The General Data Protection Regulation (GDPR) comes into force on 25 May 2018 and will affect how you collect, manage and store your customers’ and employees’ personal data. It requires all organisations to be able to account for the data they have, including why they have it; how they protect it and how long they hold it for. The GDPR is intended to be an evolution in the way that data is protected rather than a revolution and many Members will already have processes and systems in place that go a long way towards compliance with the new rules. However, some things will change. The GDPR will require you to have clearer and more robust processes in place when handling personal data relating to your customers, your staff or other people who come into contact with your business. To help Members prepare for the changes we have developed a guidance note and a spreadsheet tool for you to use to audit your current processes and identify any areas where you may need to make changes. For full details visit the Member Zone.

You can also find out more at our Data Protection and Cyber Security in Travel event in Manchester on 21 September.

Mark Tanzer, Chief Executive