What are the General Data Protection Regulations (GDPR)?
This European directive aims to protect people’s privacy. How do they do this? By regulating the use of data and personal files. In this way, all member states of the European Union will have the same rights and obligations. In Spain’s case, the regulatory organisation is the Spanish Data Protection Agency (Agencia Española de Protección de Datos – AGDP) which has created a list of measures to follow. So, if you want to stay up to date in terms of data protection for your online travel agency, carry on reading.
Data protection laws for online travel agencies
This European law will affect almost all aspects of your online travel agency: sales, marketing, database management. Or in other words, any process that your online travel agency undertakes in the processing and storage of personal data will be subject to the rules. You should also bear mind that you need the specific consent of the owners of said data. In summary, the European legislation seeks to offer better privacy protection for European citizens.
Key points of the new data protection laws to bear in mind
Consent to undertake marketing activities
If you are thinking about undertaking marketing activities like email marketing, re-targeting or sending newsletters with special promotions, you must request consent from the owners of the personal data that you are going to use.
Another point to ensure you meet the data protection laws for online travel agencies is that of advising your clients that third parties could have access to their data.
Right to be forgotten
Your clients will always be able to edit and change their details. They can also request that this information is permanently deleted from your business’ database.
The Data Protection Officer
This is the person responsible for informing the Spanish Data Protection Agency (Agencia Española de Protección de Datos) of any incident that may occur. In the case of your online travel agency, you will have 72 hours to communicate these notifications.
Fines for non-compliance
If you don’t abide by the laws which come into force in May, you are exposing yourself to a fine of up to 20 million euros. So, even if at first it seems complicated, abiding by the data protection laws for your online travel agency is going to become a fundamental factor for your business. What are you waiting for to protect your data?