EU GDPR / General Data Protection Reg. and FT compliance
Feb 17, 2018, 12:28 pm
#1
Original Poster
Join Date: Nov 2012
Location: Rhineland-Palatinate
Programs: *A Gold (A3), HHonor Gold
Posts: 5,696
EU GDPR / General Data Protection Reg. and FT compliance
Hello,
I would like to know what is the status with GDPR compliance Flyertalk, in general terms but specifically for
- the right to be forgotten
- the right of portability
- the right to restrict processing
- the right of correction
- contentment collection
Thanks
I would like to know what is the status with GDPR compliance Flyertalk, in general terms but specifically for
- the right to be forgotten
- the right of portability
- the right to restrict processing
- the right of correction
- contentment collection
Thanks
Feb 18, 2018, 10:04 am
#2
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
For members unfamiliar with the term, GDPR refers to the European Union’s latest iteration of General Data Protection Regulation, which regulates data privacy.
For more, please see this article on Wikipedia.
JDiver, Co-Moderator
For more, please see this article on Wikipedia.
JDiver, Co-Moderator
Feb 21, 2018, 2:39 pm
#3
No longer with Internet Brands
Join Date: Mar 2011
Location: Los Angeles, CA
Programs: DL DM 1.6MM, Marriott LT Plat
Posts: 5,343
Flyertalk is a US-based site. Our TOU can be found here:
https://www.flyertalk.com/legal-notices.php
https://www.flyertalk.com/help/privacy.php
https://www.flyertalk.com/legal-notices.php
https://www.flyertalk.com/help/privacy.php
Feb 22, 2018, 12:39 am
#4
Original Poster
Join Date: Nov 2012
Location: Rhineland-Palatinate
Programs: *A Gold (A3), HHonor Gold
Posts: 5,696
The location of Flyertalk is not relevant as long as it has users that are located within the European Union. Please see the Wikipedia article JDiver kindly links and also this Forbes article: https://www.forbes.com/forbes/welcom...ased-business/
Or this one from the NYU https://wp.nyu.edu/compliance_enforc...personal-data/
Flyertalk is impacted by the GDPR as it has EU users. As such I would really appreciate if you could have a more precise answers to the questions in my OP please.
Or this one from the NYU https://wp.nyu.edu/compliance_enforc...personal-data/
Flyertalk is impacted by the GDPR as it has EU users. As such I would really appreciate if you could have a more precise answers to the questions in my OP please.
Feb 22, 2018, 11:13 am
#5
FlyerTalk Evangelist
Join Date: May 2002
Location: Pittsburgh
Programs: MR/SPG LT Titanium, AA LT PLT, UA SLV, Avis PreferredPlus
Posts: 31,008
Use our Privacy Contact form, or write to us at the address below.
Privacy Office
Internet Brands, Inc.
909 N. Sepulveda Blvd., 11th Floor
El Segundo, CA 90245 U.S.A.
Privacy Office
Internet Brands, Inc.
909 N. Sepulveda Blvd., 11th Floor
El Segundo, CA 90245 U.S.A.
Feb 22, 2018, 3:23 pm
#6
No longer with Internet Brands
Join Date: Mar 2011
Location: Los Angeles, CA
Programs: DL DM 1.6MM, Marriott LT Plat
Posts: 5,343
The location of Flyertalk is not relevant as long as it has users that are located within the European Union. Please see the Wikipedia article JDiver kindly links and also this Forbes article: https://www.forbes.com/forbes/welcom...ased-business/
Or this one from the NYU https://wp.nyu.edu/compliance_enforc...personal-data/
Flyertalk is impacted by the GDPR as it has EU users. As such I would really appreciate if you could have a more precise answers to the questions in my OP please.
Or this one from the NYU https://wp.nyu.edu/compliance_enforc...personal-data/
Flyertalk is impacted by the GDPR as it has EU users. As such I would really appreciate if you could have a more precise answers to the questions in my OP please.
Feb 22, 2018, 9:01 pm
#7
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
This?
The organization would have to target a data subject in an EU country. Generic marketing doesn’t count. For example, a Dutch user who Googles and finds an English-language webpage written for U.S. consumers or B2B customers would not be covered under the GDPR. However, if the marketing is in the language of that country and there are references to EU users and customers, then the webpage would be considered targeted marketing and the GDPR will apply.
Feb 23, 2018, 12:12 am
#8
Original Poster
Join Date: Nov 2012
Location: Rhineland-Palatinate
Programs: *A Gold (A3), HHonor Gold
Posts: 5,696
Considering some of the ads I see are in German, and I do live in Germany, then I would say this is targeted marketing.
So again, I maintain my position that Flyertalk has to comply to the GDPR and i would appreciate if they could share with their thousands of European customers their plan.
And I am not the only one to think so:
The GDPR applies to organizations involved in the processing of personal data of individuals located in the EU. “[P]ersonal data” is defined broadly as “any information relating to an identified or identifiable natural person.”
[3] “Processing” means “any operation or set of operations which is performed on personal data or on sets of personal data.”[4] These are broad definitions encompassing a range of data types and a variety of data usages—they are designed in particular to sweep in U.S. technology companies. Indeed, information such as log-in information, IP addresses, and vehicle identification numbers, though not enabling direct identification of individuals, allow for identification of individuals indirectly and are therefore considered to be personal data.
Last edited by fransknorge; Feb 23, 2018 at 12:19 am
Feb 23, 2018, 12:20 am
#9
Original Poster
Join Date: Nov 2012
Location: Rhineland-Palatinate
Programs: *A Gold (A3), HHonor Gold
Posts: 5,696
Example of ad I see now. It is not in German but clearly targeted as I am currently in FRA and thus is explicitly for the EU market.
Feb 23, 2018, 5:06 am
#10
Ambassador, New England
Join Date: Aug 2001
Location: Maineiac, USA
Programs: Amtrak, WN RR, Choice
Posts: 2,655
Considering some of the ads I see are in German, and I do live in Germany, then I would say this is targeted marketing.
So again, I maintain my position that Flyertalk has to comply to the GDPR and i would appreciate if they could share with their thousands of European customers their plan.
And I am not the only one to think so:
Feb 23, 2018, 10:05 am
#11
FlyerTalk Evangelist
Join Date: May 2002
Location: Pittsburgh
Programs: MR/SPG LT Titanium, AA LT PLT, UA SLV, Avis PreferredPlus
Posts: 31,008
I provided the contact information above. Is something preventing you from contacting the Privacy office to understand privacy, preferring to discuss with website administrators?
Feb 24, 2018, 7:17 am
#12
Original Poster
Join Date: Nov 2012
Location: Rhineland-Palatinate
Programs: *A Gold (A3), HHonor Gold
Posts: 5,696
It would build trust if IB staff publicly explain how IB intent to comply with regulations concerning the handling and processing of customer private data.
This is an opportunity for IB to show their intent to follow regulations.
Feb 24, 2018, 7:18 am
#13
Original Poster
Join Date: Nov 2012
Location: Rhineland-Palatinate
Programs: *A Gold (A3), HHonor Gold
Posts: 5,696
You might want to read the regulations.
Feb 24, 2018, 10:19 pm
#14
Join Date: Jun 2007
Location: gggrrrovvveee (ORD)
Programs: UA Pt, Marriott Ti, Hertz PC
Posts: 6,091
I wouldn't necessarily expect a website administrator to be the point of contact for matters related to privacy policies, particularly given that GDPR still has some pieces which are yet to be fully defined.
You could also try calling them. The numbers I get back from a web search are 310-280-4000 and (800) 692-2200. Although that particular avenue may be more difficult since you're in Germany.
Feb 25, 2018, 5:57 am
#15
Ambassador, New England
Join Date: Aug 2001
Location: Maineiac, USA
Programs: Amtrak, WN RR, Choice
Posts: 2,655