Can event organisers take photos of me without my consent?

Written By Maeve Dunne

You're at a conference, a fundraiser, or a company event. A photographer is doing the rounds, snapping away. Did you actually agree to be in those photos, and does it matter under GDPR?

The short answer: yes, GDPR applies. But no, that doesn't mean event organisers need a signed form from every person in a room.

Your photo is personal data

Under GDPR, a photograph that identifies you is personal data, full stop. That means anyone taking and using photos of identifiable individuals is processing personal data, and they need a lawful basis to do so.

Does the organiser need your consent?

Not necessarily. While consent is one legal basis under GDPR, it's not the only option and at large events, it's often not practical. Asking every attendee at a 300-person conference to sign a consent form before a group photo just isn't realistic.

Instead, many event organisers rely on legitimate interests essentially, they have a genuine reason to take the photos (to promote the event, show it was a success, etc.), the photography is proportionate, and it doesn't unreasonably intrude on attendees' privacy.

To rely on this, the organiser needs to be able to show they've balanced their interests against yours and that means being upfront about it.

What should organisers actually do?

It depends on the size and nature of the event:

  • Large events (conferences, public gatherings): Put up clear notices at the entrance— or include it in the event communications letting people know photos will be taken, why, and how they'll be used. This is the minimum.

  • Smaller events (team days, workshops, client gatherings): Consent becomes more important here. One practical approach: use coloured lanyards — green for those happy to be photographed, red for those who aren't. Simple, visible, and respectful.

What are your rights as an attendee?

You have the right to know your photo is being taken and used. If an organiser is relying on legitimate interests, you can object to how your image is being processed  and they need to take that seriously.

If you have specific concerns, for example, you have safety reasons for not wanting your image published raise them with the organiser directly. GDPR gives you real rights here, not just fine print.

The bottom line

Event photography and GDPR compliance aren't in conflict — but organisers do need to think it through. The key principles are transparency, proportionality, and respect for attendees.

If you're an event organiser unsure whether your approach is compliant, or an attendee whose image has been used without proper notice, we can help.

Need practical GDPR advice for your events or organisation?

Privacy Path helps Irish and UK businesses stay compliant without the complexity. Get in touch at privacy@privacypath.ie

 

Maeve Dunne
Next

A hidden data problem: What your PDF may be saying…without you even knowing.