GDPR: Online Booking System Security
March 14, 2018
On 25th May 2018, the most significant piece of European data protection legislation to be introduced in 20 years came into force. The EU General Data Protection Regulation (GDPR) replaced the Data Protection Directive 95/46/EC which was enacted in the UK through the Data Protection Act 1998 (DPA 1998).
The aim of the GDPR is to strengthen data protection for EU citizens and residents and to give them greater control of their personal data.
Maximum fines where a data breach occurs will rise from £500k to £17 million or 4% of global annual turnover for the preceding financial year.
What rights do your customers have?
The GDPR strengthens the rights of your customers in a number of ways, including:
- The right to object. A customer can object if their details are being used for direct marketing.
- The right of access. A customer can request a report on their data held including where the data you took came from and to whom it might be disclosed. You must also reply to a request for data within one month.
- The right to be forgotten. The customer can ask for their data to be erased from your systems.
- The right not to be subjected to purely automated processes. For example, if a customer is refused insurance by an automated system they can call and ask for a manual review.
How can BookingLive help?
BookingLive made many changes to the latest version of booking software ahead of the GDPR deadline, including:
- An opt-in request during booking journey to consent to process sensitive data and/or be sent marketing communications
- Parental consent for users < 16 years old
- Right to be forgotten – the ability for a customer to request all data held is removed via customer My Account
- Data portability – the ability for a customer to receive all data held via customer My Account
BookingLive have updated their privacy and data protection policies, which you can view here.
If you have any further questions, please contact us and request to speak with our Data Compliance Officer. To view our knowledge base article on the data flow of information within the BookingLive Enterprise product, click here.