GDPR - G-Day Tomorrow - Don't panic!
We have had calls from a number of members concerned and confused about the upcoming changes relating GDPR.
Firstly - Don't panic. The latest advice on the Information Commissioners Officer website (ICO) can be found on https://ico.org.uk/for-organisations/marketing/ and MWT has asked Business Wales to see if they are able to arrange a GDPR session tailored specifically to the tourism industry.
For now, we suggest that:
Electronic mail marketingThe most important thing to remember is that you can only carry out unsolicited electronic marketing if the person you're targeting has given you their permission.
However, there is an exception to this rule. Known as the 'soft opt-in' it applies if the following conditions are met;
Your Legal Requirements
Note - The customer’s rights under the GDPR do not over-ride the requirements of other legislation
It is important to note that the customer’s rights under the GDPR don’t over-ride the data requirements of other legislation. For example, the Immigration (Hotel Records) Order 1972 requires you to record the full name and nationality of all guests and to keep this information for 12 months. As such, a guest cannot ask you to delete this information from your records until 12 months have elapsed. Similarly, a customer cannot ask you to delete any financial information you are required to keep for tax purposes.
If you're unsure on GDPR and what it means then the Visit Britain Pink Books has a nice summery from the Tourism Alliance- See here for more info