Interview: Concilio Labs CEO Terri Miller Talks About the Impact of GDPR on Hotels and Their Guests
March 15, 2018 11:45am
Recognized as an industry expert on hospitality technology, eCommerce, and business intelligence, Terri Miller, CEO and co-founder of Concilio Labs, discusses the impending European General Data Protection Regulation (GPDR) and what that means for hoteliers.
Why has GDPR become such a top-of-mind issue for the hospitality industry?
The May 2018 deadline for GDPR implementation will significantly change the way hoteliers handle guest data. Having guest’s personal data stored in the cloud has become a necessity for today’s hotelier.
Until now, fines for breach of data protection regulations were limited and enforcement actions infrequent. GDPR, on the other hand, promotes the risk of costly penalties in the event of incompliance and data breaches.
Even though GDPR applies specifically to EU countries only, in today’s global society, it is likely that most hotels touch EU citizens in some form or fashion – and so they must comply with regulations. GDPR is also seen as a “first move” towards greater information transparency and security overall, and thus many savvy hoteliers, even those outside of the EU, are using the new regulations as a way to get their marketing, data management, and privacy programs into shape.
How do you see the GDPR affecting hotel companies’ strategies and habits over time?
Fundamentally, GDPR requires hotels to be transparent about what data they collect as well as to take responsibility for what they—and their partners— do with that data. Many industries, including hospitality, are struggling when it comes to winning and keeping their customers’ trust. GDPR is about bringing consumers into the data ecosystem by allowing them to see, access and consent to the data that companies have and utilize.
How do you see the GDPR affecting guest expectations and behaviors?
The processing of personal data should be designed to serve the guest. If hotels don’t honor that principle, guests will become distrustful and certainly less loyal. They may even begin to lie when asked for non-essential information. They may also shame brands that don’t follow the GDPR standards of transparency and choice.
We need to make guests feel as if a data exchange is beneficial – better data for better guest experiences – vs. data used simply for the purposes of mass-distributed marketing.
In the short term, hotels can look to GDPR as an opportunity. Among many regulations, GDPR requires hotels to ask customers to “opt in” to marketing communications. By playing their cards correctly, hotels can use their opt-in as a chance to re-engage with guests and educate them on the benefits of data sharing to improve the guest journey.
I believe that most guests will be happy to grant access to their data if their needs are being met.
The GDPR introduces the concept of profiling. How will that impact hotel marketing and personalized guest service practices?
The GDPR describes profiling as any form of automated processing of personal data, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
For hoteliers, the ability to leverage guest profiling is essential when it comes to personalized, relevant marketing and services. Not only can profiling deliver benefits to the hotel— it can also deliver benefits to guests by tailoring services and offers to align with their preferences, interests and guest history. Hoteliers will need to ensure that all profiling has met the core GDPR requirements including data permission, data access, and data focus – and honor any requests or objections from guests.
For some hoteliers, it will require very little change. For others, it will require a whole new set of data management systems and processes.
What do hoteliers need to do next when it comes to GDPR?
To start, hoteliers must prioritize based on their resources, locations, guest expectations and risk profile. I think the most critical first phase is to audit the data they already have and develop an efficient and robust record-keeping system to prove compliance. The next step is to do a privacy impact assessment of all sources to determine when it seems data could be put at risk and respond quickly to mitigate it.
GDPR offers a unique opportunity to develop completely new ways of working that are based on the key principles of trust and transparency. Ultimately, in the long run, data protection and privacy will become more of a brand differentiator, so those who do the right thing will win.
Concilio Labs is working with clients to ensure their data gathering and storage protocol for its Insight Engine product remains compliant with GDPR regulations.
Tags: terri miller,
general data protection regulation,
As CEO of Concilio Labs, Terri is responsible for driving the strategic and tactical growth of the company, while ensuring innovation is at the forefront when delivering solutions hoteliers truly need. Her wealth of experience in business, management, and technology guides all facets of the company’s success. Prior to Concilio Labs, Terri was the Vice President of MICROS eCommerce leading the creative, delivery, and technical departments. With a passion for delivering results, Terri continues to grow Concilio Labs with a focus on becoming the leader in developing and delivering smart hotel products and services.
To learn more about Concilio Lab’s Insight Engine and how it can transform your guest personalization, visit conciliolabs.com.
Luxury Resorts Appreciate Guest Privacy Enhancements Included in Version Update for Springer-Miller’s SMS|Host PMS
SpaSoft Integrates New Security Enhancements to Latest Release
3 Key Themes to Watch at HITEC 2018
Beekeeper Achieves ISO Certification to Protect Hotels' Data
Concilio Labs and The Rainmaker Group Announce New Technology Partnership
Clairvoyix Client Databases GDPR Ready Before Deadline
GDPR: What You Need to Know About the EU's New Data Privacy Rules
Hotel CRMs Are Ready for Innovation
GDPR: Why Hoteliers Should Take the new EU Regulations Very Seriously
How to Deliver Personalized Guest Experiences in the Age of GDPR and Data Privacy Concerns
Now Available for Download: HEBS Digital’s GDPR Whitepaper
Texting Guests Is About to Be a HUGE Legal Liability That Can Cost a Hotel 4% of Its Annual Revenue
Hotels Have a Growing Guest Loyalty Problem … and They May Not Even Know It
Top Concerns Hotels Need to Know About the GDPR and How to Prepare Your Action Plan
Using Predictive Guest Intelligence to Drive Guest Retention and Revenue
GDPR in the EU and UK: AETHOS' 3 Steps for Complying with Employer Responsibilities
Why A Mobile App May Be Key to Designing a Better Guest Experience
Agilysys Participates in HTNG Whitepaper on GDPR
ALICE Shares Everything They Learned About GDPR Compliance
HTNG Delivers GDPR for Hospitality White Paper
Please login or register to post a comment.