GDPR Overview

The General Data Protection Regulation (GDPR) is a regulation that requires businesses to protect the personal data and privacy of European Union citizens. Effectively, from May 25 2018 the European Union citizens, who check-in as guests at a hotel:

  • Have easier access to personal data. Guests are provided with information on how the personal data is processed.
  • Can transfer personal data between service providers with ease.
  • Know when the personal data is hacked. Organizations must notify the national supervisory authority of data breaches as soon as possible so that appropriate measures can be taken.
Note: When a guest no longer wants the personal data to be processed, and if there are no legitimate grounds to retain it, the data is deleted. However, every request for data deletion does not result in deletion of the personal data completely. The data can be retained for:
  • The performance of a contract (revenue statistics)
  • The compliance with a legal obligation (invoices)

You can use the Remove Guest Profile Information option to delete the personal data of the guest.

You can use the Guest Profile Information Report option to print the guest personal details and other reservation related data.

  • You can delete the guest details only if:
    • No future reservations with In-House, Reserved, Waitlist or Pre-Registered status exist.
    • No Advance Deposit which is yet to be settled exists.
    • No future leases associated with Tentative, Definite or Released status exist.
    • No future activity bookings exist.
    • The guest account must not be set to Active or Pending status.
    • No pending invoices exist.
    • The Folio Balance associated with the reservation is 0.
  • You can use the Profile Anonymization Schedule job to remove the guest profile.
Related topics