Cookies on HFTP Bytes

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us give you the best possible user experience.
By using the site, you consent to the placement of these cookies. However, you can change your cookie settings at any time. Read our Privacy Notice to learn more.

I understand
Article by Abby Ward

Understand Your Guests to Increase Conversion Rates

Net Affinity ·19 October 2017
Do you know who your website content should be targeting, who's visiting your site and who's actually parting with their cash to make the booking? If you can't answer those questions, it's time to start building a picture of your target market in order to better meet their requirements and wishes.You can do this by tailoring your rate plans and packages to suit various guest types. You can also use data segmentation to send and display the right content to the right people. Be it for email marketing campaigns, or display and remarketing ads.Whilst you should be looking at your own guests in careful segments on a property level, it's helpful to take a look at the industry at large. This data can tell you who you should be trying to talk to and on which platform and devices.Across our portfolio of clients with 12,800,000 hotel website sessions for the first half of this year, we have monitored each transaction to find out those answers. Of course, this data is purely for guests who made their booking online, so keep in mind that there are guests who book over the phone, or in some cases in person, who are not represented in these figures.Let's take a look at the demographic of people who have visited our client sites and those who booked, from Q1 and Q2 2017:Who VisitsWomen made up the majority of visitors. The ratio of female to male users is more than 2:1, at 69% female and 31% male. This may reflect that more women are doing research, or that women simply prefer to visit more sites during their research.The young adults are the most enthusiastic travelers. 56% of visitors to hotel websites are 25-44, and the strongest demographic is 25-24 (28.8% of users).Who BooksWhile more women book than men overall, this number is skewed by the higher number of women visiting sites. On the whole, men convert 1.5 times more often than women, although they contribute less revenue and transactions overall.As far as the age of your guests is concerned, the same pattern as above holds true for transactions and revenue as well. Those aged 25-44 make up about 55% of transactions and revenue.However, it's worth noting that those aged 45-54 and those over 65 convert more often. This suggests that by the time your more mature guests reach the website, they are more ready to book. Younger ones, most dramatically those age 18-24, tend to shop around a bit more before committing to a booking.5 Ways To Implement Guest Data Into Your StrategyAsk your guests for information at checkout: name, email address, age, gender, occupation.Train your front desk in collecting data for each guest. Such as what the purpose of their trip is etc.Tailor your packages for each of your top segments. This could mean using value ads such as a free drink on arrival, or by using local events to make your hotel standout to those attending them.Segment your data for marketing purposes. For example, send your Valentine's Day campaign to males, with a special offer to save them money and hassle.Make sure your data storage processes and systems are GDPR compliant. A new regulation coming into force in May 2018 has significantly tightened up laws around storing and using data, so make sure you're clued up on it.For more interesting insights from our client data, check out our Digital Trends Report.

133 | GDPR Compliance with HFTP COO Lucinda Hart

The Lodging Leaders Podcast: Powerful Business Strategies for Hotel Professionals·11 October 2017
Lucinda Hart, CAE, MBA, has over 22 years of association management and customer service experience in the areas of human resources, certification, membership, chapter relations, conferences/trade shows, nonprofit legal issues, and governance and administration. As HFTP Chief Operations Officer, Lucinda is responsible for the day-to-day operations of the association, managing 30 staff members, as well as representing HFTP at numerous industry global events. Lucinda received her Bachelor of Arts in Human Resource Management and her Master of Business Administration in Organizational Leadership and Management from Concordia University Texas. She is also a Certified Association Executive (CAE). Lucinda was awarded the Professional Excellence Award from the Texas Society of Association Executives (TSAE). She serves as a mentor for Leadership TSAE and Concordia University Texas.
Article by Kris Troukens

GDPR - Advice for the Hospitality sector

Quality Hotel Services ·13 September 2017
SITUATIONGDPR, what is it, and is it important to the Hospitality Sector?The General Data Protection Regulations (GDPR) is a major overhaul of the EU data protection law. It comes into force on May 25th, 2018. It requires any business (including hospitality industry businesses) that handles personal data of a EU citizen to have adequate measures in place.What is meant by "adequate measures"?By "adequate measures" they mean data should be properly protected, and any theft or misuse of this data cannot occur. The EU citizen (the guest) also has specific rights on the data that you are holding about him. (see below)Does GDPR only apply within the European Union?No, it applies to data stored on EU citizens, wherever they are staying around the world. This impacts the entire hospitality sector, worldwide.What if I am not compliant?If a EU citizen files a complaint, the hotel may face some hefty fines. The maximum fine is set to 20 million Euros, or 4% of the annual global turnover (whichever is the greater).HOW TO PREPARE in 13 STEPSThere are several steps that the hotel can take to properly prepare for GDPR. Some of them may already be in place. They are listed below.1) Create awareness in the hotel.Buy-in of the hotel management team is also essential. There may be changes in procedures or systems, so all managers should be aware of GDPR, fully understand it, and be able to understand the impact on their department.2) Create a "data-register"You should be documenting which information you are holding, where it is stored, where it comes from, whom you are sharing it with, and if the guest has given his consent to you collecting all this data. This "data-register" will map all your data streams.All processing steps should be recorded, and this may require the compilation or review of existing policies and procedures.3) Communicate to your guests about your new privacy rulesMake sure you ask the guest for his agreement on giving you all required data, and document that agreement. This could be easily done on the registration card, or when checking-in on line. Adapt your legal statements and customer agreements to the new legislation. You will need to disclose for which purpose(s) you intend to collect data, and how long you will be keeping it.4) Guests rightsThe European guest has several rights, and you need to ensure he can exercise his rights, which include:The right of access to his dataThe right to rectificationThe right to eraseThe right to restrict processingThe right to transfer his data to another partyThe right to objectThe right not to be included in automated marketing initiatives or profilingMany of those rights may already be in existence today.5) Guest access requestsYou will need to be ready to handle a guest request coming in about his rights. You are not allowed to charge for this service, and you have a maximum of 1 month to provide an answer. If you refuse a request, you must inform the guests about your reasons, and provide any details about the Privacy Commission and the name and contact details of your DPO (Data Protection Officer, more on this below), so that the guest understands how to file a complaint.6) Lawful basis for processing guest dataWhile the hotel is collecting data, it can only do so if there is a lawful reason. You need to review and ensure all questions you are asking (on registration cards, online forms etc...) are absolutely required for you to process the guest. As an example, the departure date of a guest is a required piece of data. However, asking for the guest's birthday may be more difficult to justify.7) Guest consentIt is important to review how you are obtaining, and recording the guest consent. He may be arriving via a travel agent, via a telephone reservation, or it may be a walk-in. All these cases need to be considered.At all times, there must be a clear "opt-in" given by the guests. There cannot be any pre-ticked boxes where the guest agrees to give his data; opting in is never by default. Also consider how you will handle the case of a guest who withdraws his consent.8) ChildrenThere's an additional consideration for children under 16. Authorisaton to process a minor's data should be obtained from their parents or responsible adult. The hotel needs to prepare for this scenario.9) Data breaches or theftThe hotel should be ready to detect, and remedy any data theft concerning personal data. The data register should be able to provide insight into which pieces of data are concerned.Any incident should be reported within 72hrs to the Privacy Commission, for all cases where there is a risk that guest data may have been compromised.By extension, this implies your network and storage systems should be up-to-date with the latest intrusion detection programs and should have successfully passed penetration testing.10) Data protection by design, and Data Protection Impact assessmentsFor any new systems or major changes, it would be wise to keep the "Data protection by Design" in mind. Indeed, when discussing requirements for a new tool or procedure, you can already include the data protection principles, right from the design stage.An Impact Assessment is required when major new technology is introduced, or significant upgrades are taking place on systems which contain personal data.11) The Data Protection OfficerWithin your hotel or company someone should be tasked to become the Data Protection Officer (DPO). Make sure this is someone who knows and understands the importance of personal data processing. This can very well be an additional task for an existing employee or manager.It is mandatory to appoint a DPO when you are handling large volumes of personal data records, such as medical or criminal records. In a hotel, large amounts of credit card details are processed, so it is eminently sensible to have a DPO in place.The DPO should always understand and be aware of all data flows in the hotel, and he should ensure that he has an updated data register at all times, in case any queries arise.The name of the DPO should be mentioned on all privacy statements on any media. When filing a complaint, the guest will reference the DPO by name.12) International and Group HotelsIf you are an independent hotel, this point does not apply.For hotels with multiple properties, or in multiple EU countries, it is important to align the procedures, and to identify who is taking the lead (presumably the country or regional office) for the coordinated GDPR efforts. If you are present in multiple EU countries, it is required to identify a "main establishment", and also the country lead supervisory authority.13) Existing ContractsIt is likely that for the processing of your data you are assisted by third parties or subcontractors. Make sure you are aware of who they are, and what your current contractual obligations are. It would also be an excellent opportunity to review these contracts to include any GDPR related aspects and ensuring the contractor is aware of his obligations under GDPR and that services or systems help you meet your GDR requirements.MORE FAQ'SWho is overseeing the introduction of these new regulations?Every country has one central organisation to oversee the introduction of the new regulation. For Belgium this is the "Privacy Commission" ( Any queries or complaints from guests will be addressed to them.Who is responsible?Ultimately it is you, the hotelier who is responsible. So, if any of the above points fail, and a guest files a complaint with the country authority, it will be addressed to you, and you will have to justify your actions to the Privacy Commission.What if I need assistance?Quality Hotel services can help you in several ways:Compile a comprehensive awareness campaign, tailored to your propertySet up a "data-register" for you, or provide you with a workable templateMaking sure the necessary "consent" statements are included on all printed and electronic media where you collect guest dataRecommend processes on how to obtain consent from guests, and childrenEnsuring your network and data storage devices are 100% safe and protectedDesign an "Impact Assessment Analysis" template documentCompiling the job description and procedure manual for a DPOCompiling your "Data" supplier list, and reviewing/suggesting contractual amendments

My data, my privacy Featured Articles· 8 September 2017
The future is full of revenue opportunities for hoteliers who try to monetize their guests’ data, but from the guest perspective, it may seem akin to living in a surveillance state. The hotel industry is doing its best to catch up to other industries that collect consumer data and turn it into actionable items and, therefore, monetize it in one way or another. It could be sharing guest data systemwide throughout a brand so that when a guest arrives at a particular location, his or her information is available so front-desk associates can make check-in a more personal, welcoming experience. It could be using facial-recognition technology to not only confirm a guest’s identity, but also to determine a guest’s mood and recommend an action, based on that analysis, to improve the guest’s stay.

Addressing consent management in GDPR

The Analytic Hospitality Executive | SAS·31 July 2017
When we talk about consent management for the EU’s General Data Protection Regulation (GDPR), one of the key considerations is “consent for a purpose.” It might have been sufficient in the past to provide a form with a single generic consent check box and store the fact that consent was given or not. But under the GDPR, consent is per purpose, specific, might change over time and applies to a single type of interaction or channel. In GDPR terms, this is also known as “explicit consent.” Such explicit consent is given for a specific purpose -- and might only affect a portion of the personal data collected and stored.
Article by

Talking Tech with Carson Booth - HITEC Amsterdam Advisory Council Chair

Starwood Hotels & Resorts Worldwide, Inc. ·22 March 2017
This March 28-30, HFTP is producing its newest endeavor, HITEC Amsterdam, a smaller, boutique version of the ongoing, popular 45-year event. Helping to guide the educational component is long-time HFTP member, Carson Booth, vice president of global technology for Marriott International (Starwood). Using his expertise in the European, and international, hotel market, Booth leads a council of advisors to make the program uniquely European, with global appeal.What were some technology challenges that you faced early in your career? What are some of the top challenges you are facing today in the workplace? And how are you resolving them?I started my career in the late-'80s at the beginning of the technology revolution and have since witnessed the complete immersion of technology in most essential and non-essential activities. The evolution of usage went from users who were non-technical who then became tech-savvy, but still functioned well without the support of technology. Then as personal technology became universal, the tech-savvy user became tech-dependent. Extending further, we are now in the app era where users self-support personal experiences and expect accelerated technology release cycles with new functionality -- always seeking something "more."This ultimately results in the BYOD/BYOT blurring of business and personal use. Tech-dependence and devices in every pocket create very disruptive challenges to organizations trying to control the need for standard processes and data security against app-proliferation. Neither the food and beverage director, nor their niece, should be allowed to download an inventory management app. Or even more concerning, develop one themselves.In addition to the BYOT concerns of today, technology sophistication, especially technology security, has far exceeded most skills and capabilities of today's property-based IT manager. This creates gaps in security and service levels. Fortunately, above-property solutions with professionalized service level agreements (SLA) and security management are now maturing and the whole industry will continue to benefit.What technology developments interest you most and why?Augmented Intelligence -- The intersection of technology advancements in mobile and cloud computing delivers untethered, real-time information, communication and enhanced decision-making capabilities. The hospitality industry has a significant opportunity to profit from these advancements by recognizing that our guests are empowered by this intersection. Companies should redefine Data as an organizational strategic asset and build customer intelligence programs to leverage this data to ultimately provide a highly personalized experience for the guest.Micro-services Architecture -- Technology sophistication for an individual hotel has surpassed its ability to manage and secure it. This sophistication tipping point, along with industry advancements in cloud services, is driving technology above property and locking hoteliers into recurring services models where product suites can stagnate. Developers and suppliers that adopt a flexible, micro-services architecture will create a significant share shift by enabling a more flexible, open and modular approach to applications which suit an operation's needs and provides best product choice.What are some consumer-driven technology practices that have driven technology applications in the hotel?Portable personal content is driving two distinct changes in hotel technology. First, hotel internet service bandwidth continues to be a significant detractor to the customer experience. Customers compare the internet access speed/cost ratio against their home/consumer experience and place a very vocal, highly-weighted critique against operators delivering sub-par experiences. On-street mobile technology continues to improve in speed and data caps, and is also driving increased expectations for hotel internet access performance. I look forward to the day where this expectation peaks and the on-street and in-room connection experience is ubiquitous and indistinguishable, delivering an experience on-par with in-home Wi-Fi.Second, viewership and purchase of hotel-supplied content continues to decline due to increasing customer expectations and desire for bespoke content and lineups. These expectations are supported by capacity increases of portable media devices and cloud services like Netflix, Amazon and iTunes. These services are driving the guest's desire to display their personalized content using the in-room television and media players.What are some best practices you have for running an IT department in a field that is always changing?The constant evolution of technology is unsustainable for the average individual hotel with limited resources. Hotels need to carefully prioritize their investment decisions and consider the following best practices:Remain agile in product choice and contracting terms. The balance of right fit and terms needs to be weighed against medium- and long-term technology trends in the industry. Lengthy contract terms will hinder an organization's ability to pivot when necessary.Keep it simple. If it feels complicated and is not well-understood, then it should be reconsidered and questioned more.Spend constrained training funds on life-long learning skills and not on IT training. The technology of the day is transitory and so are the training investments in certifications for IT staff. It is more critical and will provide greater lasting value for IT teams to learn life-long skills like public speaking and financial management for non-finance people. The technical training can be on-the-job or self-study.Become more agile and responsive to your business partners. Do this by adopting a DevOps approach which emphasizes collaboration and communication between involved parties to break down the silos of the legacy plan-build-run organizational structures. Your business teams will thank you.Celebrate success. Digital/mobile teams receive more praise than IT due to the front-end nature of their solutions; however, do not forget their stuff is a pretty front-end for complex back-end systems and interfaces. So be sure to celebrate success across the entire technology spectrum.Having worked in hotels across the globe, in what aspect do you see regional differences?There are definite technology expectation and capability differences by region driven in large part by legislation, affordability and other market considerations. For example, in the U.S., convenience outweighs privacy. Therefore services like automated credit card settlement (chip/signature vs. more secure chip/pin) and keyless check-ins (registration-free) are examples of trading additional information or accepting greater data risk for quicker service.Global and regional operators are constantly tasked with managing legislation and requirement variances across political-economic unions, like the EU and member-states. For example, the registration card remains paper-based across some EU countries, but not all. Variations in VAT and other fiscal requirements for receipts and financial processing need to be accommodated for; as well as, differences in data nationalization efforts for countries like Russia versus the EU's General Data Protection Regulation (GDPR).In Asia, several differences are noticeable from highly-connected and automated Japan with pervasive 4G, cube and robot-staffed hotels, to solution inward-looking China which challenge global operators in their quest for operational, guest-service and data consistency.There are broader inconsistencies in language requirements and staff capabilities, costs for internet services, currency exchange and average rates which impact solution affordability, as well as definite gaps in true global cloud service offerings and service-provider. Its complex and requires local knowledge with global coordination for the larger brands to efficiently deliver consistent technology solutions to enhance the customer experience.Describe a professional experience that has stuck with you. What did you learn from this experience?Many years ago, U.S. legislation drove the need for greater accountability in financial reporting for U.S.-owned assets held around the world. In Europe, we embarked on consolidating and raising above-property the hotel-based financial reporting systems for 68 hotels in 10 countries to a self-hosted private cloud service. We built and deployed a self-managed data center, created appropriate policies and processes, and brought the solution up technically. By today's capabilities, this seems an easy and natural solution, but at the time, it was new for our users and IT staff. This took an equally-significant effort to win their hearts and minds and to prove the solution provided the needed security and service levels.This program has had three lasting effects. The first being, the program's IT processes and security program laid the foundation for Starwood's Global Information Security Policies and started the Information Risk Management program which is still deemed best in industry today. The second was the clear establishment of an above-property technology strategy for Starwood.The third lasting effect, which is personal in nature, came with the realization that one success doesn't necessarily translate into a pattern. Fond memories remain of the spectacular failure of the immediate subsequent project to implement a hosted, enterprise project management solution for all departments. Learning how to develop and present a business case, bring others along and identify when to press ahead versus when to walk-away, is one of the most important lessons of my career.Leadership and teamwork are always important. Describe an experience when you led and worked with a team to resolve an issue.The decentralized property technology that remained local created an impediment to our company's strategy. Our team was tasked with identifying multiple paths to advance property technology agility, security and standardization across the globe. We brought together a small, but very capable team, to seek solutions internally and externally with major tier-1 technology partners.Enterprise class solutions were preferred, but came with a significant cost premium which we knew the board would struggle to approve. Nine months of effort around design, scalability, iterative pricing negotiations and navigating the inherent sacred cows on both sides of the table, led to a tired and very frustrated internal team with significant personal/ownership stakes.Finally, we had a proposal that we could present and defend to our senior leadership team, but we knew its price tag was a long shot and would come down to a few minutes pitch followed by a yes, revise or in this case, a no. Several weeks prior to this decision, it was important to start a coping process to help the team transition away from their personal ownership stakes and realize in any sizable business no one person can make all the decisions. Most importantly, this included helping them recognize that as a team the journey was a success regardless of the outcome.HFTP's inaugural HITEC Amsterdam is the first of three HITEC events planned for 2017, and will take place 28-30 March at the RAI Amsterdam Convention Centre in Amsterdam, The Netherlands. The pre-conference events will take place on 28 March, followed by the full HITEC Amsterdam event featuring two full days of education, an expo and networking party. HITEC Amsterdam registration is now available on the HITEC Amsterdam website. Co-located with HITEC Amsterdam are two additional events brought by HFTP industry allies. The Hospitality Sales and Marketing Association International (HSMAI) Region Europe will locate its Revenue Optimization Conference (ROC) with HITEC Amsterdam. Also co-locating is the Hotel Technology Next Generation (HTNG) Insight Summit Europe.

Welcome to the new, open SAS!

The Analytic Hospitality Executive | SAS·13 March 2017
For many years, we’ve been saying that to do advanced analytics, well, you must have good quality, clean and standardised data. And now we’re fast approaching the deadline for businesses to be compliant with the GDPR regulations (with fines for noncompliance up to four per cent of revenue).
Article by Mihaela Lica Butler

General Data Protection Regulation (GDPR) - A Talk with Alvaro Hidalgo

Hospitality Net ·13 February 2017
Continuing our interview series in anticipation of HITEC Amsterdam which takes place at the end of March (28-30) at RAI Amsterdam Convention Centre, we interviewed Alvaro HIDALGO, the Managing Partner of FIRST LOGIC Consulting and a respected Professional in the implementation of low & high contact traceability systems in Hospitality & Sports related facilities.Hidalgo shared with us ideas and updates about General Data Protection Regulation (GDPR) and the impact the new law that will be in force in May 2018 will have on the Hospitality Industry. Adopted in April 2016, the law aims to strengthen and unify data protection for individuals within the European Union.As far as hospitality is concerned, the new GDPR changes the landscape dramatically."The new GDPR expands all rights and freedoms of data subjects and provides new processes and procedures for companies to manage personal data," Alvaro Hidalgo told us in an exclusive interview. "In addition, these methods need to be proven, and businesses will be compelled to maintain records of the same. Therefore, a clear traceability model is now part of the obligations of the regulation."Alvaro went on to explain that the new law implies the creation of new responsibilities and positions within a company, like Data Protection Officer (DPO), whose role will be to ensure that all data management within a business is carried according to GPDR. In other words, GDPR places the burden of proof with the company.As such, new EU GPDR will obsolete the current management of data currently in place in most companies, where various departments collect the needed data and carry the custody in the way they deem appropriate.While the EU GPDR includes significant legal changes (aforementioned "burden of proof," Codes of Conduct, Certifications, and Privacy impact assessments), the law focuses on the establishment of robust, consistent internal processes.The new General Data Protection Regulation (GDPR) law requires a complete overhaul of all internal activities and processes that involve capture, use, storage or transfer of Personal Data, and as such, it affects not only IT and legal departments but all departments of any company."So companies will have to assess ongoing processes and their compliance with GPDR. New procedures will be implemented, and training material and systems for all staff involved will be put in place. As I said, a complete overhaul," concluded Alvaro (pictured right).While some may consider the implementation of the GDPR a major problem, Alvaro believes it is an opportunity for companies:"Centralized and coordinated data management is the first step to using Big Data. The hospitality industry manages a large quantity of personal data, which means that it will no doubt create the conditions to exploit new avenues, to innovate services, and to provide new sources of revenue."Planning for HITEC Amsterdam is in full swing with guidance from an advisory council representing eight European countries. The committee is chaired by Carson Booth, CHTP, and vice-chaired by Derek Wood. For the latest news, follow HFTP/HITEC on HITEC Bytes, PineappleSearch, Facebook, LinkedIn, Twitter (@HFTP) and Instagram (HFTP_HITEC). For more information about HITEC Amsterdam, contact the HFTP Meetings & Special Events Department at, +1 (512) 249-5333.


Thank you for subscribing. Your email address has been added to our mailing list.
To subscribe to the GDPR Bytes Newsletter please enter your contact details below.
An error occured, please check your input and try again.
I do want to receive the GDPR Bytes email newsletter.
By submitting this form, you have read and agreed to the Privacy Notice of HFTP.
You may unsubscribe to these emails at any time.