GDPR compliance with lost & found
What makes GDPR essential for the hotels and the whole hospitality industry when dealing with lost and found?
GDPR and Lost and found, yes, these two are supposed to go hand in hand. You might not be aware of it, but dealing with lost properties in hotels can be a sensitive matter, that's why you need to be aware of the GDPR compliance, many people don't know that a name on a post-it is against the GDPR rules.
On our many visits to hotels, golf courses, amusement parks, and other organizations within the hospitality industry we have seen it all. The general way to handle lost properties is excel sheets, notebooks, and a lot of post-its. This is a natural way for the staff to process the lost and found items, and it has been done like that for years. At Faundit we don't want you to worry, that's one of the reasons why we started www.faundit.com.
With Faundit, it's easier to uphold the requirements as we communicate with the guest and inform you when you need to get rid of the lost property and our system is fully compliant with GDPR.
Is GDPR for all hotels and the hospitality industry?
Yes! Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU.
An example of not following GDPR and what the consequences can be: A Danish hotel chain got in 2020, a DKK 1,100,000 (approx. €147,800) fine and got reported to the police for failure to delete personal data and not being compliant with GDPR.
What types of privacy data does the GDPR protect?
- Basic identity information such as name, address, telephone number, e.g. to prevent papers with personal data from ending up in the wrong places, such as post-its with personal information lying around on the front desk.
- Payment card information
- Web data such as location, IP address, cookie data. Health and genetic data. In the hospitality industry, we might know our guests better than they know themselves - to give them a better guest experience.
- Biometric data, since many new features in the hospitality industry, are getting more and more futuristic with biometric data for identification and access control.
- Racial or ethnic data, political opinions, and sexual orientation.
What exactly is GDPR ?
The European Parliament adopted the GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require all businesses including the whole hospitality industry to protect the personal data and privacy of EU citizens for transactions that occur within EU member states.