Just a few more days until the big European Union’s General Data Protection Regulation (GDPR) gets into effect. It has shaken many organizations and Indian Data Processing companies are catching up to comply with this new law.
So, what is GDPR? We at KePSLA have made it easy for you to understand this tough regulation to ensure it protects you and your Guest.
Effective 25th May 2018, the GDPR enforces data protection and privacy for all individuals within the European Union and regulates how companies manage, use, and share personal data. It gives power back to the consumers by forcing companies to become transparent in how they are collecting, storing, and sharing their customers’ personal data information. Noncompliance to it might cause hefty fines going up to 20 million euros or 4% of annual turnover (whichever is greater).
Who needs to comply?
GDPR applies to all organizations who provide goods or services to the EU or possess personal data of an EU citizen. If your hotel has personal data on any EU resident or citizen, regardless of your hotel’s location, the GDPR applies. Which means hotels in India must comply to GDPR if they have European guests staying at their hotel. Compliance to this act is very important as it has severe penalties.
How does it impact Hotels?
We urge Hotel’s to become careful in handling Personal Data of both the guests who stay in their hotel as well as their employees i.e. Personal Data which is any information that can be used to identify directly or indirectly a data subject.
According to GDPR, Personally Identifiable Information (PII) also includes:
- Phone number
- IP address
- Transaction history
- Travelling habits etc.
The Hotel who is the data controller is deemed responsible for choosing the method in which this personal data will be processed.
Hotels and many other data processing firms are competing against the clock to get their compliance.