Busting 3 Hotel Tech Myths That Are Costing You Revenue
A hotel consultant debunks 3 common hotel technology myths. Learn why new tech isn't always the answer & how to truly optimize hotel operations for profit.
GDPR has reshaped the landscape for hoteliers, with strict penalties if you don’t comply, making it essential to stay prepared. In our last article, we introduced you to GDPR, outlined its impact on the hotel industry, and how it affects hotel marketing campaigns.
Here, we offer our Top Ten Tips to help you stay compliant with the GDPR in today's landscape.
1. Educate Your Staff on GDPR
Everyone in your organization who deals in collecting PII (Personally Identifiable Information) should be aware of GDPR. They must understand how to collect, access, use, and disclose personal information as well as how to restrict access to cardholder data. Employees must also be advised on how to manage online security and know how to properly dispose of documents containing payment card data. Hotel Management should continuously update their knowledge and understand any necessary changes to procedures or systems and the impact on their departments.
2. Understand Guest Rights Under GDPR
Here is an outline of European guest rights under GDPR:
- The right to access his/her data
- The right to rectification
- The right to erase
- The right to restrict processing
- The right to transfer his data to another party
- The right to object
- The right not to be included in automated marketing initiatives or profiling
As a hotelier, you will need to be prepared for when a guest makes a request. You must reply within one month, free of charge. If you refuse a request, you must inform the guests about your reasons, provide any details about the Privacy Commission, and the name and contact details of your DPO (Data Protection Officer, more on this in point 8) so that the guest understands how to file a complaint.
3. Communicate Clearly About Data Collection
Under GDPR you must clearly state what data you are capturing (the nature of the data), explain to the customer why you are capturing that data (the purpose of the data), and explain who is requesting that data (the identity of the Data Controller) and who else will have access to this data. You must also state how long you will keep that data. This reasoning is that this will be enough to allow the customer to make an informed decision to opt-in. You can easily do this on the registration card or when checking-in online. You must remember to adapt all legal statements and customer agreements to the new legislation. Please note that you can only use the data for the agreed reason that the customer gave and not for multiple marketing campaigns.
4. Collect Only Necessary Guest Information
Review what information you’re asking a guest for and decide what’s really necessary. For example, a guest departure date is an essential piece of information, but asking for their date of birth may not be.
5. Obtain Explicit Consent from Guests
Due to the GDPR ‘explicit consent’ rule, it’s essential that you review how you are obtaining and recording guest consent. Guests arrive at a hotel via multiple sources, including travel agents, telephone reservations, or even walk-ins. You must consider all and give clear ‘opt-ins’. Pre-ticked boxes aren’t going to work this time.
There is also an additional consideration for children under 16 years of age. You must seek the authorization of parents or responsible adults to process a minor’s data. You must also consider what to do if a guest withdraws consent and be clear on GDPR guidelines.
6. Maintain a Comprehensive Data Register
Document the information you are holding, where you’re storing it, where it’s from and who you will be sharing it with. You’ll also have to note that the guest has consented in this data collection. The Data Register is essential to map all your data streams. You may need to review your current policies and procedures to accommodate this.
With HotelMinder, match with vetted hotel experts to solve your operational problems.
- Access specialists to boost occupancy, ADR & revenue.
- Effortlessly upgrade your technology and online presence.
- Quickly solve complex distribution and technology challenges.
7. Enhance Data Security Measures
Hoteliers are vulnerable to data breaches and theft because, as an industry, they collect so much information from multiple sources. Be ready to detect and remedy any theft of personal data. The data register should be able to provide insight into which pieces of data are concerned. Any incident should be reported within 72 hrs to the Privacy Commission, for all cases where there is a risk that guest data may have been compromised. You must also ensure your network and storage systems are up-to-date with the latest intrusion detection programs and should have successfully passed penetration testing.
8. Ensure Robust Data Protection
Consider Data Protection principles for any new tool or procedure undertaken, right from the design stage. An Impact Assessment is required when major new technology is introduced or significant upgrades are taking place on systems that contain personal data.
Nominate a Data Protection Officer (DPO) who is knowledgeable on the importance of personal data processing. Although this could be an additional task for an existing employee, it is mandatory to have a DPO when you handle large volumes of personal data. He must be aware of the hotel data flow and have a copy of the Data Register at all times. The DPO must be named on all privacy statements on any media. When filing a complaint, the guest will reference the DPO by name.
9. Know Your Third Parties' GDPR Obligations
It’s likely that you’ll be dealing with third parties or subcontractors on your data collection journey. Make sure you are aware of who they are and what your current contractual obligations are.
Some of them might be:
- Your website design agency
- Your Website Booking Engine
- Your Property Management Software
- Your Channel Manager
Review these contracts to include any GDPR-related aspects, ensure that the contractor is aware of his obligations under GDPR, and that services or systems help you meet your GDPR requirements.
10. International/Group Hotels GDPR Considerations
For International and Group Hotels, it’s important to align procedures across the group and nominate a lead (presumably the country or regional office) for the coordinated GDPR efforts. If you are present in multiple EU countries, it is required to identify a "main establishment" and also the country lead supervisory authority.
Conclusion
Preparation, knowledge, and good online security systems are key under GDPR. You will need to create a hotel strategy which ensures that all GDPR compliances are met.
If you still feel swamped, get in touch with us and we will help you devise a plan which works for your organization. You simply can’t be left behind on this one!
Written by HotelMinder
We help busy hoteliers find, setup and run the right applications and services to manage business according to their needs, budget, technical and human resources requirements.
About HotelMinder
HotelMinder brings value to hoteliers through a Knowledge Hub, a Technology Marketplace and one-to-one hotel management consulting services. With our 50+ years of combined expertise, we provide actionable solutions to critical business challenges, while establishing a relationship based on trust, engagement and mutual benefit. We help hotels meet and exceed their business goals through an in-depth analysis of consumer insights, business requirements and opportunities.
We are excited to announce the launch of Lobby, a brand-new network of hospitality consultants, which connects hospitality industry decision-makers with carefully vetted hospitality experts to deliver faster, more effective, actionable solutions to hoteliers’ top problems – launching to the public in October 2025.
If you are a hotelier who needs support, information or advice, or a hospitality industry expert who wants to help hoteliers achieve their business goals, you can enter the Lobby for free.
Next up in: Hotel Management
Hotel Management Structure and Organization: Building a Team
7 Best Books That Every Hotel Manager Should Read
The Importance of Market Research in the Hospitality Industry
How to Configure Your Hotel Rooms and Rooms Types?
How to Write a Winning Hotel Business Plan (Step-by-Step Guide)
The HotelMinder Promise
Your trust is our top priority. Whether you're choosing technology or connecting with an expert, we're committed to transparency. Here’s how we ensure you get unbiased, reliable guidance. Learn more about our promise.
Browse Knowledge Hub
Technology
Marketing
Revenue
Receive our latest articles directly into your inbox —
subscribe to Newsletter
Find the best technology for your hotel business, today.
HotelMinder, it's all the help you need to transform your hotel's digital presence and maximize performance.
Learn from Our Experts
Check out the latest insights, news and articles from the HotelMinder team, industry leading technology vendors and hospitality consultants.
HotelMinder Launches Lobby: the Hotelier Expert Network for On-Demand Support
Access world-class hospitality expertise with Lobby. Our on-demand hotelier expert network offers proven solutions for revenue management, marketing, and technology challenges. Join free.
How hotels can stand out in a Gen AI world: a practical guide
Learn Generative Engine Optimization (GEO) to boost your hotel's visibility on AI platforms like ChatGPT. Our guide covers websites, reviews, and OTAs. Get seen.
Hotel CRS: What It Is, How It Works and Benefits for Modern Hotels
Discover what a Hotel CRS (Central Reservation System) is, how it integrates with your PMS, channel manager, and booking engine and the key benefits it brings to hotel operations, revenue and guest experience.
Discover more insightful articles in our Knowledge Hub and Partners Hub.
We Only Share Helpful, Educational Content. No Spam Ever.
Sign up for expert insights, exclusive offers, and real solutions made for hoteliers like you.