The importance of signing
From the 25th of May 2018, The European Union General Data Protection Regulation (GDPR) became into effect. The new GDPR legislation was created to provide more security and transparency around personal data. GDPR is applicable to any organization or business collecting data on EU citizens. This means that your hotel is subject to this regulation.
Every single vendor who receives personal data from a hotel must share a Data Processing Agreement (DPA). Since ManCloud helps you process guest information we are legally required to sign a DPA with our clients. This agreement describes how ManCloud processes guest information. ManCloud is a blind processor of your data, which means that ManCloud itself doesn’t process or changes data.
You received the Data Processing Agreement through DocuSign and you have to sign this. Signing the DPA is legally required for both parties. Once we received the signed DPA you are in conformity with the GDPR with regard to your vendor ManCloud.
Which changes are made by ManCloud to meet the requirments of GDPR?
The General Data Policy Regulation has a limited impact on the usage of your PMS as ManCloud is a blind processor of your data. The guest information stored by ManCloud doesn’t contain sensitive data. ManCloud only holds personal contact information of the guest for administration purposes. The immediate discard of guest information is therefore not necessary.
The guest will have the right to ask for a copy of all their data. The GDPR requires these requests be answered within one month. Therefore users with a management login will be able to export the contact details from within the address book. Management will be able to export a document with the personal information of the guest stored in ManCloud. We advise you to verify the identity of the guest who requests this information before you provide any personal data.
We advise you to provide a privacy statement in which you describe how you process personal information. You can provide this statement on your website. Make sure that the information shown is always up to date, complete and straight forward.
Emails sent from within ManCloud to the guest, containing practical information about the booking (for example: a confirmation email) are in conformity with GDPR. Contrary to commercial emails sent by the hotel which are affected by the GPDR.
Here you will find more information about the impact of GDPR on the daily operation of your hotel
Furthermore we apply the most modern security standards. Your platform is hosted on European servers who are in conformity with GDPR. ManCloud retains the right to consult the data on your platform for supportive purposes. ManCloud guarentees definite confidentiality with regards to every available data of the licensee.
General information on GDPR is available here.
Feel free to contact us in case of any further quetions.