All the data I am collecting can be found on public domain.
No sensitive information are shared in the database.
The work we are doing is collating and curating.
People can find those events online on google.
It would just take them ages to find the right one and have all the list in one place.
I did my due diligence before launching this product and we are registered with the ICO (Information Commissioner's Office) and got trained in best practices.
This is an extract of the rules that determine if GDPR has been breached or not.
"Understanding whether you are processing personal data is critical to understanding whether the GDPR applies to your activities.
Personal data is information that relates to an identified or identifiable individual.
What identifies an individual could be as simple as a name or a number or could include other identifiers such as an IP address or a cookie identifier, or other factors.
If it is possible to identify an individual directly from the information you are processing, then that information may be personal data."
GDPR is only linked to individuals, not companies. And what we are sharing is their website, info about the event and best practices to approach the organisers to get booked.
All of which can be found on their website in the public domain.
Everything we do in our company is GDPR compliant and we keep ourself updated so we can keep doing so.