Global data and privacy laws

Data privacy has become increasingly important to consumers. In fact, according to UNCTAD, 137 out of 194 countries have legislation in place to secure the protection of data and privacy. As a result, hoteliers must ensure they are abiding by the privacy laws of their guests’ home country or state when sending out promotions. Here are a few to be aware of.

United States:

Any organization that collects the personal data of California residents must comply with the California Consumer Privacy Act (CCPA), which gives residents of California the following rights: right to notice, right to access, right to opt in (or out), and right to equal services.

The most prominent national laws include the Privacy Act of 1974, the Privacy Protection Act of 1980, the Gramm-Leach-Bliley Act of 1999, the Health Insurance Portability and Accountability Act of 1996, and the Fair Credit Reporting Act of 2018.

Click here for more information on data privacy laws in the United States.


There are 6 data protection principles in the General Data Protection Regulation (GDPR), which went into effect in 2018 and cover residents of all European Union countries. For more information, start with our overview guide.


The Personal Data Protection Act (PDPA) provides a baseline standard of protection for personal data in Singapore. It complements sector-specific legislative and regulatory frameworks such as the Banking Act and Insurance Act. Learn more here.


The Personal Information Protection and Electronic Documents Act (PIPEDA) governs the topic of data privacy and how private sector companies can collect, use, and disclose personal information. This act also contains various provisions to facilitate the use of electronic documents. Learn more about compliance here.

Latin America:

GDPR has inspired Latin American countries to get more serious about data protection and regulation. Today, according to EFF, “several countries, including Barbados and Panama have led the way in adopting GDPR-inspired laws in the region, promising the beginning of a new generation of data protection legislation.” Learn more here.

Revinate’s commitment to global privacy and data laws

As a company that helps hoteliers drive revenue through email marketing, Revinate takes privacy laws very seriously. We help our customers understand the laws, navigate the complexity, and ensure compliance, regardless of where you are located. It’s just one of the reasons why Revinate has been named “Best Email Marketing and CRM” by HotelTechReport for 4 years in a row.