The EU’s General Data Protection Regulation (GDPR) comes into effect on May 25, 2018, when it replaces the EU Data Protection Directive 1995 in each EU country. GDPR regulates the collection, storage, processing and sharing of personal data. Personal data is defined very broadly under the GDPR as any data that relates to an identified or identifiable natural person that is a resident of the EU, including residents of the UK before and after Brexit.
Compliance is mandatory and Guestline, a PCI certified Level One Service Provider, is committed to upholding a culture of data privacy and security. As a Data Processor, we shall ensure our services and products have the functionality to enable our clients to achieve GDPR compliance. However, all organisations are responsible for ensuring their own GDPR compliance and are advised to consult their legal and compliance teams or to seek guidance and advice from third parties that specialise in compliance.
For more information, follow the attached link to the Information Commissioner’s Office Website https://ico.org.uk/
We have been conducting in-depth reviews of our existing data security policies for handling and processing data; and confirm that our current procedures as a Data Processor already meet the best practices of GDPR, based on the regulatory guidance presently available. We will continue to review and audit our policies in accordance with ICO guidelines; and have appointed a Data Protection Officer to oversee Guestline’s compliance.
Guestline & Rezlynx PMS
A guide has been produced to help you assess areas of the system or features which you may like to review in connection with to your GDPR goals. Download your copy here.
GDPR Are you ready?
Make sure you are well and truly GDPR ready - download our GDPR whitepaper here