From this Monday, December 2nd, the tourism sector in Spain – travel agencies, rent-a-cars, hotels, hostels, rural tourism units – are required to collect 42 pieces of data from their customers.
This measure, included in Royal Decree 933/2021, raised protests among the tourism sector in Spain, but the Minister of the Interior, Fernando Grande-Marlaska, imposed his will, justifying it with the fact that these records allowed the location of many wanted criminals, indicating the Spanish press that, according to estimates by official entities, “more than 15 thousand criminals were located thanks to the collaboration of hotels and agencies”.
Among the data to be collected from the customer are name and surname, gender, identification document number, nationality, date of birth, place of habitual residence, telephone numbers, e-mail, number of travellers and kinship (in the case of minors ) and transaction data.
As mentioned, companies will be required to provide up to 42 pieces of customer data, tourism employers' associations arguing that the massive processing of personal data provided for in the Royal Decree violates European Union (EU) regulations on data protection and privacy, including those included in payment methods, in addition to, according to them, increasing the bureaucratic burden on companies which, in most cases, are small companies without any capacity to collect and process this data.
The register only covers serious and minor infractions, with very serious infractions provided for in the Citizen Security Law having been omitted. Minor infractions will be punished with fines of 100 to 600 euros only if they are continuous irregularities, while serious infractions, with fines of 601 to 30,000 euros, will be applied for lack of registration and total omission of information.
The fine for those who do not follow the “Marlaska standard”, as it is known in Spain, can reach 30 thousand euros.