The document summarizes key impacts of the new General Data Protection Regulation (GDPR) on the travel industry. The GDPR goes into effect on May 25, 2018 and introduces much stricter rules around personal data processing and privacy. It will impact all companies that collect and use personal data. Non-compliance could result in fines of up to 20 million euros or 4% of annual global turnover. Companies need to audit all data processing, ensure proper contracts with subcontractors, implement security measures, and respect expanded user rights to prepare for these changes. The deadline to be compliant is fast approaching so companies must take action soon to avoid potential penalties.