GDPR: What You Need to Know About the EU's New Data Privacy Rules
May 31, 2018 1:07pm
By Jim Butler and the Global Hospitality Group®
Hotel Lawyers | Authors of www.HotelLawBlog.com
31 May 2018
The European Union’s General Data Privacy Regulation, rules protecting the privacy of personal information, has gone into effect and impacts every company that does business in the EU. This will impact hotel owners, developers, brands, operators and managers–any company with a hotel property in the EU or that collects information from EU citizens must adhere to the new regulations.
What does that mean for your business, and where should you start the process of compliance? Senior member of JMBM’s Global Hospitality Group® and Co-Chair of the Firm’s Cybersecurity & Privacy Group Bob Braun summarizes the issues, below.
Why should I Care About GDPR?
by Bob Braun
The importance of May 25, 2018. If you are reading this, you have probably been inundated with emails from companies announcing that they have adopted new and better privacy and security policies and procedures. This isn’t a coincidence – as of May 25, 2018, the EU’s General Data Privacy Regulation (GDPR), requires every organization that does business in the EU, or that collects information from EU citizens, to guarantee the privacy and accuracy of personal information. While the purpose of the GDPR is to strengthen and unify data protection for all individuals within the EU, its effect is worldwide; every organization that does business in the European Union or collects personal information from individuals in the European Union is subject to this regulation.
The GDPR is a watershed event that will impact every business that collects personal information, wherever located, and no industry will be more impacted that the hospitality industry. Other companies can choose not to do business with EU citizens; some companies have determined that it is impossible to comply and have actually closed. That is not an option for hotels. Hotel companies need to understand the goals and requirements of the GDPR. The nature of hotels and the various data holding sources such as OTA bookings and PMS systems escalate the regulation for travel and hospitality industries.
Severe consequences for non-compliance. The consequences for non-compliance can be extreme: The maximum fine that can be imposed for serious infringements of GDPR is the greater of €20 million or four percent of an undertaking’s worldwide turnover for the preceding financial year. While no one knows yet how aggressive European regulators will enforce GDPR, and in particular how they will apply it to firms based outside the EU, there are already public interest groups that are targeting multinational companies, and it seems likely that there will be some fallout.
While the entire process of compliance is extensive and a continuing effort, firms should take on 5 concrete steps to get on the road to compliance:
For more information, contact Bob Braun (email@example.com) or Jim Butler (firstname.lastname@example.org).
Bob Braun is a Senior Member of JMBM’s Global Hospitality Group® and is Co-Chair of the Firm’s Cybersecurity & Privacy Group. Bob has more than 20 years experience in representing hotel owners and developers in their contracts, relationships and disputes with hotel managers, licensors, franchisors and brands, and has negotiated hundreds of hotel management and franchise agreements. His practice includes experience with virtually every significant hotel brand and manager.
Bob also advises clients on condo hotel securities issues and many transactional matters, including entity formation, financing, and joint ventures, and works with companies on their data technology, privacy and security matters. These include software licensing, cloud computing, e-commerce, data processing and outsourcing agreements for the hospitality industry.
In addition, Bob is a frequent lecturer as an expert in technology, privacy and data security issues, and is one of only two attorneys in the 2015 listing of SuperLawyers to be recognized for expertise in Information Technology. Bob is on the Advisory Board of the Information Systems Security Association, Los Angeles chapter, and a member of the International Association of Privacy Professionals. Contact Bob Braun at 310.785.5331 or email@example.com.
This is Jim Butler, author of www.HotelLawBlog.com and hotel lawyer, signing off. Please contact us if you would like to discuss any issues or development that affect your hotel interests. We would like to see if our experience might help you create value or avoid unnecessary pitfalls. Who’s your hotel lawyer?
Tags: jim butler,
global hospitality group,
Jim Butler is a founding partner of JMBM and JMBM’s Global Hospitality Group® which provides business and legal advice to hotel owners, developers and investors. This advice covers hotel purchase, sale, development, financing, franchise, management, labor & employment, litigation, ADA, IP, EB-5 matters any many other areas.
Jim is recognized as one of the top hotel lawyers in the world and has led the Global Hospitality Group® in more than $71 billion of hotel transactions and more than 3,800 hotel properties located around the globe.
Jim’s group has advised on more than 100 EB-5 projects, closed more than $1.5 billion of EB-5 financing, and sourced more than half of that for our clients.
Contact: Jim Butler
Avoiding Hotel Data Breaches With a Risk Assessment Audit™ – Lessons From the Marriott International “Glitch”
JMBM Announces Sale of Marriott Warner Center Woodland Hills
U.S. News & World Report – Best Law Firms® Recognizes JMBM as 2019 “Best Law Firm”
GDPR Compliance Deadline Has Come and Gone; What Does It Mean for Hotels?
Is GDPR Legislation Coming to U.S. Hotels?
New "Accessibility" Regulations for Electric Vehicle Charging Stations
Luxury Resorts Appreciate Guest Privacy Enhancements Included in Version Update for Springer-Miller’s SMS|Host PMS
What Do Top Hotel Executives See on the Horizon for 2018?
SpaSoft Integrates New Security Enhancements to Latest Release
Beekeeper Achieves ISO Certification to Protect Hotels' Data
Clairvoyix Client Databases GDPR Ready Before Deadline
GDPR: Why Hoteliers Should Take the new EU Regulations Very Seriously
How to Deliver Personalized Guest Experiences in the Age of GDPR and Data Privacy Concerns
Hotel Lawyer Jeffrey T. Myers Joins JMBM’s Global Hospitality Group®
Proposition 65 Defense Lawyer: Is Your Hotel Ready for the New Prop 65 Regulation Deadline? / Jim Butler
The 2018 LIIC Top Ten: The Annual Survey of Lodging Investments Trends and Challenges
Now Available for Download: HEBS Digital’s GDPR Whitepaper
Texting Guests Is About to Be a HUGE Legal Liability That Can Cost a Hotel 4% of Its Annual Revenue
Top Concerns Hotels Need to Know About the GDPR and How to Prepare Your Action Plan
Who Will You See at Meet the Money?
Please login or register to post a comment.