1. Home
  2. / Blog
  3. / Attendee data and privacy: what happens to the information at an event

Blog

Attendee data and privacy: what happens to the information at an event

When an attendee enters their name, ID or photo to get into an event, they’re trusting you with that data. What’s it used for? Who has it? Is it deleted? The short answer: in a well-run access control operation, data is collected with consent, used only to validate entry, and stays under the organizer’s control. Nothing more.

At SOMOS DER we treat attendee data for what it is: sensitive information that has to be looked after. Here’s how we do it, and what the law says in Argentina.


What data is collected (and why the minimum)

Good access control asks for only what it needs to validate entry:

If the event uses facial recognition, a photo captured at pre-registration is added. The principle is the same in every case: data minimization. The less data you collect, the less you have to protect.

What it’s used for: a single purpose

The data is used for one thing only: to generate the QR (or facial profile) and validate event access. It doesn’t feed marketing campaigns, it isn’t sold, and it isn’t shared with third parties without consent.

This is key: the organizer owns the database. The access operator manages it technically, for that single purpose, and hands it back to the client. You control the list at all times.

What Law 25.326 says

In Argentina, Law 25.326 on Personal Data Protection sets the rules. In plain terms, the core points:

This article is informational and doesn’t replace legal advice. For events with strict privacy requirements, it’s worth reviewing the data handling with a specialist.

Collecting data to accredit an event is perfectly legitimate as long as these principles are respected. The problem is never collecting data: it’s collecting it carelessly.

How we handle it in practice

Three simple rules:

  1. A secure environment. Pre-registration and the database run on a controlled environment, not on spreadsheets floating around over email.
  2. The client is in charge. The database belongs to the organizer. If your company has a retention or deletion policy, we build it into the setup.
  3. No parallel uses. The data isn’t reused for anything other than the event.

For corporate clients with specific requirements — like brands handling their own customers’ data — we adapt the data handling to their standards. It’s part of the service, not an add-on.


Privacy isn’t a legal footnote: it’s part of the trust the attendee places in the event. We look after it the way we look after the door. Learn about our access control and accreditation service.

FAQ

Got questions? We’ve got answers.

What data is collected at access control?

Only the minimum needed to validate entry: typically first name, last name, email and ID number, plus whatever fields the organizer defines (company, phone, etc.). If the event uses facial recognition, a photo is added. The rule is to ask only for what access actually requires.

What is attendee data used for?

Only to generate and validate event access. It isn't reused for anything else or shared with third parties without consent. The organizer controls the attendee database at all times; the access operator manages it technically for that single purpose.

What does Law 25.326 say about data at events?

Argentina's Law 25.326 on Personal Data Protection requires that data be collected with consent, for a specific purpose, and that its security and confidentiality be guaranteed. The data subject has the right to access, rectify and delete their data. Collecting data to accredit an event is legitimate as long as those principles are respected.

What happens to the data after the event?

It's kept only as long as needed for the event's purposes (validation, reporting, support) and is handled according to what the client defines, since the client owns the database. If your organization has a specific retention or deletion policy, it's built into the setup.

Got an event? Let’s talk.

Tell us what you need and we’ll put together a proposal. We reply fast.