Best Practices for Tours and Activities: Data Collection and Privacy

Best Practices for Tours and Activities: Data Collection and Privacy

In our GDPR series, we explore the impact that these new regulations will have on tour and activity operators.

Best Practices for Tours and Activities GDPR 2018 Series:

Part 1: GDPR and the Travel Industry

Part 2: Data Collection and Privacy

Part 3: Marketing Consent

Part 4: Marketing Lists

Part 5: Policies and Processes

Part 6: Data Retention

Part 7: Workforce Data

Part 8: Privacy by Website Design

On May 25, 2018, the GDPR laws went into effect, and all companies that are based in the European Union or who do business with European Union residents must comply with these laws.

The new regulations will have a significant impact on data collection processes and privacy policies for tour and activity operators.

What is Data Collection and Privacy?

Tour and activity operators have an obligation to provide their customers with information about their data collection programs and to offer insight into the privacy policy that they have in place. The GDPR now requires businesses to provide notice about all privacy policies and data collection programs — even if a booking is made through a distribution agent, such as a retail travel agent or OTA.

Read more: Distribution Tip: The Best Channels Tour Operators Should Harness

Best Practices for Data Collection and Privacy

To remain in compliance with the GDPR laws, tour and activity operators should consider these best practices for data collection and privacy:

  • You need to create a consent form for customers to complete regarding your data collection program. All customers must provide clear consent in order for their data to be collected. The consent needs to be explicit — consent cannot be automatically assumed by the tour and activity operator. The consent form must be a separate document from other terms and conditions. In addition, you need to continually ask for consent to collect and utilize data if you are going to use it in a different way.
  • You need to create a clear privacy policy, and provide information about the policy to your customers prior to booking. Your customers should not have to ask for information about your privacy policy. The privacy policy needs to be distributed to all agents within your distribution network as well, as they need to relay that information to your customers at the time of booking.
  • Your customers need to be able to easily change their preferences regarding your data collection program. They have the right to opt out at any time, and it is necessary for you to allow them to do so.

Data collection plays an important role in any tour and activity company. Now, as the GDPR laws go into effect, you should be evaluating the types of data that you collect and how you use that data. It may be in your best interest to start collecting only the most valuable and useful data, as you will be required to continue to monitor all data that is being retained and stored by your tour and activity company.

To continue learning more about the GDPR and how it applies to your tour and activity company, follow the Rezdy blog. We are publishing a series on these new regulations and offering insight into the best practices for tour and activity operators to remain in compliance.

Subscribe to Rezdy Blog