We spend a lot of time evaluating new investments to keep privacy at the heart of our mission and the services we provide.
All of our brands operate according to key principles of privacy protection, while each brand is responsible for its own privacy program, employee training, compliance and third-party partnerships.
Booking.com operates to the strictest security standards which are enshrined in their privacy principles. These principles ensure that Booking.com complies with GDPR and that they strictly only use customer data to serve customers in line with their expectations.
Rentalcars.com rolled out a mandatory privacy and security training for all employees, and developers also had secure code training.
KAYAK completed a General Data Protection Regulation (GDPR) plan, resulting in 65 million inactive user accounts deleted. All KAYAK offices with engineering or marketing employees were trained in person. KAYAK also successfully deleted legacy data and semi-automated its data subject rights practice.
OpenTable achieved SOC 2 certification, an auditing procedure to ensure industry-leading privacy standards are met for customer data. As of Q4 2018, OpenTable was live with GDPR on both its consumer and restaurant systems.