Case Study: Diamond Resorts International achieves a GDPR-ready privacy program and streamlined vendor risk management with OneTrust

Diamond Resorts ramps up privacy program with OneTrust

Diamond Resorts International, a global hospitality leader in timeshares and vacation services, needed to build a GDPR-ready privacy program and get vendor relationships under control with a very small privacy team. To accelerate compliance and reduce manual work, they evaluated OneTrust and adopted its Privacy Impact Assessment (PIA & DPIA Automation) and Data Mapping Automation solutions.

OneTrust implemented automated vendor assessments, a self‑service portal and data mapping tools so vendors could complete digital questionnaires and Diamond Resorts could inventory PII and generate Article 30 reports. The OneTrust rollout enabled Diamond Resorts to send more than 300 data‑mapping assessments, improve vendor questionnaire response rates, centralize tracking via dashboards, and streamline procurement and legal reviews—significantly reducing manual effort and strengthening GDPR readiness.

Diamond Resorts International

Gabriel Kotch

Assistant General Counsel-Privacy and Data Protection