GDPR: Online Booking System Security

On 25th May 2018, the most significant piece of European data protection legislation to be introduced in 20 years came into force. The EU General Data Protection Regulation (GDPR) replaced the Data Protection Directive 95/46/EC which was enacted in the UK through the Data Protection Act 1998 (DPA 1998).

The aim of the GDPR is to strengthen data protection for EU citizens and residents and to give them greater control of their personal data.
Maximum fines where a data breach occurs will rise from £500k to £17 million or 4% of global annual turnover for the preceding financial year.

What rights do your customers have?

The GDPR strengthens the rights of your customers in a number of ways, including:

The right to object. A customer can object if their details are being used for direct marketing.
The right of access. A customer can request a report on their data held including where the data you took came from and to whom it might be disclosed. You must also reply to a request for data within one month.
The right to be forgotten. The customer can ask for their data to be erased from your systems.
The right not to be subjected to purely automated processes. For example, if a customer is refused insurance by an automated system they can call and ask for a manual review.

How can BookingLive help?

BookingLive made many changes to the latest version of booking software ahead of the GDPR deadline, including:

An opt-in request during booking journey to consent to process sensitive data and/or be sent marketing communications
Parental consent for users < 16 years old
Right to be forgotten – the ability for a customer to request all data held is removed via customer My Account
Data portability – the ability for a customer to receive all data held via customer My Account

BookingLive have updated their privacy and data protection policies, which you can view here.
If you have any further questions, please contact us and request to speak with our Data Compliance Officer. To view our knowledge base article on the data flow of information within the BookingLive Enterprise product, click here.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.