This forum is dedicated to connecting hosts with other hosts. Sign up to get the latest updates and news just for AirBnb hosts! Note that we are not affiliated with Airbnb - we are just passionate hosts!
Just got this from Air asking me to delete a guest’s data. Seems strange and like it could be spam. Here’s a part of the request:
"As part of our compliance with the GDPR, we’re writing to notify you that we’ve received a data deletion request from one or more guests whose personal data may be in your system due to past reservations and stays. The affected user IDs include:
Each user above has indicated to Airbnb that they want their personal data erased from our system. Unless you have a lawful basis to retain the data under applicable data protection laws, you should delete the affected data from your systems"
No, the message says “our system”, meaning Airbnb’s system.
It’s most likely some bizarre kind of spam, but the first thing to do is to check with Airbnb. And it’s entirely reasonable to keep guest details. Everyone does it, often it’s required by law (e.g. in India), and I’ve never heard of any guest objecting to it. Deleting guest data is literally the last thing you should do. And then only if there is a compelling case for it.
On rereading the message, it’s possible that a specific guests wants all his/her data gone, even from the hosts records. But if so, that is an extremely strange way of going about it. @J_Wang, does that string of digits correspond to any actual guest of yours?
No under the new (since 24 May 2018) European privacy laws you are required the delete all non relevant guests data upon request. You are only allowed to keep data that is required by law, about the data that will not be deleted.
I am required to keep, the names, birth dates, address id number and signature of each guest. All other data must be deleted.
When I receive a request like this, it means that I have to delete all other data, including phone number, email address and message history. If you do not comply, and someone discovers this you can get fines up to €25.000.
So this may not be the case in India, but all hosts in Europe have to comply.
I see. Does the GDPR apply worldwide, then? I believe @J_Wang is in the United States. In any case, I think it is still worth checking with Airbnb. If you get such a request, I’d certainly check with them, and probably with the guest in question. I have a little register where I write down things about each guest. I’m not sure how I would delete stuff from there. White-out?
Well, this is a grey area, where even experts do not know how to handle it.
It only applies to Europe. But when a European customer books with AirBnB, they expect AirBnB to stick to European law.
The problem is that they think they book with AirBnB, but actually they have an agreement with a foreign host, and AirBnB is just the middle man. And since the host is selling on the European market (trough AirBnB) they also would have to stick to the European privacy regulations.
It is very complex, and even the experts do not know how to handle this.
On the other hand, why keep any non relevant data is it useful to you?
I see. I’ll try to bear all this in mind, if the occasion does arise.
I’m not sure what relevant means in this context. Guest contact information, for example, can be useful in theory, though it is true I’ve rarely had occasion to use it. But in any case, I make a point of asking guests for their contact information, and saving it.
My take is that it may be legit. Of course they cannot force you to do anything with the “data.” I think this is just a notification from their legal team that they have made the request. After that, it can just dissipate into the universe.
I tried getting into my past reservations on my phone but had no luck. Yes I have been traipsing around this week through Oregon and Washington but have settled…at least for a few months…in Bandon Oregon. Still don’t feel really settled but don’t know where to go next.