De tekst van het bericht (verstuurd op 20-11-2019)
Referring to our letter of 2nd of June 2019 related to the processing of passenger data, we have finalized a random check at our IATA members during a one month period. The conclusions of this random check showed that in ##% of the messages received from [airline name] and which are demonstratable related to the provided passenger contact data, are used to send commercial related messages. These messages may be related to offers for paid upgrades, book ancillary services, hotel bookings or rental bookings, flight evaluation/reviews and information about products or services of third parties not related to flight disruptions.
Our members have not obtained and shall not obtain authorisation from the passenger for using their contact data form commercial related messages. Furthermore, in IATA Resolution 830d it is clearly stated that this information may only be used for purposes of contact in an operational disruption related to the flights in the PNR, and prohibits any use related to marketing or sales.
Agents which continue to provide passenger contact information are acting contrary to Regulation (EU) 2016/679 (GDPR) and may be liable for this behaviour, which includes fines and legal claims.
We already mentioned that any infringement related to IATA Resolution 830d and the GDPR, as explained in our letter 2nd of June 2019 may result in an immediate suspension of any cooperation to provide passenger contact data to [airline name] However, our members suggested that these infringements may not be intentional, for example, because of the unawareness of the limitations in IATA Resolution 830d or the GDPR. They agreed not to suspend their cooperation, provided that [airline name] confirms in writing:
- to comply with IATA Resolution 830d, GDPR and additional conditions as outlined in our letter of 2nd June 2019;
- that it shall cease any commercial use of passenger contact data provided by our members.
Your reply is expected before 30th November 2019!
We hope that we and our members may continue the good relationship with [airline name]. However, when no confirmation is received, we shall release this information to our members and the travel industry press early December 2019. This information includes the risks of continuing to provide passenger contact data due to these infringements, which shall be supported with the results of the random check and shall also include the names of all airlines which do not comply with IATA and statutory regulations. But we rely on our confidence that this step won't be necessary.
We would appreciate your immediate attention to this matter. If you require any further information, feel free to contact us.