GDPR

On May 25, 2018, the General Data Protection Regulation (GDPR) governing all European Union member countries come into effect. These new data privacy laws apply not just to businesses within the EU, but to any companies that process or handle private data of EU residents, regardless of the business location.

Steps Sriggle has taken to become GDPR compliant:

• Changed systems, contracts, privacy policies, and processes to comply with GDPR.
• Trained employees on details and obligations of the regulations.
• Built communication channels to inform clients of all GDPR updates and recommendations.
• Rewrote our data protection agreement and privacy policies to comply with GDPR.

For additional information, please read our updated Privacy Policy here or contact us at privacy@sriggle.tech for more information.

GDPR Customer FAQ

Does my DMC or Travel Company need to be GDPR compliant?

Under GDPR, clients that collect and manage private data (including, but not limited to, names, email addresses, credit card numbers, and IP addresses) from EU-based guests are defined as “Data Controllers” and subject to these regulations. As your ERP or Mid-office or Back-office or website provider, Sriggle is defined as a “Data Processor” and is also subject to the regulations.

What steps should I take to become GDPR compliant?

We recommend that all Clients consider the following actions as part of their data protection efforts. Please note that the list is not exhaustive, and that Sriggle cannot provide any legal advice on what specific actions are required of your Organisation to become GDPR compliant.

What steps should I take to become compliant with the CCPA?

We recommend that all Clients consider the following actions as part of their data protection efforts. Please note that the list is not exhaustive, and that Sriggle cannot provide any legal advice on what specific actions are required of your organization to become compliant with the CCPA.

1. 1.Consult with your legal counsel to determine the extent of applicability of GDPR to your business. Larger organizations may require the appointment of a data protection officer to oversee compliance regulations.
2. 2.Review and update your privacy policy with your legal counsel to be GDPR compliant. As the data controller, Clients are required to inform all website users of the data processing activities taking place on the website and booking engine. Please ensure that your privacy policy communicates how you are using Sriggle and other similar services as a data processor and for what purposes the processing takes place.
3. 3.If you are a Sriggle customer, review and agree to Data Processing Addendum as part of the Sriggle Software License Agreement. This addendum names Sriggle as a data processor and is required for GDPR compliance.
4. 4.4. If you are using Sriggle products or services, please review the documentation on what changes will be made to our platforms and processes in order to be GDPR compliant. If you have not yet received documentation, please reach out to us at privacy@sriggle.tech for more information.