After 2018-05-25 it's mandatory for companies with customers within the EU to comply with the General Data Protection Regulation (GDPR)
It is up to the company who is data responsible (you) to document compliance but as a service to you as a customer we have chosen to present you with the following assistance
The only change you will see in our services is the Terms of Sale (TOS) will be more visible to your customers as they have to actively comply to these. It's in your own interest you see to it that your TOS are fully updated prior to May 25th. Just send the updated version to Support and they'll update them in your online booking.
The GDPR is all about securing some form of privacy for you and me and that puts some restraints on what and how companies can handle our data. Here you get four main areas in bullet form and then it's up to you to take over from therre.
Companies are often confused about this part and thereby seeks consent which is only one of six legal grounds for data processing - And the least attractive for the company (and sometimes even for the customer).
So let us establish a fact: You do NOT need consent if you fall under ANY of the other 5 legal grounds!
These are the 6 legal grounds ordered by relevance for the vast majority of our users
Please find more detailed information elsewhere
For most companies the GDPR is talking about two kinds of data: 'Personal' and 'Special'. If you can stick to 'Personal' data it will ease your work on preparing for the GDPR.
Usually companies have data collection on customers and staff but be sure you have included all possibilities. Also note that as a rule of thumb all health data is considered special and for instance registering a membership of a union on a staff member is considered special data.
Here follows examples of what should be Personal data (note where marked with * it can be both) and that this doesn't consider compliance to other regulations!
The fewer places you store data the easier to keep it under control
Make a list of everybody with access to your data
This article comes with absolutely no guarantee it's either correct or complete or in any way related to your business.
Always seek professional legal assistance on this topic.