What does "privacy compliant" mean in the context of the digital guest list?
The GDPR of the German Federal Government regulates the handling and processing of personal data. Especially in times of Corona, where many establishments, companies and pubs now have to record the contact details of people present in order to trace any chains of infection, data protection must not be forgotten.
In order for these managed guest lists to meet the requirements of the Data Protection Regulation, it must be possible to guarantee that the personal data of those present:
- – are protected from prying eyes of third parties
- – will be deleted after the prescribed retention period depending on the country regulation
- – will be transmitted to the competent authority via a secure channel in case of need
- – will not be used for further purposes (e.g. advertising measures) without consent
Many establishments face the challenge of manually maintaining guest lists to meet these guidelines. However, with the help of Inscribe, these challenges can be easily circumvented.
What happens to the guests' data?
When a guest checks in to Inscribe via the QR code and enters their information, the personal information is encrypted with a private access key and stored securely.
Only holders of this private access key can view the data. This key is assigned once during registration. No one else, not even COCUS AG as the operator of Inscribe, has access to the personal data of guests, visitors, participants or employees. The collected data of the guests will be stored for the specified period of time and automatically deleted after this period.
In case of infection of a guest, the health department will contact the affected establishments. With Inscribe, it is easy to select the time period in question and create a list of potentially affected individuals to send to the health department to assist in clearing chains of infection.
The guests’ data is protected from external access via Inscribe and is only collected for a specific purpose and automatically deleted. Thus, Inscribe complies with the GDPR requirements and is clearly data protection compliant.
Privacy-compliant contact tracking also useful in the area of leisure activities
Inscribe is an alternative to pen & paper when collecting data from guests and visitors and can be used as a digital guest list in all industries. Guests of restaurants, visitors in office buildings or participants of events can easily and quickly add their names to the digital list by scanning a QR code generated specifically for the location.
But it is not only the service industry that can benefit from the use of the digital list of persons. The use of the simple registration procedure is also interesting for sports clubs and other recreational facilities as well as events and functions. Participation in leisure activities can also be made secure in this way, as for example with the handball club Hildener AT, which uses Inscribe for spectator registration.