AusLeisure

Set to be introduced this week, the European Union’s General Data Protection Regulation (GDPR) will have an impact on many businesses in Australia, New Zealand and across Asia.

Seen as one of the most significant global changes in data privacy regulations in more than 20 years, GDPR is the result of four years of public consultation regarding the collection, use, storage and protection of any and all data relating to the identification of EU citizens.

The law was passed in April 2016, and had a two year phase in period until 25th May 2018.

GDPR effects any business that has information on anyone who lives in the EU, which may include people who have been members, clients and/or attendees at any type of leisure facility, event or activity .

Information that businesses may hold includes name and email addresses in a database or client records and includes contacts list in a telephone, an email address book, or a list of (ex)-clients names in a spreadsheet).

From gender, age and preferred modes of communication, to basic records of event or facility attendance and even dietary requirements, GDPR covers all data relating to the identification of individuals.

The fines for breaking the GDPR laws are huge, up to 20 million Euro or 4% of annual turnover, whichever is the greater.

Jack Ukil, Director of Sales for event software business Cvent Australia, explains “when you consider the number of Australians who hold dual citizenship, it is safe to state that the clear majority of events held in Australia are attended by citizens of the European Union .

“This means that Australasian event planners who ignore the new regulation do so at their peril. Of course, Australian event planners who run events in the EU are obliged to adhere to the new GDPR standards; but moreover, even if an event held in Australia is attended by a single citizen or resident of the EU, that likely needs to be GDPR compliant.”

To be GDPR compliant, an organisation must have a legitimate business interest, contractual right or seek the consent of an EU citizen or resident before obtaining any data that could identify that individual including his or her preferences and behaviours; be able to prove lawful storage of data in accordance with GDPR standards; be able to delete the individual’s data if they request to be forgotten from all your digital systems; and adhere to standards of ongoing protection of data in accordance with GDPR.

Mindful of the implications of the GDPR, the Exercise Association of New Zealand (ExerciseNZ) has released a comprehensive advisory note GDPR and what it means for many NZ based exercise businesses.

The advisory note is applicable to almost all leisure sectors.

Click here to view ExerciseNZ's GDPR guidance.

6th March 2018 - EXERCISE NEW ZEALAND PARTNERSHIP AIMS TO IMPROVE FITNESS CLUB SAFETY 

16th August 2017 - CVENT CONTINUES GROWTH ACROSS ASIA-PACIFIC REGION

26th May 2016 - IHRSA REPORTS ONGOING GROWTH IN GLOBAL FITNESS INDUSTRY 

13th March 2014 - PAYSMART CONTINUES TO SET INDUSTRY BENCHMARK IN DATA SECURITY

6th October 2010 - ARE YOU READY FOR PCI COMPLIANCE STANDARDS?

Asking a small favour
We hope that you value the news that we publish so while you're here can we ask for your support?

The news we publish at www.ausleisure.com.au is independent, credible (we hope) and free for you to access, with no pay walls and no annoying pop-up ads.

However, as an independent publisher, can we ask for you to support us by subscribing to the printed Australasian Leisure Management magazine - if you don't already do so.

Published bi-monthly since 1997, the printed Australasian Leisure Management differs from this website in that it publishes longer, in-depth and analytical features covering aquatics, attractions, entertainment, events, fitness, parks, recreation, sport, tourism and venues management.

Subscriptions cost just $90 a year.

Click here to subscribe.