On May 25, 2018, the European Union’s (EU) new General Data Protection Regulation (GDPR) regulations related to personal data collection will go into effect. A quick google search will produce a wide range of sources capable of providing an overview but in a nutshell, it means that if your organization processes personal data of EU citizens, you must comply with required consent measures.
If your organization collects and stores user EU citizen data (often referred to in the regulations as “data subjects”), the individual providing the information needs to be aware of it and give permission before any action is taken.
I would be willing to bet that most orchestra and opera organizations have at least one EU citizen’s data on-hand and if they purchased tickets or made a donation, then you definitely need to pay attention to these new regulations.
I published an article at ArtsHacker yesterday that dives into this issue. It’s a good place to begin learning about how the GDRP might impact your organization.