Booking EU, UK pax? Tread carefully

- By Sarah Robertson
Comments | 0

AGENTS breaching a
new European Union
privacy regulation could
face fines of up to 4%
of annual turnover.
The General Data
Protection Regulation
(GDPR) is effective May
25. The law applies
to any organisation
operating anywhere
in the world handling
personal data of EU
residents and EU
passport holders. The
UK has indicated its
intention to comply
post-Brexit.
John Cato and Dr
Peter Tobin,
consultants at IACTAfrica,
explain that
organisations outside
the EU are likely to
be considered data
controllers in terms of
the EU GDPR and are
required to appoint
a representative in
the EU who should
be an interface to the
authorities in the EU.
IACT-Africa is able
to assist agents in
locating each authority.
Any breaches of
personal information of
an EU passport holder
should be reported to
this representative.
John speculated that
initially, international
enforcement of GDPR
would be handled
only in the instance
of complaints being
raised. These would be
investigated by the SA
Information Regulators
and could proceed to
prosecution through the
South African courts
should remedial action
not be taken.

Sign up to our mailing list and get daily news headlines and weekly features directly to your inbox free.