The 7 sins of the new travelers' registry in Spain

26-09-24

Royal Decree 933/2021, which establishes the mandatory registration of traveler data, has faced multiple postponements due to almost unanimous rejection by the tourism sector. Hoteliers, travel agencies, car rental companies and other key players have pointed out the operational and legal problems implied by this regulation. The following are the seven main “cardinal sins” of the decree that have generated so much discomfort.

1 Invasion of privacy

The main cause for complaint is the excessive amount of data that accommodations and travel agencies are required to collect. In addition to basic information such as name and ID, details such as the customer's full address, the number of rooms in the hotel and even whether the establishment has a Wi-Fi connection are requested. For many companies, especially foreign ones, this collection is excessive and invades the privacy of customers, who are likely to be reluctant to share such sensitive information.

2. Risk of data theft

Mass data collection increases the risk of data leakage and phishing attacks. Tour operators have expressed concern that data transfers between agencies, hotels and other entities open the door to errors or misuse of information. In addition, data protection laws in other countries, such as Germany and the Netherlands, are stricter and could lead to legal disputes.

3. Impossible requirements for the car rental industry

The decree requires that, at the time of booking, car rental companies provide details such as the model, license plate and VIN of the car. However, on many occasions, these details are not available at the time of booking, as vehicles may be allocated some time later or even not yet purchased. This creates a gap between the regulations and the operational reality of the industry.

4. Duplicity of data

Another major problem is the duplication of information. Different actors within the value chain, such as agencies, tour operators and hotels, are obliged to report the same information to the Ministry of the Interior, which generates an unnecessary multiplication of tasks and possible errors. In addition, this increases the risk of inconsistencies and administrative overload.

5. Lack of automation

The lack of adequate technological tools to automate data collection and submission is also a source of concern. Despite the promise of automation of the process, in practice, most registrations must be done manually, which increases the workload and human error. Companies such as DER Touristik España have tried unsuccessfully to integrate their systems with those of the Ministry of Interior since 2022.

6. Administrative overload

The increased administrative burden brought about by these regulations is a challenge especially for small and medium-sized enterprises (SMEs), which make up 95% of the tourism sector in Spain. The new requirements generate additional operating costs and greater complexity in day-to-day management, something that many SMEs are not in a position to assume.

7. Promises without guarantees

Finally, the sector is frustrated by the lack of binding guarantees from the Ministry of the Interior. Although verbal promises of flexibility on certain aspects of the decree have been made, no official document has been provided to protect companies from sanctions, which can range from 100 to 30,000 euros, depending on the seriousness of the infraction.

In summary, Royal Decree 933/2021 continues to generate controversy due to its disproportionate impact on the tourism sector, which considers it an unbearable obstacle to its daily operations.