Cookies on HFTP Bytes

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us give you the best possible user experience.
By using the site, you consent to the placement of these cookies. However, you can change your cookie settings at any time. Read our Privacy Notice to learn more.

I understand
  • HITEC Special: Does EU GDPR Affect U.S. Hospitality Companies?

    By Alvaro Hidalgo. The EU General Data Protection Regulation has set a path towards protecting personal data which many other countries will follow. In a global industry such as hospitality, it should be a primary objective to take the steps towards compliance.

  • HFTP Report: Hospitality Data Security — Strategy for Data Protection and Regulation Compliance

    This guide from Hospitality Financial and Technology Professionals (HFTP(R)) covers safeguards that can be implemented in hospitality businesses today, tips on how to continuously improve security and data regulation compliance.

  • HFTP GDPR Guidelines: Privacy Policies for Hotels

    This document offers points to consider in the development of a hotel’s privacy policy. In view of the multiple organisational and legal structures under which hotels operate, as well as the complexity of the third party landscape that may be part of the complete guest experience, this document serves as a guideline only.

  • HFTP GDPR Guidelines: Hospitality Guest Registration Cards

    This document offers recommendations for guest information collection on the guest registration card along with consent for use. It can be used as a guideline for loyalty cards, health data, export of data outside of the EU, privacy policies and direct marketing.

commercial

Caveau Provides GDPR and PCI Compliance Solutions for Leading South African Corporate Travel Management Company

Caveau - CardVault ·24 May 2018
Miami, FL -- Caveau, the comprehensive software platform and service designed to simplify financial transactions and protect personal and financial data, has announced it's partnering with Grindrod Travel to reduce its risks of GDPR and PCI-DSS. As one of the most established and respected travel management companies providing corporate and leisure related travel and conferencing services in South Africa, it was imperative to find a solution for safely handling credit cards and personal information of its a broad range of clients. With multiple deadlines for meeting compliance security standards for account and personal data protection looming, Caveau was able to quickly assess the travel management company's challenges and deliver customized solutions for addressing their unique requirements.The addition of Grindrod Travel to Caveau's client roster emphasizes the pressing need for flexible and affordable support dealing with compliance regulation worldwide. Says Gregg Scott-Brown Caveau Managing Director, South Africa based in Cape Town, "We're excited to be working with Grindrod Travel and other hotels, agencies and a broad range of travel-related businesses in South Africa to decrease dangers and liabilities associated with GDPR and PCI-DSS."According to Grindrod Travel Divisional Executive, Su Moller, being a single division of a large logistics company with its own IT department presented a variety of complexities in finding a solution. "The technology providers I approached to help us insisted on performing a vulnerability scan of the Travel Division, which was difficult to accomplish without including the entire organization. Time was ticking and we had to move fast. When we were referred to Caveau, their team got right to work on developing a secure vault to store our client's credit card and personal details," says Moller.Says Brian Dass, Caveau CSO, "Grindrod Travel's large client database and the sheer volume of daily transactions required us to tailor-make a system to their particular needs. As a company built by travel technology experts, our complete focus is on delivering efficient solutions for adhering to strict industry regulations to ensure positive consumer data experiences while protecting your business from financial penalties and negative reviews."Since implementing Caveau, Grindrod Travel's consultants and account staff have quickly adapted to the easy to use enterprise-grade software platform that utilizes tokenization to encrypt financial information and personal data in a GDPR and PCI DSS-compliant method. "In the end, Caveau was the quick and reliable answer to achieving compliance we were searching for," says Moller. "We are now fully compliant, which is a great relief. I'm thrilled our organization can say with the utmost confidence to our clients that their credit card details are safe with us!"About Grindrod Travel: The team at Grindrod Travel, one of South Africa's oldest travel management companies with branches in major cities, are totally committed to assist the corporate traveller with all domestic and international travel. "We are passionate about making each traveller's journey as seamless and as convenient as possible."
commercial

Caveau Announces Partnership with Sure Travel

Caveau - CardVault · 9 May 2018
Miami, FL -- Caveau, the personalized credit card vault technology designed to simplify financial transactions and safeguard personal and financial data, has announced a new partnership with Sure Travel, based in South Africa. The standardized PCI-compliant software and service custom-built for the travel industry provides a secure platform built upon Amazon Web Services (AWS) to limit dangers relating to processing, storing and transmitting credit cards and personal data in a GDPR, PCI and PII-friendly format. Caveau will deliver customized solutions to help Sure Travel meet critical new industry regulations and protect its customers, assets and public reputation.With GDPR and PCI-DSS with effective dates of May 25 and March 10, 2018, respectfully and the increasing threat of hackers and cyber theft, Sure Travel was searching to identify cost-effective ways to achieve compliance today and into the future. Says company CFO, Stefan van der Merwe, "After extensive research and a long hunt for an effective and affordable solution to secure our payment card handling processes, we are thrilled to have found a provider capable of understanding our needs. Caveau offers state-of-the-art capabilities and deep knowledge of the travel industry, enabling us to serve our global customers and partners confidently and securely."According to Caveau CSO, Brian Dass, the partnership with Sure Travel is one of a series of new relationships for the recently launched software solution capable of delivering support to travel agencies, hotels and virtually any company that handles credit cards and personally identifiable information. "We're excited to be working with Sure Travel to reduce the risks associated with of GDPR and PCI compliance. Our innovative product and comprehensive services lets travel businesses of all types and sizes focus on what they do best while avoiding fines and penalties and maintaining a sterling reputation that's so crucial to success."Caveau is providing Sure Travel with a validated product for assisting with GDPR and PCI-compliance that's easy to use and backed by exceptional 24/7 global technical support. Additional benefits include:Seamless integration or tokenization with 3rd-party GDSs, PMSs and OTAsLower costs managing secure transactions and data storageMinimize risks of harmful reviews and negative publicityImproved consumers trust and increased booking revenuesAbout Sure Travel: Sure Travel is owned by holding company Sure Holdings (Pty) Ltd, which also includes the travel services divisions Sure Corporate, Agent Points and Sure Online. The recognized and respected travel brand has over 80 agencies in South Africa, Namibia and Botswana offering holiday packages, flight specials, car hire, foreign exchange, travel insurance and corporate travel services.
commercial

Caveau Partners with Hotels & Travel Agencies Ahead of GDPR and PCI Deadlines

Caveau - CardVault · 3 May 2018
Miami, FL: Caveau, the all-in-one software platform custom-built for the travel industry for safeguarding sensitive data exchanged at the point of transaction is providing businesses around the world with fast and affordable solutions for achieving GDPR and PCI DSS compliance. With looming deadlines on May 25 and June 30, 2018, respectfully, hotels and agencies are looking for efficient ways to meet strict new requirements going into effect. Most recently, the company announced it is working with Aparto Suites Muralto, an "All Suites" hotel service in Madrid, Spain, to assist in bridging the gap in its credit card collection process, specifically in transactions made directly to the hotel by telephone, email or fax.Jose Luis Alonso, the Director of Aparto Suites Muralto, is charged with adapting all procedures and structures to meet the latest tourism business standards. According to Alonso, it was a struggle to find a provider who understood their need for a GDPR and PCI DSS-compliant method to collect credit card details but not automatically take the payment when guaranteeing client reservation. "After months of searching, I couldn't find a solution that was not a payment gateway through a bank and linked to the web page. Since our problem was unique to the hospitality industry, Caveau were the only ones that understood what I needed," he says.Within a matter of days, Caveau was able to deliver the tools Aparto Suites Muralto required to collect and protect its client's credit card data no matter the method it's provided. Says Caveau CSO, Brian Dass, "This was another case of our experience and understanding of the travel space coming into play in helping hotels reduce the risks of GDPR and PCI DSS compliance. Our personalized credit card vault technology is designed to limit dangers relating to processing, storing and transmitting credit cards and personal data in a GDPR, PCI and PII-friendly format. We're proud to offer flexible and affordable solutions for meeting critical new industry regulations, protecting your Guests Data experience, your valuable assets and your online reputation."With Caveau, hotels accepting financial information are able to send a time-sensitive link to the client to safely collect the data. "We have inserted this tool in our reservation process inside the property management system and those confirmed by email, increasing the reliability and the security of direct reservations. We're pleased to have found an answer that fit our budget and completely solved our problem, and our customers are happy knowing their personal information is 100% secure," says Alonso. Caveau has also delivered a customized solution for filtering emails containing credit card numbers and personally identifiable information and is working to set up a payment gateway through a bank to process direct, web and OTA reservations. "I am pretty sure we are now leaders and pioneers in the compliance of the PCI DSS thanks to our partnership with Caveau!"About Aparto Suites Muralto: An establishment of reference in Madrid center for their originality, innovation and level of customer satisfaction, Aparto Suites Muralto provides All Suites lodgement for business and personal travel in addition to buffet breakfast and covered parking. Established in 1974, the apartment-style hotel is situated in one of the most desirable tourist areas in proximity to the city center, just a short walk to the main monuments, shopping areas and gastronomic centers in Madrid. Contact Aparto Suites Muralto at +34915424400, director@muralto.es , www.muralto.es

Newletter

Thank you for subscribing. Your email address has been added to our mailing list.
Close
To subscribe to the GDPR Bytes Newsletter please enter your contact details below.
An error occured, please check your input and try again.
I do want to receive the GDPR Bytes email newsletter.
By submitting this form, you have read and agreed to the Privacy Notice of HFTP.
You may unsubscribe to these emails at any time.
CancelSubscribe