4 Ways Hoteliers Can Stay Compliant with GDPR

1st January, 1970

4 Ways Hoteliers Can Stay Compliant with GDPR

With the General Data Protection Regulation (GDPR) just around the corner, hoteliers will need to comply with the new guidelines and regulations. GDPR is a new set of rules designed to give citizens more control over their data. Although GDPR does not come into effect until May 25th, 2018, hoteliers have already started preparing.  

The hospitality industry is considered as one of the most vulnerable to data threats. This is because the hospitality industry process and store vast amounts of guests’ personal information. Over the past few years, the hospitality industry has been the main target for data breaches. Hotels, such as Intercontinental Group, Hyatt Hotels Corporation, Hilton Hotels & Resorts and Trump’s Hotel have all been affected previously. This shows that hotels no matter how big or small are not immune to data breaches.

Due to the data breaches, the hospitality industry is making conscious efforts to ensure they are compliant with GDPR. The International Hotel Technology Forum 2018 will provide attendees with the opportunity to understand the importance of GDPR in addition to looking at ways of how to respond to GDPR.

In the meantime for consideration, here are 4 ways in which hoteliers can stay compliant with GDPR:  

1)  Internal Governance and Responsibility  

Under the new GDPR regulations, there will be an increased emphasis on being able to demonstrate compliance. This consists of maintaining a record of data processing activities, policies and procedures.   

2)  Data Protection Officers  

Hoteliers are now required to designate someone to take direct responsibility for data protection compliance. Data Protection Officers are required to inform and advise their employees of the data protection requirements under GDPR.    

3)  Data Portability  

Under the new data protection laws, data subjects have the right to obtain and reuse data collected by a controller. Data subjects can either store their data for personal use or transfer it to another data controller.

4)  Security Breaches  

In the event of a personal data breach, GDPR will introduce a notification regime system alerting data handlers. They will be required to report personal data breaches no later than 72 hours after becoming aware of such breach.  

Hoteliers will need to ensure they are in a position to identify and react to security breaches in a manner that complies with the requirements of GDPR.  

Hotels all over the globe will need to comply with the new regulation. Failing to comply with GDPR will result in fines of up to £17million or 4% of the annual turnover, whichever hits the hardest. This approach has been taken to protect data that has been collected and stored on guests.  

To learn more about GDPR, attend our tailored sessions at this year’s International Hotel Technology Forum 2018 (IHTF). IHTF returns for its 15th anniversary, taking place in Mallorca, Spain. If you would like to attend IHTF 2018, register today and quote MK-BP-PR to reserve your place.  


Arena’s business-to-business events offer a myriad of opportunities for sponsors and exhibitors to drive their businesses forward.
Our sponsorship packages help companies educate ther target market on key industry issues and spread brand awareness throughout the

If you want to discuss how we can help you generate leads and add-value to your corporate and brand image please contact:

Paul Adams
+44 (0)20 7936 6948

Speaker opportunities

We identify and invite individuals we believe to be the best speakers in the market, if you think you can make a difference to the quality of our events please contact:

Chloe Roberts
E: Chloe.Roberts@arena-international.com
T: +44 (0)207 936 6822