logo negative color

Is Gather GDPR Compliant? Understanding Data Privacy in Virtual Spaces

Online education hub on Gather

In today’s digital age, online interactions are essential, raising the importance of data security and privacy. The digital landscape offers immense opportunities for connectivity and innovation but also poses challenges in safeguarding user information. This issue is particularly relevant for virtual event platforms and remote offices, where the exchange of sensitive data is common.

The European Union’s General Data Protection Regulation (GDPR) sets a high standard for data privacy laws, setting strict standards for how companies collect, store, and manage personal information. In this context, platforms like Gather are under scrutiny for meeting these stringent standards. As experts in the field of virtual experiences, our team at Space Makers understands the complexities of GDPR compliance, providing expert solutions for challenging scenarios.

The Evolving Landscape of Online Data Security

Our commitment to data security goes beyond compliance. In the digital age, building trust is crucial. Users often share personal information with platforms without fully understanding potential risks. Therefore, it’s essential to grasp not just the legal framework, but the technological and ethical implications of data handling. This is where platforms like Gather come into the picture – offering innovative ways to connect digitally. But how do they ensure the privacy and security of their users?

The GDPR has a global impact, affecting any entity that handles data from EU citizens, including US-based platforms like Gather. Understanding these compliance nuances is vital for both users and providers. It involves examining data collection, processing, and storage practices to ensure they align with GDPR’s rigorous requirements.

At Space Makers, with our company headquarters and offices located in the European Union (Prague and Frankfurt), we bring a wealth of experience from over 100 Gather projects for large European corporations, ministries, public institutions, and many others, all adhering to the strictest data privacy standards. We are here to guide you through this journey, offering peace of mind that your data is not only secure but handled with the utmost care and responsibility.

jll linkedIn metahood 1 v1 Large

JLL’s inaugural metaverse project enabled new joiners to engage in training and workshops focused on inclusivity and sustainability, held on the Gather platform.

Does using Gather require a registration?

Gather stands out for its easy access and user-friendly approach. Unlike other virtual event platforms that often require users to create accounts, providing personal information like names and email addresses, Gather simplifies the process. Users can join events in just a few clicks, directly from their web browser. This streamlined access boosts convenience and lowers the entry barrier for participants.

The platform’s design, which allows for engagement without account creation, means Gather collects minimal personal data. This approach aligns well with GDPR’s emphasis on data minimization and privacy by design. Although registration is not required for standard interactions, Gather provides an account creation option for those who wish to do so.

This dual approach serves a broad audience. It offers more functionality to registered users while keeping access straightforward for casual participants. Even for users opting for registration, Gather ensures that any personal data collected during registration is handled transparently and securely, in compliance with GDPR guidelines.

The option to participate without registering is especially beneficial for both event organizers and attendees. Organizers benefit from a simplified event setup, free from complex registration systems or extensive user data management. Attendees enjoy the convenience of joining events quickly, without the need for detailed sign-ups or worrying about their data’s security. This accessibility could lead to higher event participation and attract a wider range of attendees, as it removes common obstacles related to privacy concerns or the hassle of registration processes.


Hosted on Gather, this 2-day virtual job fair hosted by HYPE Agency helped global IT professionals to secure their dream jobs at leading tech companies.

Data encryption and security practices at Gather

Gather employs industry-standard encryption and key management practices to safeguard data during transmission and storage. While no system can promise complete security, Gather commits to using reliable methods to protect personal data.

In a significant stride towards exemplary data security and privacy standards, Gather has achieved SOC 2 Type II certification as of March 2024. This certification underscores Gather’s unwavering commitment to safeguarding user data, demonstrating robust protection mechanisms for data security, availability, confidentiality, processing integrity, and privacy. By meeting the requirements of the SOC 2 Type II audit, Gather not only ensures the protection of user data from unauthorized access but also reinforces its dedication to complying with data protection principles and regulations. For us at Space Makers, this achievement bolsters our confidence in recommending Gather as a platform that prioritizes the security and privacy of its users, enhancing our promise to deliver secure, engaging, and compliant virtual experiences.

With server locations across the globe, including in the United States, Brazil, Japan, Germany, Singapore, and India, Gather acknowledges the importance of GDPR compliance for its international user base. This global operation necessitates a keen focus on adhering to GDPR standards, especially for user interactions within the UK and EU. The discussion extends to how Gather’s worldwide infrastructure influences its approach to GDPR compliance, especially when using advertising cookies and related technologies.

Data Processing Agreements and International Data Handling

Gather commits to GDPR compliance by entering into data processing agreements with its customers. As official Gather Ambassadors and verified partners, Space Makers is equipped to assist in organizing all necessary agreements, offering comprehensive support through internal audits and approvals. Gather integrates Standard Contractual Clauses (SCCs) within these agreements and has established a range of security measures to protect personal data, particularly for users in the EU and UK.

At Space Makers, we recognize the diverse needs and preferences of clients regarding virtual platforms. Although Gather is favored for its innovative features and user-friendliness, it might not be the perfect fit for every situation. That’s why we provide an array of alternative solutions, including platforms based in the EU, to ensure our services are customized to each client’s specific requirements.


A glimpse into the intricately designed workshop rooms at the Palace of Lietarets by Goethe Institute, showcasing the virtual space’s capability to support interactive sessions on Gather.

For clients opting out of Gather due to unique needs or concerns about compliance, Space Makers has a portfolio of GDPR-compliant alternatives already prepared. These options are carefully selected and vetted to meet the highest data protection, security, and user experience standards. Our goal is to offer platforms that not only adhere to GDPR but also conform to other relevant data protection regulations and best practices.

Conclusion: Gather’s GDPR Compliance for your virtual event space or remote office

Gather, known for its unique and adaptable virtual interaction platform with minimal personal data usage, is on a continuous path toward full GDPR compliance. As a US-based entity operating servers globally, including locations in the EU such as in Frankfurt, Gather faces unique challenges. Despite these challenges, it has made significant progress in aligning with GDPR requirements and enhancing its technical frameworks. The platform’s pursuit of SOC 2 Type 2 compliance underscores its commitment to the highest security and data protection standards.

Over the years, Gather has secured the trust of data protection officers from various European companies and institutions. This trust is rooted in Gather’s conservative data collection practices, commitment to securing active user consent, and robust data security measures.

Doctor Without Borders

Doctors Without Borders conducted an internal hackathon in a custom-designed virtual environment by Space Makers on the Gather platform.

At Space Makers, our extensive experience provides us with valuable insights into overcoming potential data protection and privacy challenges on Gather. We offer specialized guidance on participant management to ensure both compliance and security. Our expertise extends beyond platform functionalities to ensuring all aspects of user interaction are aligned with GDPR standards. The combination of Gather’s innovative features and our know-how at Space Makers enables us to transform virtual events into secure, engaging, and compliant experiences.

Moving forward, we remain committed to continuing our innovation while adhering to the highest privacy and data protection standards. Whether you’re looking to host a virtual event on Gather or explore other solutions, Space Makers is here to guide you through every step, ensuring a seamless virtual experience. For more details or to discuss your next project, feel free to get in touch and schedule a call with us.

Interested? Let’s talk.

Fill in the form or reach us directly here.
We usually respond in a couple of hours.

Lukas cerny

[email protected]


other interesting articles

This website uses cookies

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Cookie Policy. You can manage your preferences here.