Learn More About How Potencia Tu Hotel is GDPR Compliant
May 25th this year, the new General Data Protection Regulation (GDPR) will be in effect.
The GDPR is an EU regulation that will focus on strengthening and unifying the data protection laws for everyone who lives in the EU. In PotenciaTuHotel data protection has always been one of our top concerns and thus welcomes the regulation.
Before we continue, here are a few definitions you need to know when reading ahead and to understand GDPR
This is us, PotenciaTuHotel, we process the data for you the controller
This is you, the PotenciaTuHotel user, who controls the data for the data subject
The visitor on your website who data is gathered about
During the next months, you will see various changes or additions to both our Terms and agreement and to our products. You will also have to take some actions. You will find everything you need below.
Delete all data:
All your data, including analytics data will be completely deleted on your request.
Just contact our customer success team and tell us you want all data deleted, and we will do so (Note it make take a few days to be in effect)
Also note that this of course also will happen in the horrible event of you ending your PotenciaTuHotel subscription. (We will store the data for an additional 3 months, in the event you want to resubscribe)
What Should You Do?
Sign a Data Processing Agreement
If you are in the European Union you want to sign a DPA with PotenciaTuHotel. The DPA will reflect our agreement that will govern the processing of personal data.
In other words, it’s an agreement that we, PotenciaTuHotel, can process personal data on your behalf, and what that ensues.
The DPA is an addition or amendment to the Terms and Agreement.
The DPA can for many people be hard to understand (it’s written by lawyers) so we have tried to translate it to a more humanly readable language, on this page.
Update your own Terms and Agreement
To be compliant with the GDPR, your terms and agreement must reflect that you are collecting personal data.
You can also decide here to inform what data you are collecting with PotenciaTuHotel (or other similar tools)
Determining a legal reason for collecting data
A big part of the GDPR is to make sure you have a legal basis for collecting personal data.
There are 6 legal reasons, but we recommend using either the first or the last.
The first is consent. Consent means that the visitor is agreeing to you collecting the data, that means that all PotenciaTuHotel toolsshould have a checkbox where the visitor can agree to you collecting and storing the data.
Remember to inform that you are using PotenciaTuHotel and your Email Marketing Service as the data processor.
For analytics data, you can decide to either user consent or legitimate reasons
If you decide to use consent, all visitors on your site must be informed and agree to you gathering data, (just like a cookie bar)
If you decide to use legitimate reasons, you have to inform in your terms and agreement that you are gathering the analytics data, and what you are using it for.
These reasons could be:
– To better the experience of visiting your site.
– To personalize the experience of website or newsletter.
– To track how you website performs.