Travel agencies associations, including the European association; Spain's hoteliers; Spain's Congress and Senate. Among some to have expressed fierce criticism of or to have voted against the introduction of the decree that obliges accommodation providers, travel agencies and car-hire firms to provide Spain's interior ministry with traveller data that has been attacked for being excessively bureaucratic, an invasion of privacy, a threat to Spain's competitiveness and a cybersecurity risk.
The decree comes into force on Monday, December 2, the ministry insisting that it has respected principles of transparency and efficiency. "Unnecessary or accessory administrative burdens have not been included." In bringing this decree, the minister, Fernando Grande-Marlaska, has stressed the security situation. Current regulations are said to be "obsolete and useless". Where registrations for lodging are concerned, these date back to 1959. The new regulations, he argues, are necessary to combat terrorist activity and organised crime "of a transnational nature".
For its part, the European association of travel agencies and tour operators states that the regulations are "unprecedented" in the European Union. Accepting that travellers to Spain could be the most protected citizens anywhere in the world, the association is nevertheless scathing in its criticism of the amount of data these citizens will have to provide.
The CEHAT national confederation of hotel associations utterly rejects Grande-Marlaska's assertion that there has been transparency. Repeated requests for dialogue from various sources have received no response from the Spanish Government. CEHAT states that the only meeting held with the ministry was on October 4. Since then, there has been nothing. Grande-Marlaska said a few days ago that there will be a public hearing, a process lasting a couple of weeks with the aim of establishing a clear framework so that companies can manage the required data efficiently.
The confederation continues to consider legal action against the government, its general secretary, Ramón Estalella, pointing out that votes in Congress and the Senate have heaped further pressure on the government. "The government may not be obliged to, but it should listen to the chambers and their representatives, the source of popular sovereignty."
The opposition Partido Popular have adopted the 'big brother' charge. One PP senator, Agustín Almodóbar, held up a poster during the Senate debate with the words (in English): 'Big Brother is watching you'. This included a photo of Prime Minister Sánchez.
The politics aside, the tourism industry has expressed its deep concerns with regulations that could result in fines to service providers of anything from 100 to 30,000 euros for non-compliance. CEHAT argues that there could be chaos as it will be impossible to certify some of the data-collection requirements. The confederation maintains that at least 70% of accommodation providers are small or medium-sized concerns that lack adequate systems security to ensure data protection.
The data requirements aren't the same in all cases, but the following list gives an idea:
Company details:
- Name or company name of the owner
- ID number
- Municipality
- Province
- Landline and/or mobile phone
- Email address
- Company website
- URL to identify an advertisement
Property details:
- Type of establishment
- Name
- Complete address
- Postcode
- Town and province
Traveller data:
- Name
- First surname
- Second surname (for Spanish citizens typically)
- Gender
- ID number
- Type of ID document (DNI, passport, TIE)
- Nationality
- Date of birth
- Place of habitual residence (full address and country)
- Landline telephone
- Mobile phone
- Email
- Number of passengers
- Relationship of kinship (in the event that one is a minor)
Transaction data:
- Contract: reference number, date and signature
- Date and time of arrival and date and time of departure
- Property: full address, number of rooms and internet connection (yes or no)
- Payment: type (cash, credit card, transfer, etc.). Identification of the payment method (type of card and number, bank account IBAN, mobile payment, others). Holder of the payment method, expiry date of the card and date of payment.
9 comments
To be able to write a comment, you have to be registered and logged in
Of course the traveler could always pay in cash to circumvent this intrusion to his/her privacy.
Just TogetpublishedPlus: In addition, transaction details will need to be provided. Specifically, the contract (reference number, date and signatures), contract execution details (date and time of entry and date and time of exit) and payment details (type, identification of the payment method such as card type and number, holder of the payment method, card expiry date and payment date). Which, presúmably, would mean account details if paid by bank transfer.
Stephen NivenThere is no requirement to put your bank account details in. Check your facts before spouting off on here. The new system of registering guests staying at Spanish accommodation is in full effect from today. There have been several articles in the UK press over the weekend, repeating false information, claiming that "guests have to hand over all their bank details"...This is totally false. Up to today, guests passport or ID details were taken on check in and sent to either the Guardia Civil or National police using their respective websites Hospederías or WebPol. Now, from today, guest data must be submitted to the Ministry of Interior via their dedicated SES.Hospedajes platform. The number of data points to be collected has increased: the property will now need to gather 17 pieces of information per guest at check-in. Previously, only 9 pieces of data were required. This will apply to all travellers over 14 years of age. The data collected is as follows 1. First name 2. First surname 3. Second surname (if applies) 4. Gender 5. ID document number 6. Document reference number 7. Type of document (DNI, passport, TIE) 8. Nationality 9. Date of birth 10. – Full address (Place of usual residence) 11. – City (Place of usual residence) 12. – Country (Place of usual residence) 13. Landline phone number 14. Mobile phone number 15. Email address 16. Number of travellers 17. Relationship between travellers (if any are minors) As you can see......There is NO "field" on the online form regarding bank details. * NOTE* Most apartment blocks or even some hotels ask for a deposit in case of damages nowadays, this has nothing whatsoever to do with this scheme. (It can normally be paid in cash or a "pending" payment on a card.
ParkyUnlike the honest UK - London being the money laundering capital of the world!
Surely it’s not that Spain has turned a blind eye or maybe encouraged dodgy people to come and bring their money over the years and they have got enough so let’s have a go at the honest . Typical Spain
Richard PearsonSo it would seem. What are they hiding. Funny that.
I haven't seen this (other than in the media), and no official notification has been issued about it. I would expect to receive a letter or something. So far, nothing. Yet if it were booked through a booking platform, there's no way we can obtain the credit card data. It's illegal for them to forward it to us. So how will that work?
Stephen NivenI must look into the prepaid card deal. From what I can gather, a few of the regular posters on this site also try and hide their real identity.
Most of the important data (name, d.o.b., sex) is on the passport anyway. Simple, on a lot of these booking sites I just enter my phone number as 0123 456 7890, tick no phone contact, and I have a non-personal email for all my online shopping, bookings etc. Likewise my address is none of their business, so No. 10, Mainstreet, Newcastle or similar. The big problem is giving the Government my IBAN and card number, so just get a pre-paid credit card for these bills. I can't imagine giving a commercial operation incomplete or false data is a 'crime.