Travel companies should “not panic” about the General Data Protection Regulation (GDPR) that comes into force in May.
Lawyer Luke Golding of Travlaw said: “The GDPR does not mean you have to delete all personal details you hold. It means you do have to do a bit more and be a bit better at it.”
He suggested three key points for complying with the GDPR: “First, carry out an audit of the personal data you hold. Do you need it all? What do you do with it? How long do you hold it? Second, be ready to inform customers about what you do with data. Third, start looking at how you protect that data. If something is going to go wrong, it will be through the loss of data.”
Abta head of legal services Simon Bunce agreed: “Don’t panic.” But he said: “Do worry. Do the audit. Check your security. See it as an entire organisation thing.”