OpenGDS highly values the privacy of our customers and partners, and we strictly follow the highest privacy standards, fully complying with the GDPR and PCI-DSS regulations. Our platform forms direct reservations with full transparency between the travel provider and the accommodation; the hotel knows exactly who the booker is.
In providing our connectivity and reservation routing services, OpenGDS acts strictly as a Data Processor. The Company (the accommodation or travel platform utilizing our services) acts as the Data Controller. OpenGDS processes personal data solely to perform contractual obligations (such as reservation delivery), provide technical support, and notify users about system disruptions.
Taking into account the state of the art, OpenGDS implements appropriate technical and organizational measures to secure our environment, technology infrastructure, and systems. Access to personal data is strictly limited to authorized personnel. OpenGDS shall not appoint any Subprocessor for data routing unless authorized by the Data Controller.
OpenGDS may not transfer personal data to countries outside the European Economic Area (EEA) without prior written consent, unless relying on EU approved standard contractual clauses. As a Data Processor, we retain general reservation data indefinitely to support the Data Controller's historical analytics and operations, unless the Data Controller explicitly requests deletion or anonymization. However, sensitive payment information (such as credit card details) is automatically and securely purged from our systems after a predefined period, in strict compliance with PCI-DSS standards.
OpenGDS will notify the Data Controller without undue delay upon becoming aware of a Personal Data Breach affecting Company Personal Data, providing sufficient information to allow the Data Controller to meet their GDPR reporting obligations.
OpenGDS uses cookies to ensure the proper functioning of our Platform. We primarily use strictly necessary, functional cookies to manage user sessions, authenticate logins, and maintain security. Additionally, we may use basic analytical cookies to monitor platform performance and improve our services. Because OpenGDS is a B2B technology enabler, we do not use intrusive third-party advertising or retargeting cookies. By using our Platform, you consent to the use of these essential cookies.