The new term “data processor” plays an important role in the implementation of the GDPR (General Data Protection Regulation). If a hotel collects, processes, stores and uses personal data, it usually needs the support of a commissioned data processor to do so. These are the service providers or software companies that are either used to securely store and use the data or those who have access through their activities.
Hotels as “responsible parties” for the personal data of their guests and employees must contractually ensure with their order processors that the latter only follow the instructions in handling the data and do everything to protect the data from unauthorised access, destruction, unauthorised disclosure, etc. This is done with each of these order processors. For this purpose, a commissioned data processing declaration must be concluded with each of these commissioned processors and properly documented.
Copyrights © 2022 RHC Real Hotel Controlling. All Rights reserved.