A GDPR Checkup For US-Based Hospitality Businesses
By Dawn Maruna (May 11, 2018, 2:54 PM EDT) -- The U.S. hospitality industry is eager to know how European Union Regulation 2016/679, more commonly known as the General Data Protection Regulation, will impact it, especially with respect to the guest experience, internal operations, marketing efforts and vendor relationships. With the GDPR enforcement deadline fast approaching on May 25, 2018, every business that offers goods or services to or collects behavioral data from European residents should have already determined whether the GDPR is likely to apply to its operations and considered whether and how it intends to address the GDPR's compliance obligations. For most businesses, the prospect of erasing legacy personal data to avoid GDPR compliance is simply infeasible, although U.K.-based pub chain J.D. Wetherspoon reportedly exercised this option by deleting their entire customer email database, and ignoring GDPR compliance obligations may not only prove illegal, but invite hefty financial penalties amounting up to the greater of 20 million euros or 4 percent of the business' worldwide annual revenue for the prior fiscal year....
Law360 is on it, so you are, too.
A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions.