Important changes to data protection laws you need to know about
I know those words “data protection” aren’t very sexy, so I’m going to explain what they mean and what’s changing in this article.
First, data protection means knowing where your data is stored, what’s being stored and why
If you have any kind of online booking system, card index system, paper-based list, Excel spreadsheet where you are keeping notes of your guests details, card details, preferences, when they stayed etc – this is data.
And there are laws about protecting it from outside forces.
If you’re storing this data in online software such as a booking system or CRM, you’ll already be compliant with the current data protection laws. These software providers have to be, by law, so consequently, you are too.
If you’re keeping paper-based or card index systems, full of your guests details that you can easily pull up when they call you, then you may be OK for now, but possibly not from May 2018
What if someone like a new local competitor, knew about your card index system full of lovely juicy guests details that they could use for their own benefit, decided to send a burglar in to grab it?
Far-fetched, I know, but this could happen
If you are already compliant because you already use online systems, then there are some new rules coming into force in 2018 about data protection in the EU which you need to know about. GDPR which stands for general data protection regulation will mean that we will have to be super vigilant on how and why we hold customer data for citizens of the European Union.
If you’re not based in, but welcome guests from the EU, this applies to you too
We all know by now that customer data is king, which is why the big online travel agents won’t share guest details with you. They want to keep them for themselves because they know that the bigger the database, the more power they have.
But that doesn’t mean you can’t hold guests’ details
But you’ll need to be very careful about where your guests data is stored and for what reasons
Just the other day, I received a marketing email from a local hotel
Apart from being next to useless as a marketing email, it was in no way compliant with any data protection regulations, even those in force right now
It looked like a bulk email sent from a normal inbox with no message or facility for me to choose to unsubscribe. This is not legal under current regulations
I discovered later that this person had sent this marketing email because I met them at a networking event – I did not consent to this. This is borderline OK for the moment, but will be against the law from May 2018
So what do you need to do?
Your guests’ data needs to be stored in GDPR compliant online systems, not on your property. If you’re already using online systems, ask your providers what they’re doing to keep you inside the law, and for the biggest change in data protection law, what provision they are making for you to allow your guests access to their data, should they request it.
Yvonne Halling is the leading consultant, coach and mentor for Bed and Breakfasts, guests houses, inns and small hotels worldwide, where she helps them to add at least 20% to their income in one season, while increasing their happiness levels. Click on the link below to register for her next free online Masterclass where she’ll show you how to make more money, doing less work, paying less commissions with less stress