I learned a new word today.
Just when I thought the depths had already been plumbed as deep as they would go with privacy policies, some idiot presented me with this,
Yes, I had to go and look it up. My memory isn't what it once was.
As in, "We collect a nugatory amount of data when..."
The dictionary definition of "nugatory" is, "of no value or importance", or, "useless or futile".
If the data you collect is "of no value or...
There is no shortage of articles in hotel industry websites and blog telling you that "personalisation" is the way towards recovery or success.
Yes, they're probably right. Personalisation IS important when you're trying to sell to people. We all like being treated as individuals. We all like it when it appears as though we really matter to someone else. In the absence of eye contact, you can use a name and you can use what you know about behaviour.
(Before you post a comment that you can use eye contact online if you use Zoom/Teams/etc - yes you can but you need to be really, really careful - I promise you I'll address this in another blog post, let's just restrict ourselves to personalisation by name and behaviour today)
I like getting emails from people who use my first name and spell it correctly. It's an important first step for me. When an organisation has taken the time to associate my name with their message and has...
Over the last few years I have spent some time getting annoyed about privacy notices (see video above).
Part of the...
Like most businesses, we are all dealing with the effects of the COVID-19 virus. You and I are challenged with the task of running a business during lockdown and trying to work out how to emerge from the restrictions and recover.
A topic close to the heart of the hospitality industry these days is the idea of the "COVID Passport", which the government plans to use to "enable" a return to normal society.
It appears to be a reasonable idea although it turns out the concept of a passport is a hot topic of conversation. You see, amongst other things, there are data protection and privacy issues. Such a passport may be used to deny services to people. It may be used to isolate people. It may be forged and used fraudulently. The storage of personal data it would demand (it would need a very big database linking up to other items of personal data about you as an individual) presents a significant risk to your future personal privacy.
Cards on the table.
We’re not doing this just because a regulation says so.
We protect personal data and privacy because it should matter to each and every one of us. It makes sense on both a personal and business level.
As we reach the end of one of the most challenging years of our lives, those of us who have made it through ought to be thankful. We are bruised, in many cases scarred. Yet we are still here and we are preparing to make 2021 the year we recover.
We end the year with our privacy rights intact. The GDPR enhanced our rights as individuals over what can be done with our own personal data.
The regulations also makes organisations and businesses responsible for upholding those rights. Some are doing this now, many are not. Others are doing it and are making the most tremendous pills of it.
They don't mean to of course. They just... are.
For businesses, the opportunity to extract value from personal data is there for...
Just when we thought we had all recovered from the Marriott data breach, up pops Prestige Software, a Spanish software developer, who have put at risk possibly 10 million sets of transaction data going back to 2013.
You can read about it here - https://www.infosecurity-magazine.com/news/hotel-booking-firm-leaks-data/
First, it's not a malicious attack. This one was caused by the most common method. Someone made a mistake.
Mistakes happen. In this case, someone misconfigured an Amazon AWS server. For those of you who neither know nor care what that is, it's the computers on which much of our online activity is stored. They are quite complex things. Most of your technology data processors run their stuff on something similar. It's all well and good as long as you employ people who now what they're doing and you have effective security and work monitoring in place.
Someone either didn't know what they were doing or...
Today we learned of the Information Commissioner's Office (ICO - the data protection regulator in the UK) decision to fine Marriott Hotels for a breach of data protection regulations.
The fine in the UK is £18.4 million. Which is a serious amount of money.
A group legal action, currently waiting in the wings, is likely to heap further financial penalties on the hotel group. Now the ICO has completed its investigation and imposed a fine, all a lawyer needs to do is point at the ICO paper work and repeat what it says.
You can read about it in this article on the BBC website.
Part of the response to the challenge of running a hotel during the COVID pandemic has been to adopt some contactless technology.
The technology can be really easy to deploy. In some cases deceptively easy.
In the world of data protection and privacy, you need to be careful how you use the C word in polite conversation.
A note from the author:
You may have read elsewhere on these pages that we are just a bit sceptical of the notion of "compliance" with GDPR or the Data Protection Act. Some people have taken me to task about this, so here is an article which clarifies my experience and thinking on the topic. So many businesses were sold on the pig-in-a-poke notion of "compliance" in the run-up to GDPR being implemented. It is clear nowadays that compliance on its own just doesn't work. This is my view on why that might be.
Treat it as a starting point for a discussion, rather than a definition. Obviously this is based on my own experience. It would be interesting to take it further.
Allan Simpson - hotelDPO
As you read through the sales blurb created by most privacy management software providers, law firms and...
As a hotelier you are keenly aware of your reputation locally.
There will be restaurants in your area which are queued out the door at peak times while others just seem to have the couple sat in the window table. They wandered past and made the mistake of venturing inside and have now been used to make the place look busy.
People get to know what is good and what is bad and they respond accordingly. When it comes restaurants, if the food is bad people will quickly make up their minds about whether or not to return.
And when the food is bad, they don't come back. It can take a lot of effort to encourage people to come back and purchase again when their last meal with you tasted as though it had been strained through the sous chef's underwear.
I know this because I've run a few hotels. Some better than others. I've also managed catering outlets which churned out phenomenal volumes of food.
Get the flavours or textures wrong and recovery can take a...