Skip to content

Implications of GDPR in live streaming

GDPR definition

GDPR, short for general data protection regulation, is legislation centered on strengthening individual integrity by regulating how personal data is accessed
and used online.  

GDPR went into effect in May 2018 and regulates how companies, authorities, and organizations handle people’s data. By this, GDPR strengthens the individual
citizen and allows for greater control over how personal data is collected and used.
More specifically, the legislation covers any data that can be used to identify an individual. This includes IP addresses, names, and profile pictures, among others.
Beyond that, GDPR also protects information.  

Even though GDPR is legislation brought into play by the European Union, it affects countries and businesses outside of the EU. Companies are responsible for making sure individuals can control and manage how the company is accessing and using their data. Consequently, companies doing business in the EU but are based elsewhere still must comply with GDPR.  

GDPR in live streaming

How GDPR affects live streaming

As for live streaming, any personal information and data used needs to be handled in accordance with GDPR. As a result, the security and protection of the stream are of uttermost importance.

Keep in mind that VOD means that video is stored, often online, which further emphasizes the importance of appropriate stream security and authentication.

CDN providers distributing your content typically have access to traffic data that could fall under GDPR, such as IP:s.

GDPR in live events

Live events, either fully digital, in hybrid forms, or multi-hub digital meetings need to take GDPR into account. Compliance with GDPR is of importance no matter how large the event is. Hence, when organizing a live event, it is necessary to consider how data will be collected during the event and make sure that this information is available upon request.

How Vindral is optimized for GDPR

Vindral features functionality to customize which regions of the CDN are active, providing control over which data centers are permitted. This enables compliance with regulations stating that data must be retained within specific zones – specifically the EU for GDPR-compliant live streaming.

Furthermore, to prohibit unauthorized access to streams, Vindral features an authentication system outlined in our documentation:

All streams are sent using encrypted methods, making eavesdropping essentially impossible.


Manage your data gathering, security, and deletion for compliance with data protection regulations such as GDPR.