GPDR europe what to do?


anyone that have information about what should we do regarding The new EU’s New Personal Data Regulation?

I am renting an appartment.

1 Like

How does it apply to you?

Good question @sylvainbg; I am hoping Airbnb will put their legal representatives onto it and send out some advice. I thought, for instance that there might be a clash in some countries’ laws on guests providing passport and other information, but I see that the regulation states that “The regulation does not purport to apply to the processing of personal data for national security activities or law enforcement of the EU” but there are then some caveats that suggest it might apply to this in some circumstances.

I still hope Airbnb might make a statement on it … we shall see …

It all depends upon what kind of information you store,
scroll to the bottom for GDPR


I agree, have a look at the legislation and see how it applies to say any marketing information you collect about guests and what you need to do in terms of contacting them to ensure you are compliant.

It is not that complex.

You have to make an inventory of all the data you receive, store and share.
You have to ask yourself why you store it, where you store is, how long, how it is secured, and with whom do you share it.

It is more about self awareness, then rules.
You should ask yourself do I really need to keep this data and for how long.

A good example are security camera’s. There are a lot of fans of nest and door cams and other cameras on this forum. This means storing data, how long are you going to keep this footage, and why? If you are keeping it fore more than 72 hours you must have a very good reason.
A good reason is that you will keep it until the guest has left, or until you have checked the property. But then you have to ensure that the property is checked withing x number of hours and that the data is removed.

Btw under the new law, making pictures of id’s of creditcards is an absolute no no, because this is a huge security risk and there is no way to justify doing it.

Other data needs like financial data needs to be stored several years and shared with several authorities. You just have to write down how it is shared and how it is secured:
-You do not file guest personal data needed for police tourist registration in an open bookcase, but in a locked closed.
-Your PC is secured with a password, and data on the HD is encypted.

  • etc etc

Yes, it does apply.
Yes, you have to record the data, as stated by local law.

But it is your responsibility to make sure it is only shared with the right authorities, and does not fall into the wrong hands.

OP never mentioned that he or she stores any data.

I guess I will be fine if the only data are stored at third party (My channel manager for booking reservation, stripe for clients card details) ?

1 Like

Yes, but you would still have to document it.

Does not matter where it is stored, you still have to evaluate the data that is stored and who has access to your account. Same goes for stripe data, how do you get the data from your guest?

Of course you will have very little work, and half a page in word would suffice. But you still have to be able to show it when someone asks you about it.

The data for the guests coming from information that are left on bookings and my channel manager website booking platform.

Thanks I will start to look that