The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect, it will replace the 1995 Data Protection Directive. It was adopted on 27 April 2016 and becomes enforceable on 25 May 2018, after a two-year transition period. You can find more information about the regulation here: https://www.eugdpr.org/.
Yes, in two ways. Firstly, SnapShot does business inside of EU, working with European hotels, their employees' data and also with contact information of the hotel guests. SnapShot is also registered inside of the EU, with two main offices in Germany and Poland, so GDPR affects us also when it comes to our own employees.
SnapShot takes GDPR very seriously, and we are going to be compliant with GDPR before May 25 as the law requires. The good news is that we are already close to achieving this goal. How is that possible?
From day one, SnapShot took data security and privacy as a top priority, ensuring that the data of our hotel clients is protected. We already adopted most of the GDPR requirements even before this regulation was approved by EU government. Also, we spent significant portion of last year to analyze all the requirements, working with various external agencies and external authorities (for example, we are members of GDPR HTNG group) to ensure that we are ready for 25th May when GDPR becomes effective.
First of all, SnapShot is the data processor, not the controller. That means, that the hotels and the users are in full control of the data at all times. Second of all, we will soon publish updated terms and conditions to give you more details about why we need the data, what we are doing with them and how we are using them. Third of all, we are preparing a product update in which we will ask all customers to reconfirm their consent with processing of the data for SnapShot marketing purposes.
Send an email to gdpr@snapshot.travel, and we will be happy to discuss more details with you.