Event management security

Security that won’t cost you your sleep

Security isn’t just a promise to us: it’s a built-in way of working, audited by an external, accredited body. We process your participants’ personal data within the EU and follow practices that meet the requirements of an international standard. Eventilla’s information security management system is ISO/IEC 27001 certified – the first in the event and training management industry in Finland. Your participant and event data is safe, because security is built into every day of what we do.

ISO/IEC 27001

Manage personal information and generate reports – without any legal concerns.

ISO/IEC 27001 is an international standard for information security management systems. The certification granted to Eventilla confirms that our company’s internal practices, security policies, and risk management meet the requirements of the standard, as verified by an independent, external body.

The certification applies to Eventilla Oy’s information security management system (ISMS). It covers the development, maintenance, and support of our cloud-based SaaS services, as well as the internal processes and systems that support these services.

  • Independent verification: an accredited certification body has audited our practices
  • Certified information security management system: the certification covers how we manage information security
  • Support for procurement: verified security supports tenders and compliance requirements

Search for data and generate reports

All data and statistics from your events are always within reach. No more list management through email or Excel.

Enterprise-class security

Security is at the core of our product development. Personal data is never stored outside the EU, and we are committed to complying with the EU’s General Data Protection Regulation (GDPR). Our service is provided from audited, ISO 27001-certified data centers, and our information security management system is ISO/IEC 27001 certified – meaning our level of information security has been verified by an external, accredited body.

Fully GDPR-compliant

We assist you in handling personal data in accordance with GDPR, from privacy policies to checking one’s own information.

Data anonymization

Perform or schedule participant data anonymization. Only personal information will be removed, ensuring that statistics remain intact.

Integrations and API

Data moves securely between systems too

Participant data no longer needs to be moved by hand as Excel files or emails. Through Eventilla’s REST JSON API and webhooks, data flows directly and securely into other systems – even when it travels outside your organization.

Eventilla’s own technical team builds and maintains our APIs, so even an integration tailored to a single customer’s needs can be implemented securely and in a controlled way.

We offer dozens of ready-made integrations – among others to CRM systems, learning management systems (LMS), and financial software. Data stays within the EU in these integrations too, just as it does everywhere else in Eventilla’s processing.

  • REST JSON API: event data can be used in third-party systems in a controlled way
  • Webhooks for real-time events: for example, a registration or cancellation triggers an action directly in the target system
  • Ready-made integrations: dozens of ready-made integrations with CRM, LMS, and financial systems
  • EU-based processing, including via the API: data stays within the EU/EEA in integrations too

GDPR and personal data

GDPR and personal data processing in the EU

Events and training sessions almost always involve personal data – often sensitive data too, such as allergy or accessibility information (special categories of personal data under Article 9 of the GDPR). Eventilla is built to support this responsibly.

Personal data processing within the EU in event management

Data stays within the EU

  • EU-based processing: participant data is never taken outside the EU
  • Eventilla as processor: as our customer, you are the data controller, we act as the personal data processor, and we provide the necessary agreements (DPA)
  • Data lifecycle management: anonymization and deletion of participant data can be done or scheduled – statistics are preserved while personal data doesn’t linger unnecessarily
  • Privacy notices and consents: acceptance of the privacy notice and marketing consent as part of registration

Security features

Eventilla’s security features

We give event organizers the tools to manage participant data securely throughout the entire lifecycle of the event.

Role-based access control

Define precisely who in your organization can see and process which data

Encryption in transit and at rest

Data is protected with encryption both during transfer and while stored

Secure data sharing

Share information such as dietary requirements with your caterer through time-limited, protected reports instead of separate email attachments

Anonymization and deletion

Anonymize or delete participant data after the event – automated or scheduled

EU-based data centers

Data is processed and stored within the EU

Comprehensive audit logs

To help ensure security, Eventilla’s logs make it possible to check which user has processed which personal data

Independent verification

Verified security, in the eyes of the experts

The ISO/IEC 27001 certification process is a demanding undertaking that requires a company to take a systematic, documented, and long-term approach to managing information security risks. In our impartial audit, we confirmed that Eventilla Oy’s information security management system meets the requirements of the standard and that the company is able to protect its information assets in a planned and systematic way.

Niki Klaus | CEO, Into Certification

An event management system your security team will love too.

Interested?

Get in touch and we'll tell you more. You can also book a demo directly with our specialist.

"(Required)" indicates required fields

This field is for validation purposes and should be left unchanged.