The aim of the General Data Protection Regulation (GDPR) is to improve the protection of personal data and the rights of registered persons. It also addresses new digitalisation- and globalisation-related data protection issues and harmonizes data protection regulations across the European Union. The GDPR regulates, among others, the collection, processing and disclosure of personal data and the rights and obligations related thereto. Personal data include information that can be used to identify a person directly or indirectly, such as name, phone number and email address. In each company, the processing of personal data must comply with the GDPR. Companies in the tourism industry generally handle personal data, and it is therefore a good idea to have your company’s data protection updated.
Data protection is comprehensively covered on the website of Data Protection Ombudsman.