All functions that enable you to meet the requirements of the GDPR when working with protel Air are integrated into protel Air as standard.
protel Air is hosted in an Amazon data center, one of the most secure hosting providers worldwide. Which data center is used for your hotel depends on your geographical location. If you do not know your hosting location, your protel partner will be happy to help you.
This guide describes the functions that have been developed to enable you as a customer to work in compliance with the GDPR requirements in protel Air. The decision on the use and implementation of these functions is the responsibility of each individual hotel. This guide contains recommendations for meeting the requirements in protel Air. In addition, your protel support or your local protel partner is available to answer any questions you may have.
We strongly recommend reviewing the entire IT environment in your business when it comes to introducing or reviewing GDPR-related processes. Please note that it is not only your hotel software that manages personal data!
The implementation of the GDPR in protel Air essentially involves the following tasks:
What are data retention periods?
The GDPR requires a storage period for personal data. In your role as the controller within the meaning of the GDPR, you must always be able to inform your guest about which data you store and for how long. If this data is stored for longer than legally required, you must obtain the guest's consent.
Three data retention periods are used in protel Air so that each hotel can decide individually how many days the data should be stored for. After the defined retention periods have expired, the relevant guest files are anonymized.
Task (if you are activating the privacy settings in protel Air for the first time)
As soon as anonymization is activated in the system, each guest profile is assigned a standard data retention period. Because all guest profiles must be handled in accordance with GDPR - even if you have not had the opportunity to obtain corresponding data retention periods - protel recommends setting Minimum as the default. You can find out how to set the standard data retention period in the section " Activate data protection settings | Step 1: Initialize profile anonymization type ". This setting is set once at the beginning of the setup and can later be individually changed at the guest profile level.
In protel Air, guest data whose retention period has expired is not completely deleted but anonymized. This ensures that data can be evaluated in reports and statistics in compliance with data protection principles.
During anonymization, personal data is no longer linked to a person. As a result, an anonymized guest profile can no longer be linked to an individual guest. During anonymization, protel Air removes all fields from the guest data that are considered personally identifiable data. The last name is replaced with an "x" except for the last two characters. For example, Thomas Müller becomes "xxxxer". The rest of the fields are deleted.
Exception rules
Profile anonymization will not take place on the earliest anonymization date if the processing of the data is still necessary for the performance of a contract, i.e. specifically if one of the following circumstances applies:
The implementation of the GDPR requirements in protel Air is activated in the data protection settings (menu MASTER DATA ⇾ Guest profile ⇾ Data protection ). Activation takes place in two steps:
Once you have completed this step, all guest profiles will receive the selected anonymization type and thus the selected data retention period. From this point on, the default anonymization type will also be assigned to all new guest profiles that are created.
You will then see the view in the Privacy Settings tab change – see the following image.
As soon as you are ready to enter the data retention periods that apply to you, go back to the menu Master data – Guest file – Data protection.
First enter the minimum and maximum duration for the data retention periods.
As a reminder:
Minimum duration refers to the number of days the hotel is legally obliged to store data from guest files. The smallest adjustable value is 30 days.
Maximum duration refers to the number of days the hotel would like to store the information from the guest files. This setting requires additional consent, i.e. the hotel must ask the guest for their consent to keep their personal data for longer than required by law. The smallest adjustable value is 30 days.
The minimum adjustable time for both values is 30 days. The maximum duration should be longer than the minimum duration. Enter the values here that apply to your business and the legal requirements (see GDPR | Data retention periods >>> ).
Default anonymization type for new profiles : Decide which default data retention period you want to use in the future. If you change the type, this will only affect newly created guest profiles. Any changes will only take effect if anonymization is enabled.
Please read the consent form carefully and check the box.
Finally, click Save .
To fully apply the privacy settings, you must activate the anonymization process.
Subsequently, all guest files that are eligible for anonymization will be anonymized during the next daily closing.
After initializing the data protection settings (see GDPR | Activate data protection settings ), new GDPR-specific fields are available in the protel Air guest profiles.
You can find this in the guest file if you click on the data protection icon – see the following figure.
The date fields display the last activity for the profile and the calculated anonymization date.
Fig.: Guest file ⇾ Data protection
The Last Activity field is determined by protel Air and cannot be changed. The date is taken from the action log of the guest profile.
If a profile was imported from a third-party PMS, the Last Activity field is set to the import date.
What counts as activity?
The earliest anonymization date is calculated automatically and cannot be edited either. It is calculated as follows: date of the last activity plus the number of days specified by the setting in the Data retention field.
An example: A guest profile has the Minimum (365 days) setting in the data retention field. The last activity was when the guest checked out and paid their bill (October 4, 2021). The earliest anonymization date is therefore October 4, 2021 + 365 days = October 4, 2022.
If you have activated the GDPR data protection settings in your system (see GDPR | Activate data protection settings ), all guest files that are due to be anonymized will be displayed during the end of day process.
Click on the magnifying glass icon to display a list of the guests in question.
After initializing the data protection settings (see GDPR | Activate data protection settings ), new GDPR-specific fields are available in the protel Air guest profiles.
You can find this in the guest file if you click on the data protection icon – see the following figure.
The Data Retention field shows the set data retention period. The value can be changed if the guest requests it and you have the guest's consent, if necessary.
Example : A guest gives their consent to keep their data for longer than legally required. In this case, you can set the selection in the Data retention field to the Maximum setting . If the guest withdraws their original consent, you must change the selection in the Data retention field back to the Minimum setting .
The option to keep guest profile is made available to hotels that are based outside the scope of the GDPR but want to use parts of the GDPR functionalities (for example, when guests from EU countries stay at the accommodation). It can also be used by hotels that do not want to set a defined end date for storing profile data.
If you cannot edit the data retention selection , your user does not have permission to do so.
You will also see the date of the last activity and the earliest date the guest's data will be anonymized. As soon as the anonymization process has been activated, a date will be displayed here (unless the "Keep guest profile" entry is selected). This data is useful if a guest, for example, requests information about their consent level or wants to exercise their right to delete their data.
You can find out how the date of the last activity is determined and the anonymization date is calculated here: GDPR | How is the anonymization date calculated ?
protel Air allows you to export all personal data stored about a guest in a user-friendly format. This allows you to quickly and easily comply with a guest's request for a copy of their data - for example, to see what data is stored about them in the hotel software. To output the report, select the file format in which the report should be generated and click on EXPORT GUEST DATA.
In addition to the fields that you can access via the data protection icon in the guest profile, there are additional fields in the Marketing area .
Using the two fields, you can query or enter the required consents according to GDPR for the following points:
Marketing allowed refers to permission to use the guest's data for marketing purposes. In most cases, hotels in the EU have already obtained such consent. However, remember that GDPR requires this option to be unchecked by default - you must actively obtain consent.
Data sharing allowed refers to the permission to share the guest's data with third parties that are part of the hotel's IT landscape. Please note that you must disclose to the guest which other systems his data is shared with.
The names for these two fields come from protel. However, we leave it up to the hotel to define how the required consents are communicated to the guest. Usually, the third-party providers to whom the guest's data is passed on and the purpose of the data processing are named here.
Include the permission request in all relevant guest touchpoints, such as the registration form. All employees must be trained to update the data retention, marketing permitted and data sharing permitted fields according to the guests' information. The registration form is an ideal source of information here.
These functions are also available in the protel Web Booking Engine (WBE) and in protel Voyager. There, the fields are already offered to the guest when booking (WBE) or checking in (Voyager), and the information then automatically appears in the guest profile of the reservation.
If you would like to know which guest records are next in line for anonymization under the GDPR, you can access the GDPR Anonymization Check report .
In protel Air, open the menu Reports & Lists ⇾ Reports .
You can find the report in the Front Office category - see the following figure:
You can get it even faster by entering the report name in the search field above:
Enter a date in the Evaluation period field . By default, the date is preset to the TA date.
Evaluation period (selection) | Data |
---|---|
TA date ('today') | The report shows all guest files, which are anonymized when the next daily closing is carried out. |
Another date in the future | The report lists all guest records that are anonymized up to the selected date. |
Click PRINT in the top right corner to generate the report for the selected date.