Lyyti
Log in
  • Knowledge Base
  • About us
    • About us
    • Contact us
    • Careers
    • Sustainability
    • In English
    • Suomeksi
    • På svenska
    • Français
    • Trending/popular
      • CRM integration Marketing automation
        FI2
      • Event websites New!
        FI 3
      • Experience Value Score (EVS)
        FI 4
      • Our latest ebook about AI and events
        FI 5
    • Platform
      • Guest management Invitations and registrations
      • Event communication Automated Emails and SMS
      • Reporting & event data Measure your event impact and ROI
      • Streaming Live, pre-recorded or on-demand
      • Privacy & security High security demands and GDPR
      • Surveys Collect data and conduct research
      • Event check-in app Onsite or hybrid check-in
      • Integrations Real time data sync with you tech stack
      • Ticketing & payments Easy and quick transfers
      • Branding & design Everything according to your brand
    • FI - 1

      Sign up for our upcoming free events!

      Go to events
    • Popular features
      • Event communication
        FI 6
      • Event websites New!
        FI 3
      • Reporting and event data Experience Value Score
        FI 4
      • Integrations
        FI2
    • Event formats
      • Live and in-person
      • Hybrid
      • Virtual and webinars
    • Inspiring use cases
      • Sales and marketing
      • Internal events
      • AI & Events
      • Diplomatic events
    • FI - 1

      Sign up for our upcoming free events!

      Go to events
  • Demo
  • Pricing
  • Customers
    • Trending now
      • Guide: AI & Events
        FI 7-2
      • Integrations will take your event production to the next level
        FI2
      • Blog: Maximize the Impact of Your Webinars
        FI9-1
      • Video: GPDR & Events - What you need to know
        FR 8-1
    • Our resources
      • Event calendar Join our free events or watch on-demand
      • Blog Trends, news, guides and much more
      • E-books, guides, templates Inspiration and best practices
      • Customer stories Learn from the best
      • Future of Events Our yearly flagship event, watch on-demand
      • Full resource hub Get inspired!
      • Our YouTube channel On-demand content and much more
      • Support Need help? Get in touch with our support
      • Knowledge base Customer support hub
    • FI - 1

      Sign up for our upcoming free events!

      Go to events
Request demo
Request demo
Log in

Lyyti is a reliable partner for your events

High standards in information security is coded into our DNA. We want to make sure that your participant data is safe with us.

We are fully compatible with GDPR and we offer tools for our customers to do the same.

Book a demo!
Event timeline - reporting

Your data is safe with us!

data_security

We do not transfer customer data outside of Europe

  • Lyyti's operability is constantly guarded by an operations team. The team is on call 24/7, every day of the year. 
  • Lyyti’s backup system covers four different operative levels which are geographically separated.
  • We also offer an automated anonymisation that you can use to automatically protect your participants most valuable information. This means that Lyyti will automatically delete participant information after the event is ended or when you so choose.

Robust data security processes

  • Security Operations Center (SOC) and modern Extended Detection and Response (XDR). In short, we monitor, analyse and react to any deviations or threats that might target our service or operations.
  • Automated CI/CD pipeline, which includes automated monitoring for vulnerabilities in our code
  • Lyyti's premises have been designed and equipped to comply with very strict security regulations 
  • Annual information security audits by independent 3rd party
for_the_admin_user
invitations_registrations

Making sure our partners are up to the task!


  • Lyyti processes data on EU territory only (GDPR 2016/679).
  • All employees must successfully complete annual and mandatory data security and data protection training.
  • All subprocessors are hand picked to match Lyyti's high security standards. Click here to view the subprocessor list.

Suositut ominaisuudet

Lyytin parhaat puolet finanssisektorin mukaan

Brändinhallinta ja viestintä

Valmiiden tai räätälöityjen pohjien avulla viestit juuri sinun yrityksesi näköisesti. Vähennä brändipoliisin harmaita hiuksia ja varmista, että kaikki käyttävät samaa ilmettä!

Tietoturva ja GDPR

Lyytin turvallisuus ominaisuudet ovat huippuluokkaa. Suojaa osallistujien tieto tehokkaasti ja hallinnoi tapahtumia ammattimaisesti.

Raportointi ja seuranta

Onnistuaksesi tapahtumissa tarvitset dataa päätöksenteon tueksi. Helposti käytettävät ja jaettavat raportit auttavat sinua kehittämään tapahtumiasi entistä paremmiksi! 

Choose the right plan for your needs!

Starter

Organise and communicate events as cost-efficiently as possible.

Starting at
180€
/month
Pick this plan

Basic

Organise beautiful & converting events with less effort in complex manual tasks.

Request pricing

Featured

Professional

Utilise key insights & grow your business through event marketing automation.

Request pricing

Enterprise

Enjoy more customisation & flexibility. Talk to one of our event experts and they will find you the perfect solution for your organisation. 

Request pricing

Data protection

Lyyti is GDPR-compatible. We meet or surpass all demands set by the General Data Protection Regulation.

In Brief

Taking effect on 25 May 2018, the European Union's General Data Protection Regulation (GDPR) is one of the most important international legislative changes in data protection in decades. The purpose of the regulation is to increase the individual's rights to manage and process their personal data and to harmonise legislation within the European Union.

Lyyti is firmly committed to the new Data Protection Regulation. In addition to complying with the regulation ourselves, it is important for us to help our customers with their compliance efforts. This goal will be achieved through training, instruction, and technical development of our software.

Lyyti Privacy Policy

 

Lyyti offers tools and features for GDPR-compliant event management

Lyyti is a SaaS company specialized in participant data management, with millions of registrations and over 70 000 events handled yearly. Where events are handled, there’s always personally identifiable information and sensitive personal information involved. We want to set a high standard for data protection in event management and lead by example. Lyyti offers all clients all the adequate tools needed for creating and managing GDPR-compliant events, and more.

Based on hundreds of client interviews we’ve found that organizations around Europe battle pretty much the same issues when it comes to GDPR compliancy. This page is a roundup of these common data protection challenges, where we also present the tools and features Lyyti provides for adressing these issues.

All of our clients have access to the basic compliance tools included in their Lyyti license. However, our clients are different and have different needs. This is why we’ve bundled the advanced compliance tools into either the Compliance Center (included in Lyyti licenses purchased or updated after Jan 1st 2017) or the Enterprise license level.

Scattered registers, i.e. participant lists saved here and there can cause problems. Scattered registers form easily at events, when there’s an undeniable need to share specific participant information with third parties like catering or accomodation representants.

Lyyti offers one centralized participant database for safe storage of personally identifiable information. The data can be shared securely via online reports, which can be regulated closely by the sender: the report can be password protected, access can be restricted and the report set to expire at a certain time. Thanks to online reports, the recipient never needs to save any personal data onto their own device.

The online reporting feature is included in all Lyyti license types.

The privacy policy is the document that clarifies to the registered person how and why their data is stored and handled. One organization can have several privacy policies due to having several registers, e.g. one for marketing purposes and another for customer data. The privacy policy needs to be accessible to the registered persons.

All our clients have the option of creating and publishing (in several languages if needed) one privacy policy for their Lyyti events. In practice this is sufficient when the client only maintains one register.

One privacy policy feature is included in all Lyyti license types.

If an organization is managing events that form separate filing systems or registers (e.g. client events related to the marketing register or internal events related to the employee register), there may be a need to manage several different privacy policies.

A person can be entered into a filing system in Lyyti based on explicit consent, where the person ticks a box to agree to be registered. The registration can also be based on other terms, which are to be clarified to the person about to be registered when they are signing up. In this case explicit consent isn’t needed, as long as the terms are presented clearly to the registered person.

Several separate registers in Lyyti is an especially useful model of conduct for event agencies. In this model, the client is producing events for their client, which makes them not a register controller, but a processor. An event agency can create client-specific privacy policies, manage client-specific consent questions and edit or remove data in client-specific registers.

The several registers feature is available in Lyyti licenses that include the Compliance Center. The Compliance Center is included in licenses purchased or updated after Jan 1st 2017.

If the participant’s/registered persons explicit consent is requested for something (e.g. for a newsletter), the consent information can be stored and handled in Lyyti. The consent question feature is easy to use and transparent for both user and participant. If consent has been given in a previous event, Lyyti will recognize this based on the email adress connected to the participation, which eliminates repeated consent questions.

One consent question and consent management is included in all Lyyti license types.

When a need arises for several separate consent questions (e.g. several different newsletters or other marketing consent), an unlimited amount can be created in Lyyti. The relevant consent questions can be selected for each event at the user’s discretion.

The several consent questions feature is available in Lyyti licenses that include the Compliance Center. The Compliance Center is included in licenses purchased or updated after Jan 1st 2017.

According to Article 15 in the regulation the registered person (in this case the participant) has the right to access their personal data and information about how this personal data is being processed, and to request changes or erasure.

Lyyti has solved this by providing a search feature that retrieves all data on a participant and compiles it into either a PDF-file or machine language. The search can be executed either within the events belonging to one user, or within all events belonging to the entire organization.

Participant data retrieval from one user’s events at a time is included in all Lyyti license types.

Participant data retrieval from the entire organization’s events and the PDF or machine language file generation is available in Lyyti licenses that include the Compliance Center. The Compliance Center is included in licenses purchased or updated after Jan 1st 2017.

When an organization manages more than one register, the participant data search can be performed in either just one register or all existing registers at once.

Participant data retrieval from one or more registers is available in Lyyti licenses that include the Compliance Center. The Compliance Center is included in licenses purchased or updated after Jan 1st 2017.

Personally identifiable information loses its sensitivity status when all data that could help tie the information to a natural person is removed. The process is known as anonymisation, after which the data isn’t subject to the GDPR anymore. Such anonymised event data can be used for statistics etc. The need for anonymisation may arise either from the registered person’s request or when the need to process certain personal information is gone (e.g. a sufficiently long time has passed since the event).

An anonymisation feature for processing an individual participant at a time is included in all Lyyti license types.

When an organization controls several registers, a need may arise to find and anonymise a registered person within just one of many registers. A good example is a company that requires explicit consent for entering a participant in their participant register, but want to keep their participant register and marketing register separated.

Event agencies and conference organizers appreciate this feature, because this way different clients’ participant registers can be kept separately and the participant search is easy to direct to the correct register.

Anonymisation spanning one or several registers is available in Lyyti licenses that include the Compliance Center. The Compliance Center is included in licenses purchased or updated after Jan 1st 2017.

Anonymisation of an entire event at one click is a handy feature for getting rid of personally identifiable data in e.g. old, archived events.

Anonymisation of an entire event is available in Lyyti licenses that include the Compliance Center. Since anonymisation cannot be undone, this feature is only accessible to the admin user.

Automatic anonymisation is a set of tools for the admin user to set certain organization-wide rules for anonymisation with. Data can be set to be anonymised at a certain point in time, or a certain field or question can be anonymised automatically at the admin user’s discretion.

This set of tools is particularly useful to large organizations and other clients who want to standardize and centralize data management and anonymisation practices for the entire organization.

Automatic anonymisation is available in Lyyti Enterprise licenses.

Event participation often acts as an expression of consent, e.g. when a participant signs up for an event and simultaneously agrees to receive a newsletter as stated in the marketing register privacy policy. In these cases the consent information, along with the participant information, needs to be entered into another system (e.g. a marketing platform), where the register is processed further.

Consent information export via reports and Excel file generation is available in all Lyyti license types.

Users who generally manage and process their registers in another system (CRM, marketing platform, HR-system etc) despite managing their events in Lyyti, appreciate the fact that the consent information can be managed automatically. Automatic consent information export (and import) can be facilitated via Lyyti’s API.

Export and import of consent information via API is available in Lyyti Enterprise licenses.

Information considering a natural person’s health situation, political activity or sexual orientation are examples of sensitive personal information. Sensitive personal information should only be processed and stored when it is absolutely necessary and removed once it’s no longer needed.

Lyyti offers tools for flagging certain questions as sensitive data and for scheduling removal of said data. The admin user can set the sensitive data rules for the entire organization, ensuring safe and certain removal of sensitive data.

Sensitive personal data management tools are available in Lyyti Enterprise licenses.

Please bear in mind that events themselves don’t need to be deleted, because they are not personally identifiable information.

When it comes to personal data contained in past events, it’s good to reflect on these points:

Is the organizer under some legal obligation to retain the data, e.g. relating to proof of education or bookkeeping purposes?
Does the organizer have a lawful basis and purpose for data processing, e.g. in events aimed at customers who are already in the customer register?
Does the organizer have a reason to store the data in connection to legitimate economic activity or to fulfill contractual obligations (e.g. a recurring event where previous participation may affect future guest lists)?
If there’s no need to hang on to personal data from past events, it may be in order to anonymise e.g. events that have ended more than two years ago, instead of removing them completely. We recommend that this is done one event at a time, as anonymisation can not be undone.

Used by many, loved by millions!

Air_France_logo
blue-box-logo-with-registration-extra-largedigitalAXP_BlueBoxLogo_EXTRALARGEscale_RGB_DIGITAL_1600x1600
Discovery_Networks_Sweden
Vaaka (4)
KONE

Let's get started!

Talk to us!

Lyyti is an all-in-one event management software that helps organisations create meaningful encounters. No matter what the platform – live, online or hybrid – Lyyti’s automated functions for registration, communication, reporting and feedback make sure that every event is a success for participants and organisers alike.

  • twitter
  • facebook
  • linkedin
  • instagram
  • Product & solution
    • Platform overview
    • Our demo
    • Experience Value Score (EVS)
    • Pricing
    • Integrations & partners
    • Privacy & Security
    • Status
  • Resources
    • Future of Events
    • Case studies
    • Resource hub
    • Our events
    • Knowledge base
    • Blog
  • Company
    • Our story
    • Contact us
    • Careers
    • Privacy policy
    • General terms of service
    • Sustainability
    • Accessibility evaluation report
    • Lyyti Information Security
  • Help
    • Contact sales
    • Contact customer support

Download our app:

google-play-badge_1 36-layers

With love, MEOM