Probably, you’ve been hearing and seeing that particular collection of letters a lot lately, but you’re not entirely certain what it’s all about, let alone what the impact on your business will be.
GDPR stands for General Data Protections Regulation, and it is a series of rules and standards issued by the European Parliament to protect the personal data of citizens within the European Union.
That seemingly simple statement, however, has far-reaching impact, because under the EU regulations, the responsibility to protect personal data extends to companies and organizations located outside of the EU that may be in possession of the personal data of EU citizens.
If you and your company are located within the EU, you are naturally subject to GDPR, but let’s say that you’re not… As a travel professional, you are naturally in touch with people from around the world, and you have almost certainly exchanged e-mails with EU citizens. Even if it’s just a simple response to a request from an EU citizen that came in via your website, you are technically in possession of personal data and therefore subject to the provisions of GDPR.
The good news is that, if you’re taking reasonable precautions in how you manage your data, have decent computer security, work with reputable providers like ISPs, software providers, SaaS platforms and the like, you are probably in pretty good shape. GDPR compliance doesn’t have to be complicated, and it doesn’t even have to be particularly technical, especially if you aren’t involved in e-commerce or doing extensive e-mail marketing or the like.
SuperOffice Step-by-Step Guide: https://www.superoffice.com/blog/gdpr/
Travel Weekly GDPR Focus: https://www.travelweekly.com/Mark-Pestronk/Sorting-out-intricacies-EU-new-data-protection-rules
SC Magazine (more technical): https://www.scmagazineuk.com/gdpr-dummies-final-dos-donts-gdpr/article/1472762