- Overview
HF Hotel Feedback Ltd is committed to ensuring the protection of Personal Data, and the rights and freedoms of all Data Subjects, when processing Personal Data on behalf of our Clients, and their end users. This commitment is not limited to GDPR, and extends outside of the boundaries of the European Economic Area. As such, our approach takes into account the varying Privacy Laws and legislative requirements on a global scale.
Whilst the forthcoming General Data Protection Regulations add a number of key improvements and a harmonization of standards, the core principles relating to the processing of personal data largely remain the same, and as such HF Hotel Feedback Ltd are building on our existing foundation of privacy protection, to ensure we continue to improve and embrace the requirement to demonstrate accountability. As such, HF Hotel Feedback Ltd are taking a multi-dimensional approach, focusing on not just technical features, but technical and organizational controls.
- Our Approach
- We have invested in compliance requirements & associated skills
- Practitioner, to ensure we can best advise our clients on how to present the guest with a tailored onboarding experience, whilst ensuring terms & conditions, privacy policies and marketing opt-ins all follow GDPR best practice
- Our organization data-flow mappings are documented, so we know where data is stored and how it is used and transported to our clients
- We operate a programme of auditable and ongoing Staff Training, Awareness and Testing, specifically focused on Data Privacy & Information Security
- Platform Functionality to Support GDPR & Data Privacy Principles
Terms & Conditions of Use & Privacy Policies
- Each distinct venue operator can present their end users & guests with customised terms & conditions of use and privacy notices to ensure that these meet the individual requirements of each venue, and the regionalised requirements for data retention and cross-border data transport
Multi-Purpose Consent & Marketing Opt-In
- Additional Questions can be added to ensure that transparent and explicit consent can be given for multiple specific purposes (e.g. marketing, support, statistical analysis, 3rd party distribution)
- Consent questions can be added on a per-venue, per sub-location basis to provide a differentiation of purpose within separate areas of a venue (e.g. where data captured within a public area will be used for different purposes for those in conference or accommodation areas)
Subject Access Requests & Personal Data Management
- All stored data for a specific guest or device can be easily managed into a machine-readable format.
A Statement of Terms & Conditions which you can learn more about here, and we have also made some significant changes to our policies to make sure you are fully protected
Access to HotelFeedback web service
One of the key terms to come from GDPR is the idea of “unambiguous consent”. What this means is that when a user agrees to a Privacy Policy, or Terms and Conditions, they are aware of what they are agreeing to, and they have clearly agreed to the principles of what data a company will collect and what they will do with that data. In order to attain this “unambiguous consent” we have made a number of changes to the access in HotelFeedback web service.
When a customer ticks the consent box on the HotelFeedback splash page, they will be presented with a further screen that provides a “Terms Overview”. This screen provides 2 tabs which then break down information on the data that is collected (Your data) and how the data is used for marketing purposes (Marketing).