GDPR is the hottest topic these days. Everyone is affected by it in one or another way. We all must have got emails from different companies regarding the change in the policies due to the new GDPR regulation.
Every sector of business is in the effect of GDPR, but today I will like to talk about GDPR and its impact on the tourism industry.
GDPR stands for General Data Protection Regulation. It is a European Union’s new data protection law which replaces the Data Protection Directive, which has been in effect since 1995.
It is a legal framework which sets rules for using and handling the personal data of consumers. The main aim of GDPR is to maintain the consumer’s privacy which is everyone’s right.
GDPR became a law in the April of 2016. But a transition period of two years was given to organizations so that they can adapt to the new regulations. Hence, GDPR became a must on May 25, 2018.
Some of the main requirements in GDPR are:
- The organizations have to inform the users that how their personal data will be used
- Only that much data be collected which is required
- Organizations will have to ensure that the information they are collecting is accurate
- The can only be used for the purpose for which it was collected
- The data cannot be retained if its purpose is fulfilled
Any organization which is based in EU and is processing the personal data will have to comply with GDPR. And if the personal data of the user who resides in EU is processed by the organization which is established outside the EU which offer goods and services to or monitor the behavior of individuals within the EU then also GDPR compliance is necessary.
Hotel Industry is one of the most venerable industry when it comes to data security. Hotel Industry processes a large volume of personal data and credit card information on the daily basis and that is why the risk of data breaching is also very high.
In 2016 this industry had the second largest share in the total number of cases of the security breach.
This is why Hotels have to upgrade their data protection otherwise the penalties for non-compliance with GDPR are quite high. It will cost €20 million or 4 percent of worldwide annual turnover (whichever is greater). And the reputation will also be hampered.
- New rules for taking the permission from the user
- The user has to give free, informed and clear permission
- The form taking the permission should be written in an easy and clear language
- If a user keeps silence on the permission ie. he neither grant the permission nor denies or keep browsing the website then it cannot be inferred the permission is given.
- The permission form should be separated from the other contents like terms and condition
- A user should have the opportunity to reject the cookies, used to gather information
- The user can update the preferences at any time.
- The regulations say that the user should be well aware of why he is providing his personal data.
Hotels gather a lot of personal data during the booking of the rooms.
So hotels should rum an informational audit for their guests.
- Taking booking from OTAs results in the transfer of data from of the user from the OTA to Hotels, Car Rentals etc. So these services should also make sure that their partners handle the data securely.
GDPR will certainly change the way of how a hotel handles the data of the customer. But this can be an opportunity for the hotels to make a change for the betterment of the industry as well as the customers.
After some recent incidents, the trust between users and companies have broken in a way. It also needs some work. GDPR will be effective for this purpose.
We can say that GDPR has the potential to make the relationships between travel businesses and customers better.
For any kind of technical assistance, just raise a ticket at http://webkul.uvdesk.com/
and for any doubt contact us at [email protected]