We take data protection and privacy very seriously. Sirvoy will handle your business information and guest data securely and confidentially, and according to the GDPR (General Data Protection Regulation). All third party services used by Sirvoy for data processing are also GDPR compliant.
(The following information is not intended as legal advice, but should be viewed as a basic introduction to data protection and GDPR.)
What is GDPR and how does it affect your business?
GDPR is about collecting and processing any personal data in a fair, legal, and transparent way. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.
These are the key principles:
- The person must have given consent to processing of personal data.
- Processing of the data must be limited to the specific purpose.
- Data must be accurate, relevant and limited to what is necessary in relation to the purposes.
- Data must be kept for no longer than is necessary, unless kept purely for historical research purposes or statistical purposes.
- Data must be processed in a secure and confidential manner.
- The person has the right to know what data is registered and to have the data deleted (“right to be forgotten”).
If you accommodate guests who reside in the European Union, you must comply with the GDPR. Any third party services used to process personal data must also be GDPR compliant.