Blog > May 2018 > YachtSys complies with GDPR

YachtSys complies with GDPR

May 18 2018 | 0 comments

A.) What is the GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It becomes enforceable on 25 May 2018. (Quoted from Wikipedia)

GDPR Compliance

B.) Which new legal terms do you need to know?

Some relevant definitions from Art. 4 GDPR:

Referring to final customer: ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’);

Referring to agent / fleet operator: ‘controller’ means the natural or legal person, (…) which determines the purposes and means of the processing of personal data;

Referring to YachtSys: ‘processor’ means a natural or legal person, (…) which processes personal data on behalf of the controller;

C.) What are the most relevant aspects for agents and fleet operators (= controllers)

Art. 6 GDPR: Lawfulness of processing

Processing shall be lawful only if and to the extent that at least one of the following applies:
  1. the data subject has given consent (Art. 7 GDPR) to the processing of his personal data (..);
  2. processing is necessary for the performance of a contract to which the data subject is party (…);
  3. processing is necessary for compliance with a legal obligation to which the controller is subject; (e.g. tax lay obliges controller to keep invoices X years)
  4. processing is necessary for the purposes of the legitimate interests pursued by the controller (…), except where such interests are overridden by the interests (…) of the data subject which require protection of personal data, (…)
The last point 4 will give lawyers a lot of work for the next decade. YachtSys as processor will help you to avoid that by complying to points 1,2 and/or 3.

Art. 13 GDPR: Data privacy declaration

You need a data privacy declaration on your website. For that contact your lawyer or use a generator for privacy statement generator which you can find in Google:
For German website owners here is a good source:
This generator also produces data privacy declarations in English, but unfortunately you will have to go through the questionnaire in German language.

Art. 15 to 22 GDPR: Various customer rights

These customer rights are much discussed but you will see that in your daily business they will most probably not play a bigger role than they do already now, so we mention only the most relevant:

- right to rectification
- right to be forgotten
- right to data portability
- right to object


D.) How does YachtSys, the “processor” support you and your business?

YachtSys already has undertaken all measures to fulfil the requirement of security of processing of customer data according to Art. 32 GDPR by using SSL encryption, dedicated servers with professional firewall protection in a renowned server farm (Hetzner), internal regulations, etc..

It is foreseen to launch it until the 21st May 2018 on YachtSys and connected Widgets and make potential bug fixing until 25 May 2018 of following features:

- Integration of explicit consent in all our widgets and request forms of generation 3.0
- Integration of explicit consent in CRM when uploading crew list, skipper license, etc.
- Tools to manually delete clients according to certain criteria
- Tools to correct and export customer data upon request of client
- Agreement which confirms that YachtSys processes client data according to GDPR - Download.

Also the following blog articles regarding GDPR might be interesting to read:

May 18 2018 | 0 comments

Trackback URL:

Blog post currently doesn't have any comments.
Recent Posts
Takeaways from the Boat Rental Season 2020The 10 Most Popular Monohull Sailing Yachts of the Charter Season 2019Latest Early Booking Trends in Yacht Charters for leading DestinationsGDPR - Do you need a processing contract with YachtSys?GDPR - How long may you store personal data of your customer?GDPR - Can I define my own privacy declaration?GDPR - Can I define my own GDPR consent text?YachtSys complies with GDPRUnforgettable Cruises on a Luxury Yacht from Palma de MallorcaBest Drone Videos from 7 Favorite Greek Yacht Charter PortsDUFI Sail Charter - Jeanneau Sailboat Charters from San VincenzoTrends for Prices and Discounts for Bareboat Charter YachtsBareboat Yacht Charter Prices in the Mediterranean 2015Die 7 größten Fehler beim Online MarketingCharterExpo 2014 in Berlin – Providers Meet AgentsBetterPrice - Never miss a great Charter DealBareboat Charter Week Prices in CroatiaHow Charter Companies benefit from the OpenSeaMap Data LoggerYacht Charter Pre-Booking Trends before the Boot 2014 in DüsseldorfIndividual Commissions per Charter Base and YachtContinued Growth - NO MORE Agent Booking Fees - 10 € Booking BonusHow to gain new Charter Clients with CharterBidsHow to double Yacht Charter RequestsThe New YachtFinder Filter Bar - Challenges and FeaturesPublish your yacht names in order to sell better!Yacht charter bookings during the BOOT 2013 in DüsseldorfYacht Charter Pre-Booking Trends before the Boot 2013 in DüsseldorfWhat you should know about bareboat yacht charters
Read all posts