the information you truly need to fulfill your event’s purpose. Evaluate each data point on your registration form to ensure that it is necessary.

Navigating Attendee Lists and Sponsorship Offerings

Here’s where privacy laws and event planning often intersect. Selling attendee lists as part of sponsorship packages can be illegal, and this practice goes against privacy legislation both federally and provincially in Canada. Similar rules likely apply in other countries with privacy legislation.

Sharing personal information without individuals’ knowledge and consent is a privacy violation. Attendees should have the right to choose who accesses their personal information.

A Solution: The Opt-In Check Box

If you’re eager to provide attendee lists to sponsors, there’s a lawful way to do it. Implement an opt-in check box on your registration form. Clearly explain why you want to share their information and with whom. Be honest and straightforward in your language, and never attempt to deceive or manipulate attendees into agreeing.

Sample Text:

“I agree to my name and email address [insert specific information being shared] being shared with the Platinum and Premium Sponsors [customize based on your event] of the [insert event name] taking place on [insert event dates]. I understand that my information is being shared so that the above-named sponsors can contact me following the event to promote their business and services [adjust if sharing information in advance].”

Opting for an opt-in approach may reduce the number of contacts on your list, but those who remain have willingly chosen to be contacted, increasing their quality as leads for sponsors.

Permission Marketing and Common Sense

Seth Godin, in his book This is Marketing, introduces the concept of permission marketing, which aligns perfectly with privacy legislation. Real permission isn’t merely presumed or legalistic; it must be obvious and explicit. Always keep your promises to individuals about how you will use their information.


As event planners, we have a responsibility to protect attendees’ personal information and adhere to privacy laws. By following the 10 privacy principles and implementing opt-in mechanisms, we can create ethical and compliant events that respect attendees’ privacy rights. Let’s make privacy a fundamental part of our event planning process, ensuring that we not only meet legal requirements but also build trust with our attendees and sponsors. Remember, being a privacy-conscious event planner isn’t just a legal requirement; it’s a sign of professionalism and a commitment to your attendees’ well-being. Let’s make privacy a priority in our industry.

Julia O’Grady has big vision, fresh ideas and a proven track record in the events industry. She and her team work hard to exceed client expectations and push ITM Events to achieve greater heights.



Venue & Supplier Profiles