• Compensation and Benefits... An Important Combination When Attracting and Retaining Talented Staff

    Figuring out the right combination of compensation and benefits is the key to attracting and retaining top talent within your organization. Since 2002, the HFTP Americas Research Center has been tracking trends and publishing the HFTP Compensation and Benefits Survey.

  • GDPR in Hospitality: Vendor Compliance Query Template Available to Industry

    As a professional association, Hospitality Financial and Technology Professionals (HFTP®) created a group of hospitality industry experts to develop hospitality-specific guidelines to assist with preparation for General Data Protection Regulation (GDPR) compliance.

  • HFTP Hospitality DPO Task Force Outlines Objectives as Industry Prepares for GDPR May 2018 Deadline

    The European Union (EU) General Data Protection Regulation (GDPR) that was announced in April 2016 put in place a substantial mandate on EU-based organizations, as well as any organization doing business with EU citizens.


What impact will GDPR have on hotels?

eHotelier.com·19 February 2018
Over the last couple of years, the hotel industry is considered as one of the most vulnerable to data threats. It was reported that the hotel industry accounts for one of the highest numbers of breaches in any sector. With the introduction of the General Data Protection Regulation (GDPR), new laws will be put in place that seeks to safeguard the rights of EU data subjects. But what is GDPR exactly? GDPR is a new set of rules designed to give citizens more control over their data.

Why GDPR Matters

CFO Magazine·16 February 2018
The European Union’s General Data Protection Regulation, or GDPR, takes effect on May 25, 2018, and will have major implications for businesses with connections to Europe. GDPR is designed to protect an individual’s right to control the use of his or her personal data and is broadly drafted to apply to a wide range of personal data on any natural person, regardless of his or her nationality. Under GDPR, personal data includes, but is not limited to, customer data, such as dates of birth, mailing addresses, IP addresses, product purchases, payment information, supplier data, and employee data. Personal data also includes “sensitive data,” such as health information and information on race and sexual orientation.

The Ultimate GDPR Guide for Marketers and Businesses - appinstitute.com

appinstitute.com ·13 February 2018
Much has already been written and discussed in the public domain regarding the GDPR, but still, many business owners are a little unsure of what the GDPR entails, and whether or not they are affected. With this article I hope to add some clarity, explaining what the General Data Protection Regulation is, which businesses it affects - and how - along with answers to some common questions frequently asked about the GDPR, and some steps you can take to move your business towards compliance.

GDPR - EasyJet brings data on board, but will it take off? - tnooz.com

tnooz.com ·13 February 2018
It is estimated that 90% of the world's data was generated in the past two years, yet brands still are only using half of it. Everywhere you turn brands are claiming the status of data pioneer, hoping to be heard above the noise.With GDPR set to come into force in May, we will witness a dramatic change in the way businesses use data, and whilst it's useful to have an individual or team in charge of driving that change, it is far more important to change the mindset and structure of the business as a whole.The travel industry, in particular, will feel the full force of the introduction of GDPR, mainly due to the large amount of personal data it collects from consumers, ranging from home addresses to medical data.As the industry reels from a slew of negative PR stories from the latter half of 2017, from Monarch ceasing trading to Ryanair leaving passengers stranded, it is more vital than ever that they are fully prepared for the upcoming regulations. However, this cannot be the responsibility of a single data officer.

The tightrope between privacy and personalisation for hotels around data

hotelmarketing.com· 9 February 2018
Whether you’re using it to improve your guest experiences, or focussing on keeping it secure, there is no doubt that 2018 is going to revolve around data. From personalisation, to making sure that you’re in line with the General Data Protection Regulation (GDPR), data is definitely going to be a hot topic for the first half of the year. Personal data is a powerful marketing and guest experience tool and key to a hotel’s relationship with their guests. However, hotels must be cautious as to how they handle personal information [so that they don’t] violate their guests’ right to privacy.

Data Accuracy Biggest Barrier to Personalisation

eHotelier.com· 7 February 2018
A new survey from Travel Technology Europe reveals that many hotel and travel companies want to embrace greater personalisation in their marketing but are being held back by data accuracy issues. Over half (51%) of respondents reported getting accurate customer data to be a challenge.

Guests from the European Union Could Soon Cost Unprepared Hoteliers

Hotel Online· 2 February 2018
As of May 25, 2018, hotels accepting reservations from citizens of an European Union (EU) country could be at risk for fines, depending on how those reservations were made. This is because hotels may fall under the purview of the new General Data Protection Regulation (GDPR) when it takes effect. GDPR was designed to better protect EU citizen data and ensure that companies storing that data should possess it. Standards vary based on where the data originates from, but generally any information like name, address, credit card number, etc. is covered. In the domestic U.S., protected data is defined as Personally Identifying Information (PII). And, as defined by GDPR, for an EU citizen it is known as Personal Data. Failure to protect the PII or Personal Data to the right standard could bring a hefty bill, or upon consistent failure, even an order to cease business in EU countries. Current U.S. based data privacy regulations require companies to notify customers if a data b

GDPR: Only 29pc of start-ups encrypt the data they collect - siliconrepublic.com

siliconrepublic.com · 1 February 2018
A survey of more than 4,000 start-ups around the world shows that many are ill-prepared for GDPR. The GDPR deadline of 25 May is just around the corner, and a survey commissioned by email service provider Mailjet shows that start-ups are in dire need of re-examining how they handle their data. The survey, which was launched on Product Hunt, received responses from more than 4,000 start-ups in the US, the UK and France

Keeping in touch with trends for the year ahead

Tnooz· 9 January 2018
There are so many innovations in hotel and travel technology at the moment that it is a challenge to single out what will be the must-have technology of 2018. Crucial to buyers in Europe will be technology that helps them comply with the glut of regulations that come into effect in 2018 – PSD2, the updated Package Travel Directive and GDPR.

Protecting Data Is Paramount

Hotel Interactive ·15 December 2017
American consumers are expressing an increasingly high level of concern that their personal data will be adequately protected upon checking into hotels with many guests actually placing that ahead of their own personal security.

Pulitzer Amsterdam cocktails inspired by hotel's perfume

Hotel Management·15 December 2017
Share Facebook Twitter LinkedIn Email Print This winter, Pulitzer Amsterdam is set to launch three new cocktails inspired by Le Labo Santal 33 perfume. Pulitzer’s Bar’s head bartender, Andrei Talapanescu, has designed three cocktails to reflect three of the most significant and long-lasting notes in Santal 33: cardamom, violet and leather. Santal 33 is a unisex perfume that is used throughout the hotel.

Buyers head into 2018 facing continued pressure to cut costs

eHotelier.com·13 December 2017
The poll of 243 business travel buyers asked, “What is the biggest issue facing you over the next 12 months?” Cutting costs reigns top of the list for the third consecutive year, followed by an increased focus on duty of care for the second time in a row. In third place (up five from last year) is rising hotel rates and, more specifically, availability. Rising airfares is at number six, a drop of three positions. Brexit – a new entry on the table in 2017 – features again in fourth place. Enforcing compliance continues to freefall down the table, from second place in 2016 to fifth last year and seventh for 2018. Unsurprisingly, GDPR – which comes into force next May – features on the list for the first time in tenth place.

5 things to know about the EU's new data rules

hotelnewsnow.com Featured Articles· 6 December 2017
If they’ve been paying attention, hoteliers should already know they have a massive challenge ahead of them with the European Union’s looming General Data Protection Regulation, which goes into effect 25 May 2018. The GDPR’s new rules threaten massive financial punishment in the case of data breaches or mishandling of data. The worst offenses will incur fines of either 4% of a company’s “global turnover” or €20 million ($23.7 million), depending on which is greater.

Security experts urge hoteliers to prep for EU's GDPR

hotelnewsnow.com Featured Articles· 5 December 2017
Cybercrime is costing global businesses billions, not millions, and in some jurisdictions—notably in the European Union—the cost to companies found guilty of negligence in regards to data breaches could soon rise substantially, according to sources. At a panel titled “Cyber-attacks are on the increase, so how secure are your systems?” at the recent Annual Hotel Conference and in telephone conversations with Hotel News Now, experts underlined that many businesses, especially small- and medium-sized ones, remained woefully unprepared. Moyn Uddin, a cyber and privacy consultant, said GDPR will change the landscape for everyone and could cost businesses huge fines, but he also sees it as a learning opportunity.

Travel firms looking to 'soft opt-in' consent as new EU rules loom

hotelmarketing.com·24 November 2017
A ‘soft opt-in’ for marketing consent will be used by some travel firms after new EU laws on data protection comes in, according to a leading legal expert. Partner at Travlaw Farina Azam told this week’s Travel Network Group conference that there is an option outside the General Data Protection Regulation. Azam said ‘soft opt-in’ is a legitimate exception to having to gain explicit consent as the new GDPR requires but that it only applies to email and text communications.

GDPR and the hotel sector: what you need to know today

eHotelier.com· 7 November 2017
For example, when a consumer signs-up for Spotify and they want to use their Facebook login for ease, Spotify receives their contact info, who their friends are, location, and other details. And in return Facebook receives details on the consumers’ music tastes. However, this unchecked spread of personal information will soon be in for a change. According to GDPR, all businesses; including hotels, will soon need to know exactly where they get data from, to whom they send it, and what they do with it internally.

How to get GDPR ready

hotel-industry.co.uk·18 October 2017
Failure to prepare could see fines of up to 4% of a company’s worldwide turnover – News from A&OIT One Solution From 25 May next year all UK businesses – big or small – will need to comply with strict new regulations around how they collect, store and use personal information as the European General Data Protection Regulation (GDPR) replaces the current data protection directive.

Is GDPR the Y2K for B2B marketing?

hotelmarketing.com·17 October 2017
The EU’s General Data Protection Regulation and Y2K share some surprising similarities. Marketing Land breaks them down and outlines four ways to prepare your organization for GDPR.

AHC Day Two: UK hoteliers weigh risks, rewards

hotelnewsnow.com Featured Articles·13 October 2017
Because of the strength of this point of the cycle, pressures are mounting for selecting the necessary, yield-producing strategies and partnerships in terms of development and the capital stack, panelists said on the last day of the conference. But first, finding the right location for development is paramount, which is easier said than done, according to panelists. Another major concern, voiced during a panel on cybersecurity, is General Data Protection Regulation legislation that takes effect in the United Kingdom on 25 May.

GDPR is coming, but nobody knows how it will be enforced

hotelmarketing.com· 5 October 2017
The deadline for Europe’s sweeping reforms to data protection is looming, but many marketers are still none the wiser on how those rules will be enforced. The General Data Protection Regulation may be a universal law for the European Union, but that doesn’t mean it will be applied equally. After all, 28 different countries will handle enforcement. That means Germany, for example, is expected to be tougher on enforcement of GDPR than elsewhere on the continent given data protection is conducted at a state level. Conversely, the U.K. has traditionally been the member state to push back against any overtly data-privacy regime that could impede global trade.

GDPR is coming, and many U.S. ad tech firms aren't ready

hotelmarketing.com·14 September 2017
From an American perspective, GDPR is difficult to fully comprehend: sweeping regulations that have 99 articles and 173 recitals. Some are betting that the sheer scope of GDPR means EU regulators will struggle to enforce it. Businesses outside of Europe aren’t necessarily reluctant to adapt for the GDPR. The reasons they’re delaying preparations have more to do with procrastination, not reading the fine print and, most importantly, not fully processing the GDPR’s implications, said Shane Minte, U.S. head of supply at mobile data platform Ogury. “It’s one of those things that, due to the geography, might feel like a distant problem, yet it is going to affect us all,” he said. “Having just a single user in the European Union for which [a company is] not GDPR-compliant means 2-4 percent of their global revenues are at risk.”

37 Percent of Global Organizations Unsure if They Need to Comply with GDPR

·14 September 2017
WatchGuard Technologies, a provider of advanced network security solutions, announced the results of a global survey that explores how well organizations understand Europe’s General Data Protection Regulation (GDPR) and their readiness for its fast approaching compliance deadline. The findings indicate widespread confusion about GDPR compliance criteria and an overall lack of preparation. The survey examines the views of more than 1,600 organizations across the globe and was conducted by independent market research firm, Vanson Bourne.

Google Sues to Block EU Antitrust Fine as Travel Probe Could Be on the Agenda

skift.com - Digital·11 September 2017
Google took its fight over a record European Union antitrust fine to the EU courts, starting a legal challenge that could take years to conclude. The owner of the world’s largest search engine said it filed its appeal on Monday at the EU’s General Court, based in Luxembourg. The tribunal’s press service said Google hadn’t asked the court to suspend an EU order for it to change how it displays shopping-search services before it rules on the challenge.

Common GDPR myths, debunked

hotelmarketing.com· 7 September 2017
Noise around the threat the European General Data Protection Regulation poses to marketers is getting louder as the 2018 deadline for enforcement approaches. Naturally, a flurry of “GDPR experts” - some of them helpful, others compounding the confusion - have surfaced over the last year to help businesses navigate the challenges.

How the GDPR will disrupt Google and Facebook

hotelmarketing.com· 1 September 2017
Google and Facebook will be unable to use the personal data they hold for advertising purposes without user permission. This is an acute challenge because they cannot use a “service-wide” opt-in for everything. When one uses Google or Facebook.com one willingly discloses personal data. These businesses have the right to process these data to provide their services when one asks them to. However, the application of the GDPR will prevent them from using these personal data for any further purpose unless the user permits. The GDPR applies the principle of “purpose limitation”, under which personal data must only be “collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes”.[2]

Tackling GDPR compliance before time runs out | mckinsey.com

McKinsey & Company ·16 August 2017
Europe is on the brink of a sea change in its data-protection laws. In fact, when the General Data Protection Regulation (GDPR) takes effect on May 25, 2018, the effects will reverberate far beyond the continent itself. The GDPR goes further than harmonizing national data-protection laws across the European Union and simplifying compliance; it also expands the reach of EU data-protection regulation and introduces important new requirements. It seeks to ensure that personal data are protected against misuse and theft and to give European Union residents control over how data relating to them are being used. Any entity that is established in the European Union or that processes the personal data of EU residents in order to offer them goods or services or to monitor their behavior--whether as customers, employees, or business partners--will be affected. Any failure to comply with the regulation could incur severe reputational damage as well as financial penalties of up to 4 percent of annual worldwide revenues (see sidebar "The GDPR: Key facts" for a synopsis of the new rules).


Thank you for subscribing. Your email address has been added to our mailing list.
To subscribe to the GDPR Bytes Newsletter please enter your email address below.
An error occured, please check your input and try again.