For example, when a consumer signs-up for Spotify and they want to use their Facebook login for ease, Spotify receives their contact info, who their friends are, location, and other details. And in return Facebook receives details on the consumers’ music tastes. However, this unchecked spread of personal information will soon be in for a change. According to GDPR, all businesses; including hotels, will soon need to know exactly where they get data from, to whom they send it, and what they do with it internally.
What is GDPR?
GDPR is an acronym for General Data Protection Regulation. It is an EU regulation that will come into effect on May 25, 2018, and generate the biggest changes in data protection in the EU since 1995. GDPR was created to bring as much uniformity into data protection as possible and is a regulation far better suited to the challenges today’s digital world poses.
But what does this mean for hotels?
Currently, the rules around collecting guest (or potential guest) data are somewhat flexible. Hoteliers can be smart with wording and use “opt-outs” and implicit consent to swiftly enrol customers up to various newsletters and email campaigns. Generalised consent requests can be used to sign people up to any number of subscriber lists, resulting in multiple ways that a hotel group can reach potential guests.
That is all changing under the GDPR. Explicit consent means that hotels must: explain to the customer what data you are capturing (the nature of the data), explain to the customer why you are capturing that data (the purpose of the data) and explain to the customer who is requesting that data (the identity of the Data Controller) and who else will have access to this data. The end result is that the person you are seeking to collect data from completely understands what data you want and what you plan on doing with it. The customer can then give you unambiguous consent.
However, the tricky part for hoteliers is that the consent someone gives you only applies to the purpose you have explicitly declared. In the past, hotel marketers could source the email address once and then reuse it across campaigns and newsletters alike. However, with the new GDPR laws coming into place, this is no longer the case. If you have captured the email for a newsletter, then you have to ask for explicit consent again for the email campaign, and so on.
All of which makes marketing to EU residents, or people in the EU more challenging which could restrict the number of guests you get through the door. However, on the positive side, those who do give consent are likely to be more engaged guests.
