GDPR: What hoteliers need to know

What is the GDPR?

Intended to strengthen and unify data protection for all individuals within the European Union (EU), The General Data Protection Regulation comes into effect 25 May 2018. Any company, anywhere, that has a database that includes EU citizens, is bound by its rules.
As a hotelier, the GDPR will apply to the data you collect and process from guests originating from the EU. The GDPR aims to give EU citizens more control over their personal data, and affords them the right to request:

  • If a hotel has information on the guest stored
  • Ask the hotel to produce it
  • Have the ability to modify and/or remove the information

Are you prepared?

The GDPR is all about the privacy rights of your guests. Hoteliers must provide customers with detailed information on why it needs to process personal data and how long the hotel plans to keep the data for. Any hotel that processes data of EU guests will be affected by the GDPR and have to be compliant.

Hoteliers need to change their mindset on why they are collecting and storing data. The more descriptive you can be about why you need to have that customer’s data, and how it can ultimately help them, will improve the likelihood they grant consent or opt-in.

Hoteliers will need to make data capture points clear, and have an explicit opt-in option to store guest data. This includes the hotel’s website, and the use of guest emails for newsletters, or marketing campaigns, as you will need clear opt-in buttons at every stage.

Example: If you capture an email for a newsletter you have to ask for explicit opt-in to use the email for an email campaign.

Those that give consent are likely to be more engaged guests/qualified leads, which will help you focus on building your loyalty strategy.

Before the GDPR comes into effect, it would be good for you to review your accommodation’s data collection policy.

Be sure to revise your privacy policies and disclaimers, and be transparent about the information you need to provide to be compliant.

What happens if you don’t comply?

The GDPR is retroactive, so if you have old data you need to erase it or get it into compliance.
Non-compliance could cost hoteliers 4% of your revenue or 20 million euros in fines, depending on which is the higher amount.

Breaches of data will need to be reported immediately and the rules say you have 72 hours to comply.

Preno complies with the GDPR

Our cloud-based system makes it easy for you to comply with the GDPR.

GDPR requires you to provide EU citizens the rights to see what data a company has collected about them, control how that data is shared with other companies, and the right to have all their data deleted.

We have reviewed our internal processes to ensure we are compliant with GDPR. If you have any GDPR requests, please reach out to us at Preno through our live chat function in the bottom right of the screen or contact us.

Search Preno Blog

Explore our Topics

About the author

Amelia is Preno’s CEO and Co-Founder. As a former hotelier, she enjoys writing about the latest hotel industry news and trends.

Subscribe to our newsletter

Other Blogs you may also like


How Preno’s Dynamic Pricing Gained The Pink Hotel an Extra $18.64 per Booking

Earlier this week, we announced the release of Preno’s highly anticipated tool—Dynamic Pricing. Specifically designed for hoteliers, this tool works in the background constantly adjusting room rates for properties. It increases the price of a room as demand increases, allowing hoteliers to increase additional revenue from their limited number of rooms. In preparation for the […]


The five biggest mistakes your hotel probably makes

Running a small or boutique hotel is never as simple as a good night’s stay. If your hotel is just scraping by but not reaching the profit margins you’d hoped for, it’s time to take a look at the most commonly overlooked errors that so many hotels make. 1. Neglecting your brand So you’ve got […]


Travel trends: The future of the guest experience

As the guest experience remains a pivotal aspect of the travel industry, more travel brands will move towards being an experience platform. This will allow travelers to book flights, accommodation, activities, and dining in one place, the future of the travel industry lies in brands being able to provide an immersive, personalised guest and travel […]


A day in the life of the Preno sales team

Shining a light on our sales team, & their day-to-day working at Preno For many industries, working in sales can be rather cut-throat, but for the accommodation industry, it’s all about building relationships. For 2020 in particular, it has been about helping hoteliers adapt to change and supporting them during a global pandemic. Here at […]


Benefits of Online Reputation Management for Your Hotel

Hotel businesses rely on their reputation to stay in business. A hotel’s online presence and the reviews it receives are essential for acquiring new customers, retaining existing ones and increasing revenue. That is why many hotels have adopted online reputation management (ORM) techniques to ensure that their brand remains positive and trustworthy. Definition and purpose […]


Why hotels should care about PCI compliance

Accommodation providers need to ensure that they are safeguarding themselves against the threat of data fraud. The hospitality sector has been a target for fraudulent behavior and security issues, and even big hotel chains have experienced credit card security problems. Hotel chains Hilton, Starwood, and Hyatt have all reported credit card security issues. With many […]