GDPR Questions? Is Odysys GDPR compliant? What actions do I need to take? What about this message from Google Analytics? Etc. Ben Lloyd
THIS INFORMATION IS NOT INTENDED NOR SHOULD IT BE TAKEN AS LEGAL ADVICE. Contact an attorney for advice on specific legal preparation on GDPR.
Also keep in mind - GDPR is an EU regulation.
Odysys does not share any personal information collected on behalf of any of our customers and it can be removed from Odysys upon request by one of your customers.
If you are not using the Odysys booking engine - contact your booking engine provider for more information regarding their policies & preparation. (ie ThinkReservations, Resnexus, etc)
If you are using the Odysys booking engine, read on and see below re: Stripe.
Odysys is in the process of evaluating any additional changes/updates we need to make in terms of GDPR compliance, if any. Rest assured, if any changes are required, Odysys will be GDPR compliant on May 25 2018 (deadline). We will inform you of any actions required on your part.
Generally speaking, the GDPR regulations simply require that as a business owner you do your best to protect the personal data of your guests and that if requested, you can delete that data (in your email system, in stripe, etc). Compliance by your vendors like Google Analytics, Stripe, Mailchimp, etc will happen "under the hood" and no real action is required by your part. If you are maintaining PCI compliance - you are doing your part.
Odysys does integrate your website and booking engine with 3rd party accounts that track personal data and YOU (the innkeeper) are responsible for understanding how that vendor/account complies with GDPR.
Google Analytics & GDPR
Action Required: NONE
None. Google will do it for you if you don't do it yourself.
In other words - if you do nothing, they'll 'save' the new setting for you on May 25. See the "Note" in this screenshot from Odysys' Google Analytics account.
You may see or receive this message when you log in to Google Analytics:
"We've recently launched new Data Retention controls that may affect your data starting May 25, 2018. To dismiss this message, please visit your property’s Data Retention settings under Admin > Property > Tracking Info and click 'Save'. "
Or you may have received this email from Google Analytics:
"Dear Google Analytics Customer,
We recently sent an email introducing new data retention controls that allow you to manage how long your user and event data are stored by Google Analytics. We would like to remind you that the new data retention settings will soon take effect - on May 25, 2018.
If you haven’t already done so, please review and confirm these settings (Property ➝ Tracking Info ➝ Data Retention) as Google Analytics will begin to delete data according to these settings starting May 25.
Impact of this setting as of May 25 is the following:
Any user and event data that is older than your retention setting will be marked for permanent deletion, and will no longer be accessible in Google Analytics.
Deletion will affect the use of segmentation, some custom reports and secondary dimensions when applied in date ranges older than your retention setting.
Reports based on aggregated data will not be affected.
The Google Analytics Team"
More information: https://support.google.com/analytics/answer/7667196
Stripe & GDPR
Action Required: NONE
More information: https://stripe.com/guides/general-data-protection-regulation
Other vendors like Mailchimp, etc.
Contact your support team at your vendor to determine any action required.Did this answer your question?