Just got this from Air asking me to delete a guest’s data. Seems strange and like it could be spam. Here’s a part of the request:

"As part of our compliance with the GDPR, we’re writing to notify you that we’ve received a data deletion request from one or more guests whose personal data may be in your system due to past reservations and stays. The affected user IDs include:

31300856
Each user above has indicated to Airbnb that they want their personal data erased from our system. Unless you have a lawful basis to retain the data under applicable data protection laws, you should delete the affected data from your systems"

Screenshot_20180720-064027_BlueMail.jpg1440×2960 514 KB

That makes no sense. Hosts have no way of deleting any data regarding their guests that is present on the Airbnb system, as far as I know. I’d check with Airbnb about this.

I think its legitimate, if you keep the guests details outside of the platform i.e. name/address/phone number, you should delete it and reply that you have.

No, the message says “our system”, meaning Airbnb’s system.

It’s most likely some bizarre kind of spam, but the first thing to do is to check with Airbnb. And it’s entirely reasonable to keep guest details. Everyone does it, often it’s required by law (e.g. in India), and I’ve never heard of any guest objecting to it. Deleting guest data is literally the last thing you should do. And then only if there is a compelling case for it.

On rereading the message, it’s possible that a specific guests wants all his/her data gone, even from the hosts records. But if so, that is an extremely strange way of going about it. @J_Wang, does that string of digits correspond to any actual guest of yours?

No under the new (since 24 May 2018) European privacy laws you are required the delete all non relevant guests data upon request. You are only allowed to keep data that is required by law, about the data that will not be deleted.

I am required to keep, the names, birth dates, address id number and signature of each guest. All other data must be deleted.

When I receive a request like this, it means that I have to delete all other data, including phone number, email address and message history. If you do not comply, and someone discovers this you can get fines up to €25.000.

So this may not be the case in India, but all hosts in Europe have to comply.

I see. Does the GDPR apply worldwide, then? I believe @J_Wang is in the United States. In any case, I think it is still worth checking with Airbnb. If you get such a request, I’d certainly check with them, and probably with the guest in question. I have a little register where I write down things about each guest. I’m not sure how I would delete stuff from there. White-out?

Well, this is a grey area, where even experts do not know how to handle it.

It only applies to Europe. But when a European customer books with AirBnB, they expect AirBnB to stick to European law.

The problem is that they think they book with AirBnB, but actually they have an agreement with a foreign host, and AirBnB is just the middle man. And since the host is selling on the European market (trough AirBnB) they also would have to stick to the European privacy regulations.

It is very complex, and even the experts do not know how to handle this.
On the other hand, why keep any non relevant data is it useful to you?

is it a legitimate email address?

Hi @Chris,

I see. I’ll try to bear all this in mind, if the occasion does arise.

I’m not sure what relevant means in this context. Guest contact information, for example, can be useful in theory, though it is true I’ve rarely had occasion to use it. But in any case, I make a point of asking guests for their contact information, and saving it.

When I get to my laptop I’ll see if I can find this guest. If anything I would have a phone number; maybe the email?

And how are they going to know if I’ve complied?

Seems to be. I’ll check.

“How are they going to know if I’ve complied?”

If the info is in Air’s “system”, they’ll know whether you’ve deleted it or not; if you’ve kept it in your own records…when they raid your home office.

Why can’t they just delete it from my system since it’s all on the Air platform?

Also, I can’t wait to see who this guest was. I need to use my laptop for that. Don’t have it with me at the moment.

Good question! Air is all about control. (Their motto is: …vee haff vays of making you comply.)

The reason for the deletion “request” is definitely curious. Maybe it has to do with a hidden identity…or national security…or…

(Are you still traipsing around the country exploring or have you settled?)

My take is that it may be legit. Of course they cannot force you to do anything with the “data.” I think this is just a notification from their legal team that they have made the request. After that, it can just dissipate into the universe.

I tried getting into my past reservations on my phone but had no luck. Yes I have been traipsing around this week through Oregon and Washington but have settled…at least for a few months…in Bandon Oregon. Still don’t feel really settled but don’t know where to go next.

No they can’t force me, I guess. It just seems odd that this hasn’t happened to other hosts. I’m wondering who it is??? A spy???

I haven’t had any German guests in the past year so maybe it only applies to the past year activity.

@J_Wang, you could just ask Airbnb for the name of the guest. They have no reason not to tell you. And I trust you checked with them first that the request was real/legit before doing anything else.