I Learned a New Word Today

data protection Jan 13, 2022

I learned a new word today.

It was in a Privacy Policy.

Just when I thought the depths had already been plumbed as deep as they would go with privacy policies, some idiot presented me with this,


Yes, I had to go and look it up.  My memory isn't what it once was.

It was used in the context of trying to impress upon the reader that the website using this privacy policy was collecting personal data of such little consequence that we needn't bother or concern ourselves about it.  Specifically it was used to describe the data collected during the website visit.  You know, unimportant things like IP addresses...

As in, "We collect a nugatory amount of data when..."


Dictionary Definition

The dictionary definition of "nugatory" is, "of no value or importance", or, "useless or futile".

Which raises an important data protection question, to be answered by the smart alec who wrote this particular privacy policy.

If the data you collect is "of no value or...

Continue Reading...

Personalised or Creepy?


Let's Make It Personal

There is no shortage of articles in hotel industry websites and blog telling you that "personalisation" is the way towards recovery or success.

Yes, they're probably right.  Personalisation IS important when you're trying to sell to people.  We all like being treated as individuals.  We all like it when it appears as though we really matter to someone else.  In the absence of eye contact, you can use a name and you can use what you know about behaviour.

(Before you post a comment that you can use eye contact online if you use Zoom/Teams/etc - yes you can but you need to be really, really careful - I promise you I'll address this in another blog post, let's just restrict ourselves to personalisation by name and behaviour today)

I like getting emails from people who use my first name and spell it correctly.  It's an important first step for me.  When an organisation has taken the time to associate my name with their message and has...

Continue Reading...

Privacy notices are for customers. Not lawyers.

data protection Jul 12, 2021

Over the last few years I have spent some time getting annoyed about privacy notices (see video above).

It is now just frustrating.  You see, businesses all over the world seem to think they should publish a long-winded, hard-to-read "privacy policy" on their websites.  Few people read them, mainly because they simply can't be bothered to try.  The prospect of scrolling down the privacy policy page for hours at a time puts people off.

Which is a pity because a properly presented privacy notice (which is not a privacy policy) can be used to create and build trust with your customers.  You need trust if you're going to sell them anything at a worthwhile price.  Boring privacy policies just don't do it.

I have wondered just why senior business people and owners follow this itensely stupid behaviour - of publishing a difficult to read privacy policy, then hiding it at the foot of their website and doing their best not to attract attention to it.

Part of the...

Continue Reading...

"How May I Compromise Your Stay?" - Marriott Data Breach Lessons

data protection Oct 30, 2020

Today we learned of the Information Commissioner's Office (ICO - the data protection regulator in the UK) decision to fine Marriott Hotels for a breach of data protection regulations.

The fine in the UK is £18.4 million.  Which is a serious amount of money.

A group legal action, currently waiting in the wings, is likely to heap further financial penalties on the hotel group.  Now the ICO has completed its investigation and imposed a fine, all a lawyer needs to do is point at the ICO paper work and repeat what it says.

You can read about it in this article on the BBC website.

The Lessons For Hoteliers

  1. If you are buying a hotel, it will include the personal data belonging to previous and prospective hotel guests.  Make sure the vendor has been paying enough attention to the task of looking after that personal data.
  2. The devil is in the machines.  Hotels use a great many 3rd party data processors.  Many of them collect personal data and keep it for longer...
Continue Reading...

50% Complete

Two Step

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.