The EU General Data Protection Regulation (GDPR) comes into effect on 25 May, 2018 and places new obligations on organisations based in the EEA or which hold or process personally identifiable information (PII) about EU citizens.
Little Hotelier has taken a number of steps to ensure we are fully compliant with our obligations, and have clear policies and processes to respond to customer and partner questions. Further information is available below.
- IT Security Policy
Little Hotelier has always been committed to ensuring we maintain our customers’ and their customers’ data as securely as possible. Details of our IT Security Policy consistent with our obligations under the GDPR are available here.
- Amending Customer Contracts
Existing customers can download a Data Processing Addendum (DPA) here. By completing the DPA in accordance with the instructions on the first page, customers can automatically update their existing Little Hotelier contracts to ensure they are GDPR compliant. Our standard customer terms and conditions updated to incorporate obligations under the GDPR are available here.
An updated FAQ, incorporating updated questions that have been submitted to Little Hotelier in the run-up to GDPR going live are included here.
A current list of the companies Little Hotelier partners with to process data is available here.
- Product Updates
Little Hotelier is being updated to help customers comply with the GDPR obligations relating to obtaining and recording consent. Consent check-boxes will be available on or shortly after the GDPR going live on 25 May 2018. Other technology designed to automate data access requests received from guests will be released in the following weeks.
In the meantime, if you wish to submit a data request under the GDPR, or have any additional queries, please contact your local Little Hotelier privacy officer at [email protected].