diff --git a/src/pretix/base/migrations/0224_eventmetaproperty_filter_allowed.py b/src/pretix/base/migrations/0224_eventmetaproperty_filter_allowed.py
new file mode 100644
index 000000000..704a75910
--- /dev/null
+++ b/src/pretix/base/migrations/0224_eventmetaproperty_filter_allowed.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.16 on 2022-11-14 11:32
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pretixbase', '0223_voucher_min_usages'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='eventmetaproperty',
+            name='filter_allowed',
+            field=models.BooleanField(default=True),
+        ),
+    ]
diff --git a/src/pretix/base/models/event.py b/src/pretix/base/models/event.py
index 1de8bcaf2..0f6793f9d 100644
--- a/src/pretix/base/models/event.py
+++ b/src/pretix/base/models/event.py
@@ -1580,6 +1580,11 @@ class EventMetaProperty(LoggedModel):
         verbose_name=_("Valid values"),
         help_text=_("If you keep this empty, any value is allowed. Otherwise, enter one possible value per line.")
     )
+    filter_allowed = models.BooleanField(
+        default=True, verbose_name=_("Can be used for filtering"),
+        help_text=_("This field will be shown to filter events or reports in the backend, and it can also be used "
+                    "for hidden filter parameters in the frontend (e.g. using the widget).")
+    )
 
     def full_clean(self, exclude=None, validate_unique=True):
         super().full_clean(exclude, validate_unique)
diff --git a/src/pretix/control/forms/filter.py b/src/pretix/control/forms/filter.py
index 5474376ef..c9518e174 100644
--- a/src/pretix/control/forms/filter.py
+++ b/src/pretix/control/forms/filter.py
@@ -806,7 +806,8 @@ class OrderSearchFilterForm(OrderFilterForm):
         # We ignore superuser permissions here. This is intentional – we do not want to show super
         # users a form with all meta properties ever assigned.
         return EventMetaProperty.objects.filter(
-            organizer_id__in=self.request.user.teams.values_list('organizer', flat=True)
+            organizer_id__in=self.request.user.teams.values_list('organizer', flat=True),
+            filter_allowed=True,
         )
 
 
@@ -1545,12 +1546,13 @@ class EventFilterForm(FilterForm):
     @cached_property
     def meta_properties(self):
         if self.organizer:
-            return self.organizer.meta_properties.all()
+            return self.organizer.meta_properties.filter(filter_allowed=True)
         else:
             # We ignore superuser permissions here. This is intentional – we do not want to show super
             # users a form with all meta properties ever assigned.
             return EventMetaProperty.objects.filter(
-                organizer_id__in=self.request.user.teams.values_list('organizer', flat=True)
+                organizer_id__in=self.request.user.teams.values_list('organizer', flat=True),
+                filter_allowed=True,
             )
 
 
diff --git a/src/pretix/control/forms/organizer.py b/src/pretix/control/forms/organizer.py
index d43d138a4..fd0a2befe 100644
--- a/src/pretix/control/forms/organizer.py
+++ b/src/pretix/control/forms/organizer.py
@@ -182,7 +182,7 @@ class OrganizerUpdateForm(OrganizerForm):
 class EventMetaPropertyForm(forms.ModelForm):
     class Meta:
         model = EventMetaProperty
-        fields = ['name', 'default', 'required', 'protected', 'allowed_values']
+        fields = ['name', 'default', 'required', 'protected', 'allowed_values', 'filter_allowed']
         widgets = {
             'default': forms.TextInput()
         }
diff --git a/src/pretix/control/views/organizer.py b/src/pretix/control/views/organizer.py
index 59b6a80a8..cead980cd 100644
--- a/src/pretix/control/views/organizer.py
+++ b/src/pretix/control/views/organizer.py
@@ -205,7 +205,7 @@ class OrganizerDetail(OrganizerDetailViewMixin, OrganizerPermissionRequiredMixin
         ctx = super().get_context_data(**kwargs)
         ctx['filter_form'] = self.filter_form
         ctx['meta_fields'] = [
-            self.filter_form['meta_{}'.format(p.name)] for p in self.organizer.meta_properties.all()
+            self.filter_form['meta_{}'.format(p.name)] for p in self.organizer.meta_properties.filter(filter_allowed=True)
         ]
         return ctx
 
diff --git a/src/pretix/presale/views/organizer.py b/src/pretix/presale/views/organizer.py
index f76d78ecc..1d2c6ef81 100644
--- a/src/pretix/presale/views/organizer.py
+++ b/src/pretix/presale/views/organizer.py
@@ -92,7 +92,8 @@ def filter_qs_by_attr(qs, request):
 
     props = {
         p.name: p for p in request.organizer.meta_properties.filter(
-            name__in=attrs.keys()
+            name__in=attrs.keys(),
+            filter_allowed=True,
         )
     }
 
diff --git a/src/tests/presale/test_organizer_page.py b/src/tests/presale/test_organizer_page.py
index 9cfeaa1ac..164bb3a56 100644
--- a/src/tests/presale/test_organizer_page.py
+++ b/src/tests/presale/test_organizer_page.py
@@ -73,6 +73,11 @@ def test_attributes_on_page(env, client):
     r = client.get('/mrmcd/?attr[loc]=HH')
     assert 'MRMCD2015' in r.rendered_content
 
+    prop.filter_allowed = False
+    prop.save()
+    r = client.get('/mrmcd/?attr[loc]=MA')
+    assert 'MRMCD2015' in r.rendered_content
+
 
 @pytest.mark.django_db
 def test_non_public_event_not_on_page(env, client):