Customer Data: Whatever it is, it's NOT voluntary

personal data May 17, 2022

The notion of the use of someone's personal data by a business being somehow "voluntary" crops up from time to time.  It has done so again today in an article about the interesting new advertising proposals from Marriott.  You can read about it here.

The issue here is not the proposed use by Marriott of their app related data (although we will perhaps look at hotel apps and how some of them use personal data another day).  No.  Today I am taking issue with the following sentence which appears in this article.  It says,

"As consumers opt out in large numbers, travel marketers think more about capturing and using so-called first-party data like email addresses that consumers voluntarily share with brands, such as when joining a hotel loyalty program."

Here's the thing.  People never give you their personal data voluntarily.  No they don't.  Not ever.

(to be fair, I don't think Marriott themselves use the "V" word, I think it's the journalist who...

Continue Reading...

No more random acts of data protection


Is your use of other people's personal data properly managed or will your response to your next data protection challenge be determined by a quick game of rock, paper, scissors?

This is our goal for data protection and privacy in the UK hospitality industry:

"No more random acts of data protection."

It is part of the answer to a very serious problem all hotels face.  The problem is this:

Privacy is contextual.  Your management of privacy and data protection depends heavily on the context of your use of, the availability of and the risks surrounding personal data.  This is a fluid environment, it changes shape regularly.  Which means it can be very frustrating to deal with.

The problem with frustration is that it quickly leads to people not making what might be considered "the best" decisions or introducing "the best" solutions to problems.

Which means you end up with random acts of data protection (and privacy).  For example, think about cookie banners on...

Continue Reading...

Hotels In Hacker's Sights as Technology Replaces Personal Touch

data protection May 03, 2022

It must be true.  It says so in the Financial Times.

In March 2022 the FT published an interesting article about how vulnerable to attack hotels can become.  You can read it here.

Implementing technology is expensive.  In many cases it is the answer to the challenge of finding staff to provide services, or at least part of it.  Check in kiosks, for example, are becomeing more common as hotels seek to cut their need for staff skills which are becoming increasingly scarce.

Hoteliers are also encouraged to "personalise" both the guest stay and sales promotions.  Obviously, personalisation means collecting and using personal data.  The more personal data you hold, the more attractive you are to hackers.

You see, these attacks always follow the money.  You will have systems in your hotel which handle transactions.  There will be key staff with access to payment systems which represent a juicy and profitable target for hackers.  What are you...

Continue Reading...

The uncomfortable truth about what you really want 

outsource Mar 13, 2022

The four pillars of personal data management for hoteliers.

The very first hotel client I talked to about GDPR just looked at me and said,  

“We’ll do it when they make us.”  

That meeting didn’t last long and I don’t know what became of the fellow. Since then I have learned more about what hotel managers really want from their management and use of personal data.  Experience across sectors has tested this and proved it to be true most of the time.  It is based on four pillars of what you really want.  Is it true for you?   

1 - Transformation 

Any project to establish how you will process personal data for your business needs to demonstrate transformation. It needs to take you from where you are today to where you want to be. 

This transformation needs to be quick, inclusive and measurable.  Even better if it is also profitable and reduces risks in a way you can demonstrate to...

Continue Reading...

Will technology save your hotel?

outsource Mar 13, 2022

Possibly, but only if you do this first! 

The Covid-19 pandemic has caused a dramatic change in the adoption of technology as hoteliers seek to give themselves every possible advantage in recovery. 

Changes to the “technology stack” which might previously have taken years are now being achieved in months.  Yet whilst making changes in the use of technology in your hotel, when that technology involves personal data you need to make sure you’re doing it right.

Do you know what your hotel technology actually does?

Know your data processors 

Hotels use lots of data processors.  You regularly use specialist services to provide the technology and skills you can’t keep up with yourself.  And why not?  You’re good at running a hospitality business, you don’t need to know how to manage an email server. 

Which means instead you use services provided by vendors of property management systems, websites, commercial...

Continue Reading...

“See Our Privacy Policy” - Seriously? You want me to read your privacy policy??

marketing Mar 13, 2022

Boring, often copied from elsewhere, irrelevant, over-long and missing the point. There is a better way. 

You might recognise the problem straight away.  Especially if you have ever followed a link to a website privacy policy. 

They are brain numbingly boring 

Often they have been copied from a competitors website or are the result of somebody filling in a template but failing to read the instructions first.  

Most of the examples on hotel websites are difficult to find, hidden as they are in the bowels of the home page footer text.  You need to scroll a lot and make sure you’re well prepared.  Wear your best reading glasses… 

Then, having made all that effort, your time is wasted when the business involved completely misses the point.  The information you need is difficult to find (if it is there at all) and the “privacy policy” is about as close to the mythical state of compliance as I am to competing in...

Continue Reading...

How do you really manage the personal data your hotel business needs?

marketing Mar 13, 2022

Do you make the most of the value and competitive advantage at your fingertips? 

For many hotel managers the task of data protection is a hassle they could really do without.  Not recognising the potential benefits, they set off on the route towards the mythical state of “compliance”. 

And now, some years down the road, they are no better off. 

The boilerplate text is on the website pages, the ersatz “fill in the blanks” templates have been completed, the snake oil has been bought and consumed.  GDPR has not brought any business benefits. 

No sustainability 

If you aimed for “compliance” alone you have probably already realised something is missing.  You can’t see any results from the effort you made or invested in. 

The results aren’t there because compliance alone cannot be sustained.  Instead it needs to be supported, it needs to be kept in touch with your daily activities. ...

Continue Reading...

When it comes to data privacy, you want a busy hotel - not a busier hotelier

marketing Mar 13, 2022

Outsourcing the privacy management jobs you don’t have time for lets you focus on what you do so well.

The challenge for you as a hotel manager is to keep up with the demands of your business.  You know from experience that if you let it, your hotel can consume your time like nothing else in the world. 

Then along comes privacy and data protection regulation.  Laws and regulations aren’t new, you already work with more than your fair share.  Yet this one is different.  It demands specialist knowledge and places much more responsibility on your shoulders.  

Get privacy working for you 

If all you decided to work towards since the arrival of GDPR was “compliance”, chances are you haven’t realised the advantages for your marketing, customer relationships and sales revenue. 

Which is a pity.  You could have used them to make a busy hotel.  Instead, if you’re trying to juggle privacy management...

Continue Reading...

I Learned a New Word Today

data protection Jan 13, 2022

I learned a new word today.

It was in a Privacy Policy.

Just when I thought the depths had already been plumbed as deep as they would go with privacy policies, some idiot presented me with this,


Yes, I had to go and look it up.  My memory isn't what it once was.

It was used in the context of trying to impress upon the reader that the website using this privacy policy was collecting personal data of such little consequence that we needn't bother or concern ourselves about it.  Specifically it was used to describe the data collected during the website visit.  You know, unimportant things like IP addresses...

As in, "We collect a nugatory amount of data when..."


Dictionary Definition

The dictionary definition of "nugatory" is, "of no value or importance", or, "useless or futile".

Which raises an important data protection question, to be answered by the smart alec who wrote this particular privacy policy.

If the data you collect is "of no value or...

Continue Reading...

Personalised or Creepy?


Let's Make It Personal

There is no shortage of articles in hotel industry websites and blog telling you that "personalisation" is the way towards recovery or success.

Yes, they're probably right.  Personalisation IS important when you're trying to sell to people.  We all like being treated as individuals.  We all like it when it appears as though we really matter to someone else.  In the absence of eye contact, you can use a name and you can use what you know about behaviour.

(Before you post a comment that you can use eye contact online if you use Zoom/Teams/etc - yes you can but you need to be really, really careful - I promise you I'll address this in another blog post, let's just restrict ourselves to personalisation by name and behaviour today)

I like getting emails from people who use my first name and spell it correctly.  It's an important first step for me.  When an organisation has taken the time to associate my name with their message and has...

Continue Reading...
1 2 3

50% Complete

Two Step

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.