How to Prepare Your Hotel for CCPA

The California Consumer Privacy Act goes into effect on January 1st, 2020. If your hotel hosts any guests that are residents of California, there is a great chance that this will impact your business and you need to ensure you’re in compliance. Furthermore, numerous other states have similar privacy laws on the docket and could be coming soon. You need to be preparing now.

What is CCPA?

CCPA stands for California Consumer Privacy Act and is California’s privacy law aimed at protecting California residents’ against “their data being collected and sold without their knowledge”. Many are calling it “GDPR” lite, so if you were one of the hotels that took action to become compliant for GDPR, this will be a similar process but it is important to note that California’s version does come with a different set of rules and regulations. For a longer answer, we encourage you to read this article from Fortune and the most recent addendums made on October 13th here.

You might be saying to yourself “My hotel isn’t located in California so I probably don’t have to worry.” Well, you could be wrong. California’s CCPA regulations apply anywhere a California resident does business. That means if a California resident books your hotel online or stays at your hotel, you could be held to these regulations.

How do I know if my hotel is impacted by CCPA?

CCPA law applies to any business that does business with residents in California and matches the one of the following criteria:

California represents 12% of the US population so there is a great chance this will impact your hotel now or sometime in the future.

What does CCPA guarantee to consumers?

CCPA offers consumers protection against how their data is collected and sold and guarantees:

What is considered “personal info/data” under CCPA?

It can include traditional data points such as birthdate, SSN, email, address along with non-traditional such as geolocation, IP address, consumer behavior, browse and search history, preferences and open/click behavior.

What role does GCommerce play within CCPA for my hotel?

You should work with the appropriate people at your property and your legal team to understand and evaluate your exposure, including working to understand any vendors you are currently using that capture consumer data. For example this would include your PMS, CRS and CRM providers.  

Under CCPA, GCommerce is considered a “service provider” working on your behalf. It is recommended that your business have all service providers sign a data protection agreement stipulating the nature of the data use and specifying that we only use data to perform contracted services.

How can my hotel prepare for CCPA?

Here are several key steps we believe are important to consider to prepare your hotel’s digital marketing for the implementation of CCPA on January 1st, 2020:  

Please note any statements found within this article is not to be treated as legal advice. You should contact your lawyer for legal advice surrounding your privacy policy and CCPA compliance.

Additional Resources: