Javascript is not activated in your browser. This website needs javascript activated to work properly.

Public events

Personal data processing for public events
Those who work with project or event management often have to process personal data such as lists of participants, dietary requirements or in the documenting of the event via photography and filming. On this page you can read about what applies when processing personal data.

The legal basis for processing personal data for events

For all personal data processing you need to ensure you have a legal basis and are aware of which legal basis is applicable. One of the legal bases is consent which is common within external engagement and communication.

Read more about the legal basis and consent on the following pages:

What information do I need to provide to external participants?

Pursuant to Articles 13 and 14 of the GDPR, you have an obligation to inform data subjects, in this case registered external participants, about a number of points.

Read more about the information you need to provide on the Information for data subjects page

Practical processing of personal data

Registrations for events

Registration data for events is deemed to be personal data and you need to consider how you are going to collect it and what information you need to provide to the data subject. It is recommended that you use approved suppliers for event registrations, for example:

Documenting with photography and filming

If you wish to film or take photographs during the event you need to consider if you need to ask for consent. 

Read more about consent on the Photography and filming page

You may also consider the possibility of offering a photography- and film-free area for participants who do not wish to be photographed or filmed during the event. 

Checklist for public events

  • Have you used an approved supplier to create the registration forms?
  • Have you provided the data subjects with information on the registration form about the processing of personal data?
  • Have you asked for the data subject’s consent for the processing of personal data on the registration form?
  • Do you have a plan for how you are going to store and delete the personal data?
  • Have you considered whether or not you require consent for photography and filming? Consent is not always required, but if it is:
  • Have you prepared consent forms for photography and/or filming?
  • Have you prepared general information for participants about photography and filming at the event?
  • Is it possible for you to create a photography- and film-free area during the event?
Page Manager:


dataskyddsombud [at] lu [dot] se

GDPR glossary

  • Personal data controller – the organisation responsible for processing your personal data. In all but a few cases, Lund University is always the personal data controller.
  • Data subject – the person whose personal data you collect and/or process.
  • Data protection officer – the role and function responsible for Lund University’s compliance  with the GDPR.
  • The EU’s General Data Protection Regulation (GDPR) - The Swedish translation of GDPR is “Dataskyddsförordningen”.
  • Data Protection Act – the Swedish national complement to the EU’s GDPR.

Telephone: +46 (0)46-222 00 00 (switchboard)
Mailing adress: Box 117, 221 00 Lund, Sweden
Invoice adress: Box 188, 221 00 Lund, Sweden
Organisation number: 202100-3211

Site manager: staffpages [at] lu [dot] se

About this website