15 November 2018, 10am
The subject of the 12th AIMS Marathon Symposium was the “General Data Protection Regulation (GDPR): Implications and impact on running events”.
Attendees heard from:
Dr. Lilian Mitrou, Expert on GDPR, Professor at the University of Aegean who said that behind the regulation is the principle that that privacy is a fundamental human right. As individuals have ‘the right to be forgotten’. We live in a world of ever-increasing cross referencing of data. The purpose of GDPR is protection of individual rights and accountability of those seeking to use personal data through greater transparency and better processes. Potential sanctions for transgressions range from a warning to a fine of up to 20 million euros or 4% of worldwide turnover. View presentation
Kostas Giannopoulos, IT Governance Senior Consultant, Priority S.A., Greece noted that ‘GDPR affects countries outside Europe should they wish to offer their goods or services to citizens of the EU. This extends as far as to those using language or currency used with the European Union’. He explained the key three roles in the process: the Data Subject (the natural person); The Controller (the entity that determines the use of data); and The Processor (Processes data on behalf of the controller)’. Mr Giannopoulos then traced the procedure and processes to be considered for an organisation preparing to have their strategy and processes for managing data. View presentation
Alejandra Silvestre, Data Protection Officer, Valencia Marathon Trinidad Alfonso, Spain warned that ‘with great power comes great responsibility’ and this is true when dealing with people’s personal data. The regulation states that information must be supplied in simple clear language rather than ‘legalese’. She suggested that any organisation communicating with over 3000 people would be expected to have a nominated Data Protection Officer (DPO). Ms. Silvestre outlined the factors that needed be thought through when preparing a strategy for GDPR and the implementation of processes and practice. View presentation
Andrea Basso, General Coordinator of the Generali Milano Marathon, Italy talked about the role of images in the context of GDPR he said: ‘images convey information and emotion often better than words. An individual’s image is considered as personal data under the GDPR legislation’. This extends even to spectators at events who may be filmed. To seek to cover this in the Generali Milan Marathon, signage is displayed around the course to inform the public of the possibility of them being filmed. Mr Basso also stressed the importance of the terms and conditions of the elite athlete agreements regarding consent to the use of their images and in what capacity. He also talked about the process of the amateur runner giving consent. Further, the importance of planning and processes required when that consent to be pictured/filmed is not given. View presentation
Renna Jarvält from the Tallinn Marathon gave an overview of the 22nd AIMS congress held in September and reported that the participant overall satisfaction rating was 97%. View presentation | Watch video | Watch video
Note to AIMS members: GDPR has considerable complexity and legal implications. Members are encouraged to review the presentations to be posted on the members section on the AIMS website www.aims-worldrunning.org.
The Symposium was arranged in collaboration with SEGAS (the Hellenic Athletics Federation) and ‘Athens Marathon. The Authentic.’ and has been held annually since 2007.
AIMS would like to thank partners and sponsors, in particular the ‘Region of Attica’ as co-organiser of the Symposium, the ‘Greek National Tourism Organisation’ and ‘Athens International Airport’ as official sponsors of the Symposium.