Conference & Events +44 (0) 844 375 3288
GDPR COMPLIANT: TMCs AS AN ASSET
Calder is GDPR compliant, in line with the May 25 landmark, and we're interested to read all the news reports predicting this will be a key benefit in partnering with a Travel Management Company. Sector leaders anticipate organisations will work even closer with TMCs, consulting them on how best to meet due diligence for their teams of travellers.
GDPR - the European Union's General Data Protection Regulation - gives consumers the right to know, understand and consent to the data collected on them. Furthermore, it affects how businesses collect, use, manage and store their customers' and employees' personal data. The thrust of the exercise has been to develop more robust processes.
ABTA - the Travel Association has spent the last two years preparing its members for their new obligations.
We were very interested to read the results of ABTA research which reflected that over a quarter (28%) of managers intended to employ the services of a Travel Management Company to protect their personal data following May 25. These respondents said they were keen to employ the services of a TMC to ensure travel is booked only with agreed suppliers within the travel policy, thus better protecting staff's data.
It is worth noting that almost a third (32%) stated that they did not know what steps they will be taking to protect their travelling staff's data. ABTA sees this as a demonstration of how TMCs will become an even stronger asset as partners. After all, a TMC can provide the reassurance organisations are seeking that data will be protected when they are controlling the very processes in question.
When asked what criteria they used when selecting a TMC, 90% of managers stated that it was very important or important that they were confident a TMC had the correct processes and systems in place to manage data.
ABTA has been clear in its guidance that the consequences of non-compliance with the new GDPR could mean fines of up to €20,000,000 or 4% of annual turnover. Breaches of the GDPR could damage perceptions of an organisation through loss of goodwill and even lead to criminal proceedings.
This issue has been high on the travel sector agenda due to the convoluted data transactions involved in delivering the service to a personal level. There are multiple uses for data which might include traveller preferences; names and passport numbers; details needed for tickets and reservations; information for the billing process. Travel is a complex service chain with many audiences for data, from hotels to airlines. TMCs must protect the privacy of customers all along the chain, including users of the corporate website, booking and profile tools.
Calder already had processes and systems in place engineered towards compliance and safety before May 25, but our response has been extra vigilent.
Nicola Hayton-Sollitt is managing our privacy operations as Compliance and Quality Lead. She explains:
"Calder is fully compliant with GDPR regulations following an assessment undertaken in December 2017 through IASME, the information assessors working to government guidance.
"In fact, Calder have been ISO27001:2013 accredited for a number of years which meant we already had the processes in place to be compliant with GDPR. As all customer details are kept confidential, we were not required to make any changes to our current booking processes."
Nicola's role within the company, however, has been substantially developed and now focuses on maintaining and updating ISO accreditations, together with staff training on both an individual and group basis, including new-starter inductions and training. She will support the management team with the implementation of any new processes and ensure current processes are adhered to throughout the business, whilst offering ongoing support and advice to team members.
To borrow ABTA's words: "TMCs have an incredibly important role to play with businesses looking to them to help protect their data." Calder is GDPR-ready, prepared for the challenge and new opportunities of even closer partnerships.
If any further information is required, please contact Nicola, our Compliance and Quality Lead. She'd be happy to assist.
Email: email@example.com Tel: 0844 375 3288 / 0113 397 9432
(Image credit: The reception desk welcome awaiting with partner QHotels at The Stratford)