As Members will be well aware, the General Data Protection Regulation (GDPR) comes into force in just one month (25 May) and will require you to have clearer and more robust processes in place when handling personal data relating to your customers, your staff or other people who come into contact with your business.
Many companies will already have processes and systems in place that go a long way towards compliance with the new rules. However, as we’ve previously noted, some things will change – particularly when it comes to businesses being transparent and accountable – and it’s important that you are prepared for this.
GDPR has featured heavily in the latest round of ABTA’s spring Regional Business Meetings, as well as in previous meetings with Members, with ABTA’s legal experts presenting guidance on how to prepare. Many of you have raised questions about collecting and handling customer data – and we have used these insights and queries to help shape our new guidance note: Data Protection - Handling customer data.
This FAQ, developed by the ABTA legal team, covers nine key areas including: Legal basis for Processing, Privacy Notices, Direct Marketing and International Transfers. This document is intended to provide a general guide to the GDPR for travel agents and tour operators. The Information Commissioner’s Office can be approached for more detailed guidance on your specific requirements. To download the new FAQs please visit abta.com/gdpr.
The new FAQ builds on the work ABTA has been doing for some time to help Members in their preparations for the GDPR, including developing and issuing a series of guidance notes, which are all available on the Member Zone.
The 25th May marks the further evolution of best practice and legal requirements relating to the handling of personal data, and you should be taking steps now to bring your processes in line with the GDPR.
Mark Tanzer, Chief Executive