11

Regulatory Information

Last Update 3 days ago

What is a Digital Certificate? Where to find your platforms iCal feeds Ministry of the Interior, Royal Decree 933/2021, of October 26. Emails to Guests and Owner/Managers SES Hospedajes Data Submission

Data Processing & Protection

Detailed information about regulations

Admin 1

Last Update a month ago

 

GDPR EU & UK

GuestAdmin, is an online application designed and built from the ground upwards, specifically to securely capture data from advanced secure guest registration (online check-in) forms and from data transmissions from its 3rd party platform partners’ systems via the GuestAdmin API systems. 


We guarantee 100% GDPR compliance by ensuring responsible and highly secure data processing, incorporating the principles of other government jurisdiction regulations (EU) 2016/679, by processing and storing all data securely.

 
https://gdpr-info.eu/
 

GuestAdmin is owned, designed, built and operated by Hub Connect Limited in the UK, and it is therefore registered at the Information Commissers Office https://ico.org.uk/

 

Privacy

GuestAdmin states it respects the fundamental right to data protection, emphasizing the preservation of customer data confidentiality.
 

Compliance

/

 

Data Processing

/

 

Data Storage

All data is stored on encrypted data storage volumes in the following Digital Ocean data centre locations:

  • EU data is located in Frankfurt, Germany. 
  • UK data is located in London, United Kingdom.

We are obliged to hold the data of our clients (owners, property managers, platforms and 3rd party partners) for a period of no less than 3 years, all associated data to those clients, are also held for the same period of time, even if the client unsubscribes from our services in a short period of time. We keep it for a reasonable period to address potential requests and responsibilities.
 

Data Security

GuestAdmin operates ongoing risk analysis and evaluations of impact to both our clients and their guests, in order to protect user information from unauthorised access, manipulation, theft or even deletion.

 

Should you be a corporate user or an integrated platform connecting to our systems, then you would have already been provided with our System Security Statement after an NDA has been signed. 


For security reasons this information is not published publicly.

 

Data Transfer

No data is ever transferred to any other entities or third parties without the user's express consent, except in legally required and permitted cases across the EU.
 

In the UK this falls under the Regulation of Investigatory Powers Act 2000 (RIPA) for which Hub Connect Limited and its Information Assurance office is registered with the UK Home Office

https://www.gov.uk/government/publications/regulation-of-investigatory-powers-act-2000-ripa/regulation-of-investigatory-powers-act-2000-ripa

 

Data Minimisation

The only data collected and stored is what is necessary for the specific purpose of knowing who is staying where, and for what period of time and communicating with various official authorities.
 

Data Rights

GuestAdmin’s clients and their guest users have rights of access, rectification, deletion, limitation of processing, data portability, and opposition.

However, these rights can be amended or overridden by the individual jurisdiction government regulations in certain circumstances please see (Article 17, Section 3, Part B) which applies for authority reporting of guest data as required by various legal regulations.

 

Submission to Reporting Authorities

GuestAdmin automatically sends & updates both basic booking data and guest travellers reports to authorities, integrating with various government systems including local and national police force systems in different regions within multiple countries.

 

Legalities

GuestAdmin is designed to comply with all applicable data privacy laws and regulations on behalf of its clients and their guests, as well as itself as the data processor on their behalf.

 

Data Visibility

Guest data is being collected and is accessible to the GuestAdmin host (owner/property manager) clients, however there is no ability for them to download any of the complete guest data, except via a legally required “Guest Book” in a particular and differing legal formats for different government jurisdictions, and even then it is only partial data.
 

Data Retention

Information is stored for the time necessary for processing, for a minimum of 3 years, as per most international tourism regulations.

 

No Automated Decision Making

Whilst GuestAdmin is primarily an automated data collection, processing and authority submission service, and it does use AI in the initial set up and configuration process, we do NOT use AI or any automated methods within the systems to make decisions based on the data we collect and process on behalf of our users and their clients.

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us