Herbert Münder, Ecsite president
As an owner or operator of a leisure business looking to market your business to guests, you're likely very familiar with the GDPR and all of its implications in the storage and use of personal and public data.
You’ve probably already taken steps to ensure that your privacy policy includes full transparency on how your site collects and uses data. You’ve likely also reaffirmed opt-ins for those individuals who are on your email marketing lists and made sure that they still wish to receive your email marketing.
However, if you haven’t fully addressed GDPR compliance, then you might want to make it a higher priority because complaints are being filed and fines are being levied against large and small companies. Since GDPR came into force, there have been more than 59,000 personal data breaches notified to regulators. These range from minor breaches, such as errant emails sent to the wrong recipient, to major cyberhacks affecting millions of individuals and making front-page headlines.
Since this is a complex issue, you might consider hiring a privacy compliance consultant. However, if you aren’t able to hire someone to aid you in this, then consider the checklist provided by GDPR.eu