If you own or manage an accommodation business in the hospitality industry then it’s likely GDPR will apply to you. If you:
Then you need to carry out that processing in a manner that is compliant with GDPR.
Just how complicated this needs to be depends on exactly what your processing looks like. If your data processing is fairly simple and is already compliant with existing data protection and direct marketing standards, then you might not have to change a great deal. On the other hand, if you haven’t been paying much attention to how personal data is processed within your business, then you might have some hard work ahead of you.
In either case, GDPR gives new rights to private individuals. It puts them in charge of their personal data and makes you responsible for protecting those rights. Which means there is a need for some preparation and organisation on your part.
If you look at GDPR compliance as being an opportunity to tighten up your business systems. Your marketing in particular.
Being GDPR compliant means people can trust you with their personal data. That’s got to be a good thing for your business.
Direct marketing carried out in compliance with GDPR means following some of the fundamental tenets of “Permission Marketing” – a technique proven to improve marketing responses and results. If you do it right, this means extracting a bit more bang from your marketing buck. I don’t imagine for a moment that the EU set out with this purpose in mind, however it is a very useful byproduct of focusing your efforts on people who really are potential customers for you.
The word “appropriate” crops up throughout the GDPR articles. The regulation recognises that businesses come in all shapes, sizes, legacies and behaviours. Your compliance efforts can be focused by you on what you do (or what you aim to do). It gives you scope to justify the decisions you take. Of course there’s a certain amount of legal and technical “boiler plate” which lawyers and IT professionals can advise you about. But in terms of what you do and how you do it, the Regulation demands certain things of you, but it lets you decide how they should be done.
As long as you can justify your decisions and create and maintain records of what you’re doing, you’ll go a long way to keeping your business right.
Finally, if you have other people working with you in your business, this could be an opportunity to develop something together. Depending on what sort of manager you are, you may or may not regard this as a good thing. But it is going to be necessary and it is doubtful you’ll have success if you try to do it all on your own. So take the team with you.
You can join us on your GDPR Readiness Journey. The GDPR for Hotels system is available for different types of accommodation business, from serviced apartments through to full service hotels. What matters is that you can demonstrate your respect for people’s personal data. We can help you with that.