General Data Protection Regulation

May 20, 2018GDPR

25 May 2018 – the day when EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC. The preparation of GDPR took four years and on 14 April 2016 it was finally approved by the EU Parliament.

The main objectives of regulation are to protect personal data of individuals, to harmonize laws of gathering and processing of personal data in Europe, to make adjustments to organizations` free access to personal data. The list of personal data includes any information with which you can identify a person: email address, phone number, photo, name, bank and medical information, posts from social networks, IP address of a computer. 

The Regulation provides for a number of penalties for breaches of personal data confidentiality, including fines. This is one of the main differences between the Regulation and Directive adopted in 1995 and used since then and before the entry into force of the GDPR. 

As currently constituted, the regulation has strengthened its position. The conditions became clearer, absolutely understandable and recognizable. Also the form of submission has changed, accessibility, simplicity and comprehensible language of presentation, intelligible form of narration have been added. 

Among the major changes that have been made is also Breach Notification, which will become an important component of the regulations in all Member States. It refers to the mandatory breach notification of personal data protection, as well as to potential risk to human rights and freedoms. 

Right to be Forgotten or Data Erasure allows the data controllers to delete their personal data, and may also stop their further use, distribution and processing by third parties (Art. 17). 

Right to Access gives a subject an opportunity to find out by whom, where, and also for what purpose his/her personal data is processed. An additional factor of Right to Access is the obligatory provision of copies of the requested data by controller in electronic form. 

Also, the right to receive data previously submitted in a widely used format is provided by Data Portability. You can also transfer your personal information to another controller. 

YieldPlanet is a premium software provider focused on hotel revenue and channel management. We deliver powerful yet easy-to-use solutions to meet and surpass the challenges of distribution and revenue management. Our company respects rights and privacy of each of our clients, and we are aware of assumed responsibility for owning and processing an amount of personal information from our customers around the world. Therefore yieldPlanet takes all necessary measures prescribed by the terms of the GDPR. According to the new updates, yieldPlanet products meet all the requirements of the new regulations, which will come into force this spring – 25 May 2018.