GDPR, Privacy and Data Protection at ILG Business

The European General Data Protection Regulation (“GDPR”) legislation introduces a new set of rules for the processing of personal data.
GDPR is the most modern and fully integrated legislation on data privacy, and the applicability of the GDPR does not stop at the borders of the European Economic Area (“EEA”).

ILG Business has embraced the requirements of GDPR, and we consider GDPR to be the benchmark for our privacy and data protection efforts.
Below you’ll find information about GDPR, as well as answers about data protection and privacy at ILG Business, for your convenience.

You should also consult our Privacy Policy and Terms of Use for further details on these topics.

Why GDPR should matter to you

GDPR modernises outdated privacy laws and impacts your organisation if you collect or process data in or from Europe.
If you’re based in Europe, or you work with persons that are in Europe, then you likely need to comply with GDPR.
Significant fines of up to €20,000,000 or 4% of global annual turnover, whichever is greater, could be levied on you if your organisation is impacted and is not GDPR compliant.

How to prepare for GDPR

If your organisation is impacted by GDPR, then you need to make sure you are compliant with the legislation before it commences on 25 May 2018.
The good news is that we make it easy to use ILG Business in a GDPR-compliant way!

The following steps are recommended as a means to achieving compliance.
NOTE: We’re not lawyers! If you’re unsure about your compliance status, seek legal advice.

Review your vendors and data flows
Make a list of your software and other vendors, and document the data flows across your business, what type of personal data you collect and who has access. It’s likely that you will need to put in place agreements that assure data protection with any vendors you submit personal data to.

Review the ILG Business DPA if applicable
If you’re an ILG Business customer and are considered to be a data controller under GDPR, then you should review our online Data Processing Addendum (DPA) as it applies to you. The ILG Business DPA incorporates with our Terms of Use so, by having acknowledged our Terms of Use and continuing to use ILG Business, you’re already accepting our DPA.

Identify and mitigate your risks
Perform a risk assessment within your business to identify any gaps that need to be addressed for meeting GDPR compliance.

Implement your compliance ongoing
Plan and implement your GDPR compliance activities ahead of the May 25, 2018 deadline, and then ensure that compliance continues thereafter as an ongoing discipline for your organisation.