GREAT NEWS! We have just raised $ 30M. Click here to know more

The impact of GDPR in the hotel sector – part 2

6 Mar, 2018

Despite last week’s (somewhat) gloomy picture, the GDPR will not put an end to hotel marketing actions or the maintenance of customer relationships.

This necessary adaptation represents a real challenge for all hoteliers. However, it is possible to take advantage of this by improving your customer strategy. Indeed, this regulation will require a better knowledge of customer data. It will enable more relevant marketing actions to be put in place.

What actions should be taken?

• Appoint a data protection officer

As part of this regulation, every company must appoint a data protection officer. The latter will be responsible for implementing an action plan to bring the company into compliance with the GDPR.

• Stored data analysis

Each hotelier must carry out a complete inventory of the customer data that it stores as part of its activity. The scope extends to data stored internally or with a subcontractor. It is first of all necessary to determine all the channels of acquisition of this information:

• Website of the hotelier,

• Hotel reception,

• Restaurant, Bar, Spa…

• OTAs,

• Phone,

• Mails

Each channel receives different types of information. The reception, the restaurant and the bar receive information about possible allergies or eating habits of the customer. The receptionist collects information about the customer’s preferences.

The purpose of this inventory is to know the nature of each customer information received and whether it is stored.

The hotelier will then have to determine whether each piece of information stored is necessary for the continuation of his business. It will then have to set up an organization allowing to quickly transmit these data in case of customer request. This “introspection” can be of real interest for the hotelier’s business because it allows the maximum optimization of the stored data. This means that any unnecessary data is not saved.

• Creation of a “data-register”

This “data-register” is a document listing all types of data stored and where they are stored. This is a “map” of the hotelier’s customer database.

• Network and server security

It is necessary to test the security of the IT architecture in order to be able to prove the high level of protection of stored customer data. This protection includes the use of secure servers as well as restricting access to information.

• Update of all legal documents

The legal notices for customers must be updated to comply with the new regulations. This includes informing customers about the use made of each stored data.

Similarly, the hotel operator will have to revise subcontracts if customer information is processed or stored externally.

• Training of employees in the new standards in force

The hotelier will have to set up a training policy for its employees. This will give them a comprehensive understanding of what this new regulation entails. This continuous training plan will allow the best possible integration of any new employee. It will also help to maintain a high level of knowledge among all employees.

6 Mar, 2018