The notion of the use of someone's personal data by a business being somehow "voluntary" crops up from time to time. It has done so again today in an article about the interesting new advertising proposals from Marriott. You can read about it here.
The issue here is not the proposed use by Marriott of their app related data (although we will perhaps look at hotel apps and how some of them use personal data another day). No. Today I am taking issue with the following sentence which appears in this article. It says,
"As consumers opt out in large numbers, travel marketers think more about capturing and using so-called first-party data like email addresses that consumers voluntarily share with brands, such as when joining a hotel loyalty program."
Here's the thing. People never give you their personal data voluntarily. No they don't. Not ever.
(to be fair, I don't think Marriott themselves use the "V" word, I think it's the journalist who...
Is your use of other people's personal data properly managed or will your response to your next data protection challenge be determined by a quick game of rock, paper, scissors?
This is our goal for data protection and privacy in the UK hospitality industry:
"No more random acts of data protection."
It is part of the answer to a very serious problem all hotels face. The problem is this:
Privacy is contextual. Your management of privacy and data protection depends heavily on the context of your use of, the availability of and the risks surrounding personal data. This is a fluid environment, it changes shape regularly. Which means it can be very frustrating to deal with.
The problem with frustration is that it quickly leads to people not making what might be considered "the best" decisions or introducing "the best" solutions to problems.
Which means you end up with random acts of data protection (and privacy). For example, think about cookie banners on...
It must be true. It says so in the Financial Times.
In March 2022 the FT published an interesting article about how vulnerable to attack hotels can become. You can read it here.
Implementing technology is expensive. In many cases it is the answer to the challenge of finding staff to provide services, or at least part of it. Check in kiosks, for example, are becomeing more common as hotels seek to cut their need for staff skills which are becoming increasingly scarce.
Hoteliers are also encouraged to "personalise" both the guest stay and sales promotions. Obviously, personalisation means collecting and using personal data. The more personal data you hold, the more attractive you are to hackers.
You see, these attacks always follow the money. You will have systems in your hotel which handle transactions. There will be key staff with access to payment systems which represent a juicy and profitable target for hackers. What are you...
The four pillars of personal data management for hoteliers.
The very first hotel client I talked to about GDPR just looked at me and said,
“We’ll do it when they make us.”
That meeting didn’t last long and I don’t know what became of the fellow. Since then I have learned more about what hotel managers really want from their management and use of personal data. Experience across sectors has tested this and proved it to be true most of the time. It is based on four pillars of what you really want. Is it true for you?
1 - Transformation
Any project to establish how you will process personal data for your business needs to demonstrate transformation. It needs to take you from where you are today to where you want to be.
This transformation needs to be quick, inclusive and measurable. Even better if it is also profitable and reduces risks in a way you can demonstrate to...
Possibly, but only if you do this first!
The Covid-19 pandemic has caused a dramatic change in the adoption of technology as hoteliers seek to give themselves every possible advantage in recovery.
Changes to the “technology stack” which might previously have taken years are now being achieved in months. Yet whilst making changes in the use of technology in your hotel, when that technology involves personal data you need to make sure you’re doing it right.
Do you know what your hotel technology actually does?
Know your data processors
Hotels use lots of data processors. You regularly use specialist services to provide the technology and skills you can’t keep up with yourself. And why not? You’re good at running a hospitality business, you don’t need to know how to manage an email server.
Which means instead you use services provided by vendors of property management systems, websites, commercial...
Boring, often copied from elsewhere, irrelevant, over-long and missing the point. There is a better way.
They are brain numbingly boring
Often they have been copied from a competitors website or are the result of somebody filling in a template but failing to read the instructions first.
Most of the examples on hotel websites are difficult to find, hidden as they are in the bowels of the home page footer text. You need to scroll a lot and make sure you’re well prepared. Wear your best reading glasses…
Do you make the most of the value and competitive advantage at your fingertips?
For many hotel managers the task of data protection is a hassle they could really do without. Not recognising the potential benefits, they set off on the route towards the mythical state of “compliance”.
And now, some years down the road, they are no better off.
The boilerplate text is on the website pages, the ersatz “fill in the blanks” templates have been completed, the snake oil has been bought and consumed. GDPR has not brought any business benefits.
If you aimed for “compliance” alone you have probably already realised something is missing. You can’t see any results from the effort you made or invested in.
The results aren’t there because compliance alone cannot be sustained. Instead it needs to be supported, it needs to be kept in touch with your daily activities. ...
Outsourcing the privacy management jobs you don’t have time for lets you focus on what you do so well.
The challenge for you as a hotel manager is to keep up with the demands of your business. You know from experience that if you let it, your hotel can consume your time like nothing else in the world.
Then along comes privacy and data protection regulation. Laws and regulations aren’t new, you already work with more than your fair share. Yet this one is different. It demands specialist knowledge and places much more responsibility on your shoulders.
Get privacy working for you
If all you decided to work towards since the arrival of GDPR was “compliance”, chances are you haven’t realised the advantages for your marketing, customer relationships and sales revenue.
Which is a pity. You could have used them to make a busy hotel. Instead, if you’re trying to juggle privacy management...
I learned a new word today.
Just when I thought the depths had already been plumbed as deep as they would go with privacy policies, some idiot presented me with this,
Yes, I had to go and look it up. My memory isn't what it once was.
As in, "We collect a nugatory amount of data when..."
The dictionary definition of "nugatory" is, "of no value or importance", or, "useless or futile".
If the data you collect is "of no value or...
There is no shortage of articles in hotel industry websites and blog telling you that "personalisation" is the way towards recovery or success.
Yes, they're probably right. Personalisation IS important when you're trying to sell to people. We all like being treated as individuals. We all like it when it appears as though we really matter to someone else. In the absence of eye contact, you can use a name and you can use what you know about behaviour.
(Before you post a comment that you can use eye contact online if you use Zoom/Teams/etc - yes you can but you need to be really, really careful - I promise you I'll address this in another blog post, let's just restrict ourselves to personalisation by name and behaviour today)
I like getting emails from people who use my first name and spell it correctly. It's an important first step for me. When an organisation has taken the time to associate my name with their message and has...