On May 25, 2018, the General Data Protection Regulation (GDPR) governing all European Union member countries came into effect. These new data privacy laws apply not just to businesses within the EU, but to any companies that process or handle private data of EU residents, regardless of the business location.

Steps DigitalHotelier has taken to become GDPR compliant:

  • Changed systems, contracts, privacy policies and processes to comply with GDPR
  • Trained employees on details and obligations of the regulations
  • Built communication channels to inform clients of all GDPR updates and recommendations
  • Rewrote our data protection agreement and privacy policies to comply with GDPR

For additional information, please read our privacy policy here or contact us at for more information.

GDPR Customer FAQ

Does my hotel need to be GDPR compliant?

Under GDPR, hotels that collect and manage private data (including, but not limited to, names, email addresses, credit card numbers, and IP addresses) from EU-based guests are defined as “Data Controllers”and subject to these regulations. Depending on the services you take from us, DigitalHotelier may be defined as a “Data Processor”. 

What steps should I take to become GDPR compliant?

We recommend that all hotels consider the following actions as part of their data protection efforts. Please note that the list is not exhaustive and that DigitalHotelier cannot provide any legal advice on what specific actions are required of your hotel or organization to become GDPR compliant.

  • Consult with your legal advisor to determine the extent of applicability of GDPR to your business. Larger organizations may require the appointment of a data protection officer to oversee compliance regulations.
  • Review and update your privacy policy with your legal advisor to be GDPR compliant. As the data controller, hotels are required to inform all website users of the data processing activities taking place on the hotel website and booking engine, regardless of who has built your website or the company which designed, built or manages your booking engine. Please ensure that your privacy policy communicates how you are using DigitalHotelier and any other similar services as a data processor and for what purposes the processing takes place.
  • If you are a DigitalHotelier customer, there may be GDPR or data processing clauses within your agreement, spending on which services you have taken. Please review and agree to any data processing clauses and consult your legal representative if necessary. Where applicable, these clauses may name Digital Hotelier, WHM Global Ltd, or other companies involved in the delivery of your contracted services, as a data processor and these clauses are required for GDPR compliance.
  • If you are using DigitalHotelier products or services, please ensure that you are compliant with any applicable GDPR stipulations and contact your account representative if you require any information to ensure that you comply with any relevant regulations and any future changes to these rules.

The European Union provides a complete guide to GDPR compliance at:

WHM Global Ltd t/a DigitalHotelier is not responsible for the content or compliance of third party websites and apps nor the services provided by them.

Download GDPR addendum

Need help growing your hotel revenue?

We’d love to talk to you about it!

Get In Touch