JEM is pleased to welcome the addition of 7 Scottish hotels under the management of the ICMI group to our portfolio of service customers.
After working with a variety of hospitality providers in 2018 looking at their GDPR preparedness, including the ICMI family, it was great to be asked to offer a support function to these businesses. Although each one is different in their execution, the principles remain the same – there is staff data, supplier data and guest data: all of which needs to be looked after.
Data in the hotel industry can be more complex than at first may be thought. Food sensitivities recorded in the kitchens; Immigration and Hotel Regulations (1972) requiring the collecting and holding of travel plans, passport and other information; child data; the transitory and seasonal nature of staff meaning many ‘right to work’ checks; live-in staff; booking systems – and the relationships with 3rd party booking channels (such as Booking.com, TripAdvisor etc. ); CCTV systems – both external and internal: all make for an exciting and interesting data environment.
Well… exciting to me.
And as we have seen in the case of IHG at the end of last year, the potential downfalls of imperfect cyber-security in loyalty clubs.
Having stayed in a few hotels this past year, both on business and personal travel, I believe there is some way to go in the industry (Oh yes, I’ve been taking notes!). It is great that ICMI are making a concerted effort on behalf of their clients to get ahead of the game.
As with everything GDPR, it all comes down to knowing what you’ve got, why you’ve got it and what you do with it. Start with that basic information and the rest flows from there.
So we’re looking forward to getting to know each of the teams in more depth, and having already worked on the policies, helping with their processes and procedures in the coming months.
Jim
Do you own a small B&B – or even a large hotel – that needs a fresh set of eyes on it’s personal data management? JEM can help: get in touch!
FEB
2019
About the Author:
With over 30 years’ experience in the IT sector, Jim is ideally placed to lead and support initiatives in data handling and data security. He is both a Certified DPO (IBITGQ 1000104) and qualified GDPR Practitioner (IBITGQ 982862). As well as data privacy, he is very happy to talk about travelling, cycling, skiing or basketball. But it's mainly privacy.