GDPR Guidance for the Hospitality industry

GDPR pubs restaurants cafes recording

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

On the 23rd June 2020 the UK government announced that from the 4th July, restaurants, bars, cafes, etc. can open provided they open in a COVID-secure way. Part of the guidance (s2.1) for this included the requirement that venues keep a contact record for customers and visitors in case it is need by the NHS Test & Trace programme:

The opening up of the economy following the COVID-19 outbreak is being supported by NHS Test and Trace. You should assist this service by keeping a temporary record of your customers and visitors for 21 days, in a way that is manageable for your business, and assist NHS Test and Trace with requests for that data if needed. This could help contain clusters or outbreaks.

Many businesses that take bookings already have systems for recording their customers and visitors – including restaurants, hotels, and hair salons. If you do not already do this, you should do so to help fight the virus. We will work with industry and relevant bodies to design this system in line with data protection legislation, and set out details shortly.

Given that the government are yet to set out what this looks like in practice, particularly around data protection and privacy concerns, I ran a free GDPR webinar on Monday 29th June to help those in the hospitality sector who don’t currently have booking systems and therefore are unlikely to maintain records of customers. My aim was to provide an overview of GDPR and how it will apply to the recording of customer contacts.

You can check out a recording of the session below, or here on YouTube and download a copy of the slide pack here.

More To Explore

Eat. Sleep. GDPR. Repeat.

We live and breathe GDPR and ePrivacy compliance, so you don’t have too. Our GDPR UNLIMITED helpline is all about offering you help and support, whenever you need it most. As well as the unlimited helpline, you get up to 4 hours “hands-on” help each month, which we can configure to help you in anyway you need such as a GDPR review, or acting as your DPO.

As well as the unlimited helpline and hands-on help you get GDPR and privacy updates, access to our GDPR knowledge centre and webinars.

Unlimited email & phone support

Unlimited email and phone support. Email or organise a voice call as often as you need each month.​

Up to 4 hours "hands-on" help per month

We use these "hands-on" hours to do the GDPR work for you, such as reviews, acting as your DPO, checking DPIA, dealing with breaches, training your staff, etc. (Additional hours: £100+VAT per hour)

Online resources

Our Knowledge Centre gives you access to information, guidance, topic related guides and other tools to support your GDPR and PECR compliance

Updates, alerts & briefings

We provide updates and alerts and a monthly compliance briefing. You can either sign into the Knowledge Centre or sign up via email to receive an email every time we add a new update or alert

DPO services

Whether mandated or not we can act as your Data Protection Officer (DPO) and manage your day to day compliance

Webinars, workshops & training

Whether updates on the latest issue, workshops or team training, it's all included in your monthly retainer.

LIKE WHAT YOU'RE READING? join our email list

Sign up for monthly briefings and the occasional emails about our webinars and services

Want to know more about how we use your data? Check out our privacy policy