Friday, 25 May 2018 is when the European Union’s General Data Protection Regulations (GDPR) come into effect. SOCA ISLANDS, which acts as both a data controller (in that we process client data) and a data processor (in sharing your data with specific service providers such as accommodation partners) can confidently report that we are GDPR ready.

We would like to assure our clients in the European Union member states (and this includes clients in the United Kingdom until Brexit comes into effect), as well as our clients outside of the EU, that we have prioritised data protection and have the operational processes and technical systems in place for processing personal data.

More specifically, we have updated our Terms and Conditions, and Privacy Policy to include our Data Protection Addendum (DPA) to meet the requirements of article 28 of the GDPR. The DPA includes the Standard Contractual Clauses (see Annexure 2 of the DPA) necessary for agreeing to the secure cross-border transfer of personal data from a country in the European Economic Area to a third country. In SOCA ISLANDS’s case, we provide customer support and undertake systems back-ups in our head office based in Trinidad & Tobago. We also have a server located in the United States which further support the provision of our services.

For more information about SOCA ISLANDS’s GDPR readiness, please contact our Data Protection Officer, Mr. Alejandro at