General Data Protection Regulation (GDPR) | Amadeus Hospitality

General Data Protection Regulation

General Data Protection Regulation (2016/679/EC) (“GDPR”)

Is your Amadeus Hospitality Product compliant with GDPR?

Amadeus compliance with GDPR – Amadeus Hospitality (“Amadeus”) will comply with GDPR in the delivery of Amadeus Products to our Customers; as a Data Processor Amadeus will comply with the contractual obligations it has with Customers and with direct responsibilities it may have as a Data Processor under the GDPR, this will include ensuring the appropriate organizational and technical measures in place to protect the Personal Data.

Amadeus working with Amadeus Customers

Amadeus will help support Amadeus Customers compliance with GDPR by providing information about Amadeus Products and Services; Amadeus is working to make enhancements to Products and Services to help support Amadeus and Amadeus customers’ compliance with the GDPR.

Product Compliance

Amadeus cannot confirm that any Amadeus Product or Amadeus Service is GDPR compliant, as a particular product or service will not determine compliance – it is how the product or service is used that will determine compliance with the GDPR.

Who is a Data Controller?

A Data Controller is a person or entity that decides the purpose and the means of processing Personal Data and who will need to consider if the processing of Personal Data is in compliance with the GDPR. An Amadeus Product does not enable compliance with the GDPR, it is how the Amadeus Product is used that will lead to compliance.

Amadeus will assist Amadeus’ Customers and provide information about how Amadeus Products work so that the Amadeus Customers can control how Personal Data is processed. Amadeus cannot give legal advice as to whether an Amadeus Customer complies with the GDPR by using a particular Amadeus Product or Amadeus Service. The GDPR does not set out specific standards and requirements for the processing of Personal Data and there are areas of interpretation where views may differ about whether particular processing is compliant with GDPR requirements.