GDPR Compliant

The General Data Protection Regulation (GDPR) comes into force on 25th May 2018.  We all need to be ready. Policy changes have been made to ensure compliance and full protection.

One of the key terminologies from GDPR is the concept of “unambiguous consent”.  This means that when a user agrees to a Privacy Policy or Terms & Conditions, they are fully aware of what they are agreeing to.  They should fully understand and have agreed to the principals of the data a company will collect on behalf of clients and what they will do with their data.

The full Terms & Conditions are available for users to read but an overview will be included to clearly state

‘Your data is being collected by HotelFeedback web service on behalf of our clients. 

As you would expect, here at HF Hotel Feedback Ltd we have taken the proactive step of making the changes early so our clients can benefit from having one less GDPR headache to deal with, as well as giving end users the confidence that their data is being looked after.


At HF Hotel Feedback Ltd we ensure you are GDPR compliant and ready for 25th May 2018.


Main Improvements

GDPR requires companies to implement privacy by design: Privacy should be the default concern when dealing with end user data, for instance any data can only be collected when it is meaningful to the delivery of the service.
Our clients are responsible any data breach should be reported to authorities & customers within 3 days from when a company first becomes aware of the incident. HotelFeeback web services separates in different lists end users that agree their data to be used for marketing purposes or not.


How we comply with GDPR?

We, at HF Hotel Feedback Ltd, believe that GDPR is critical to increase the global level of user data protection, and as a consequence is the best way to provide a sustainable model to the digital advertising industry. While the GDPR is initially a EU initiative, the globalization of economy and solutions will imply that this will benefit to many non EU consumers as well in the longer term.
Our practices have been reviewed under the scope of the GDPR requirements. We have improved our process and development in order to comply with GDPR requirements. Those improvements are related mostly to data storage, portability and security services.
Data belongs to our clients since day 1, and we intend to protect the data on behalf of our clients but also of the end user who can always have access at any time to their own data and choose to modify or remove them from our client’s database.

Comments are closed.