On the plus side no biometrice involved.
Then a compromised database could cost you some fingers.
Two more hotel chains are warning customers they were caught by the breach of Sabre's "SynXis" hotel booking service that emerged earlier this year. Last Thursday, the Hard Rock chain warned that customers of 11 of its properties may have been caught up in the breach. According to Hard Rock's confession, Sabre advised it the …
While Chip and Pin is not actually a security system, more a "shift blame to customers whilst reducing security system" the mechanics means that the Pin number is not stored when you use it.
With contactless you are also pretty safe (from the Sabre story anyway) details of the card are not stored at the point of sale.
That is if the $10 reader you put your card in is actually legit and not made by the guy who is stealing your details (whilst smiling at you)
Looks like it...
<www.eugdpr.org/gdpr-faqs.html>
Who does the GDPR affect?
The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.