What will change for you?
As of May 25, 2018 the General Data Protection Regulation (GDPR) is in force. From that date the same privacy laws apply for the entire EU. Up to that time the member states had their own national legislation, based on the European guidelines about privacy in 1995.
The GDPR is all about privacy. It is important that your privacy is guaranteed and that you know what happens to your data. The goal of the GDPR is that (extra) protection is offered when dealing with your personal information. Of course, you do not want that your information is used for things that they were not intended for.
To whom does the GDPR apply?
When processing personal information, in short, it is about all actions that can be done with personal data. If you collect, save, edit, request, use, give or destroy personal data, then you are processing personal information. When no personal data is being processed, then the GDPR does not apply. When you use reservation software and/or it is possible to make a reservation online, then the GDPR absolutely applies.
What can the visitor ask from you?
The person involved of whom you process information in for instance your reservation software has the right to see, correct or remove his/her personal data. The person involved also has the right to retract any permissions for the data processing or to object against the processing of the personal data. That means that the person involved can submit a request to send him/her the personal data that you have of him/her in your reservation software.
Okay, so what are you supposed to do with it?
Good question! Privacy is not only important for you, but also for the visitors of your site and the guests who book those accommodations. Applying the GDPR within your organization in the correct way is very important. Some things you need to keep in mind:
- An SSL certificate is required when you process user information on your site (for instance with a contact form). You can recognize and SSL certificate by the lock in the address bar (URL) of your site. If you don't have an SSL, hackers could theoretically capture the traffic on your site when they share the same wifi network with the person who fills out the form on your site.
- Is there an option on your forms to sign up standard for a newsletter on "sign up" or "yes"? This is no longer allowed.
- In your contact forms you may only ask for information that you actually need for your company or business. If you do not need a date of birth, you are not allowed to ask for it. If there are required answers in a contact form that you do not actually need, then you may not require an answer. Always ask yourself which information you truly need.
- Inform your visitors about what happens on your website, post a cookie policy and/or privacy declaration. Via this website you can generate a privacy declaration. If you would like to have more information about the GDPR or you wish to expand or adjust your general conditions/privacy declaration, then we advise you to ask for legal council.
What can we help you with?
- Analysis and advise about your current site and implement the possible necessary changes for the GDPR. /li>
- Installing and managing an SSL certificate.
- Creating a suitable cookie policy.
- Placing a privacy declaration on your site.
Processing agreement and GDPR for reservation software
If you use our online reservation software, then we are obliged conform the new GDPR regulations to enter into a processing agreement as the processor of personal information. We only process the entered personal information to ensure that you can receive and manage your reservations and that you can carry out the other administrative actions. The information that has been entered by you or your guest are and always remain your property. We attach great value to the privacy of the users of our reservation software and your guests. We respect and protect the privacy of the users on our websites and our applications. If you use our software, you have received the processing agreement via email.
Would you like to know more about the GDPR?
Would you like to know more? Take a look at the website of the authority personal information (article in Dutch), hire legal advice that knows all about the GDPR or contact Milko van Sighem at (email hidden; JavaScript is required).