GDPR Compliance

What US Hotels Need to Know About GDPR Legislation

While many people in the United States have already heard about California legislation, which is similar to GPDR legislation, that has been taken into effect in June this year, a lot of them don’t know what it exactly refers to and how and whether it will affect them.
Illustration - GDPR Compliance concept
What US Hotels Need to Know about GDPR Legislation

mycloud Hospitality

While many people in the United States have already heard about California legislation, which is similar to GPDR legislation, that has been taken into effect in June this year, a lot of them don’t know what it exactly refers to and how and whether it will affect them.

While this GDPR legislation is still a rather new law, it doesn’t mean that people shouldn’t be closely informed about it, especially if they are involved in the hospitality industry.

So, if you are a hotel owner in the United States and want to make sure that you are doing everything the right way and want to find out more about the connection between GDPR and hospitality, keep on reading as we will provide you with some insightful details you should be taking into consideration.

What is GDPR?

General Data Protection Regulation or GDPR for short is a regulation that was issued by the European Union and it refers to the protection of each and every individual’s privacy and data, as well as how businesses (regardless of the type) are allowed to use, manage or share someone’s personal data.

Since this regulation applies to any individual’s personal data regardless of their place of residence and their nationality as long as they are on the territory of the EU countries, it becomes clear how practically each and every online service can be affected by it, even if it’s outside of this territory.

Does GDPR apply to hotels in the US?

The new GDPR legislation applies to all hotels around the world, and it is no different for the hotels in the US – so, if you are a hotel owner in the US, you need to know what GDPR for US hotels actually means in order to follow the rules accordingly and prevent any unfortunate scenarios from happening.

There is a close connection between GDPR and hospitality – each hotel in the United States (and anywhere in the world, of course) that has customers who come from the territory of the EU need to do their business in accordance with this legislation.

In which ways does the GDPR affect your hospitality industry business?

There are 6 ways the GDPR applies to your business’s data policy:

1. Getting consent from your customers – every person who visits your hotel’s website needs to know in which exact ways their personal data will be used in the future. That is why such an explanation needs to be included in the “Terms of service” section of your website.

2. Data access – Your customers need to know who will have an access to their personal data. In addition, when this data is no longer needed, it needs to be deleted from the system.

3. The accuracy of the data – All personal data needs to be up to date at all times and updated on a regular basis.

4. Data accountability – Your hotel is fully responsible for utilizing GDPR-compliant tools.

5. Data portability – Every customer needs to be allowed to ask for you to provide them with a readable format which will include all the personal data they have previously shared with your business.

6. Data minimization – Your website needs to gather only the minimum amount of an individual’s personal data needed to make arrangements.

How to make sure you are following the GDPR for US hotels

The first and the most important thing to do is to update your website’s “Terms and conditions” and “Privacy policy” sections in accordance with the rules included in the GDPR. It goes without saying that your website needs to be highly secured by using an SSL encryption.

In addition, you need to make sure that your website visitors will allow you to use cookies. Also, provide them with an ability to delete their personal data.

What is more, you need to make sure each one of your website visitors provide you with their consent to use their personal data.

To conclude, these are the most essential things you need to know about the GDPR and hospitality if you are a hotel owner in the US. Make sure you are following these rules, and you won’t have any legal problems whatsoever.

Book Your Demo Here

About the Author

Deepak Chauhan – VP (Cloud Solutions)

Deepak is responsible for marketing and positioning of "mycloud" platform and is a veteran in the hotel software industry with over 25 years' experience giving him a strong understanding of the product requirements in the industry. He has very rare mix of working in operations of various hotels and chains for over 10 years and then co-founding a software product and service company, servicing 5 star hotels and chains for 14 years.

Deepak has led the development and marketing of cloud based hospitality systems to meet the specific, business objectives of small and mid-size properties across the globe and has worked closely with a diverse group of hoteliers and hotel technology vendors.

About mycloud Hospitality

mycloud (award-winning hotel software) has been developed by Prologic First, an independent, private company with over a decade and half’s experience delivering end to end technology solutions to the hospitality industry across the UK, Asia, Africa and the Middle East. Prologic First’s “WISH” brand is used across 30 plus countries by over 1,600 clients representing the “who’s who” of the industry. Some of our most popular and most adopted solutions like “WISH”, “Touché” & Web Prol’IFIC. Our technological leaders and best in class solutions in the market place, offering some of the most advanced features to hospitality professionals.



Logos, product and company names mentioned are the property of their respective owners.