GDPR is in force since May 25, 2018. We are prepared with Nitesoft, regarding organization and our services.
Nitesoft and GDPR
Nitesoft is Data Processor and the hotel is Data Controller. This means that the hotel is responsible for which data is stored and how it is stored. Nitesoft is responsible for ensuring that data is handled securely and to provide features in Nitesoft so that its customers can handle customer data in Nitesoft according to GDPR.
For consultation requests and services related to GDPR, please contact Help & Support in Nitesoft or email to support@nitesoft.se.
Customer Data
Customer data in Nitesoft is related to a reservation that is a contract to provide a service to the customer. The contract is to be considered as a consent from the customer that the hotel may store personal data for purposes of completing the contract. The hotel can communicate with its customer and send offers but it should be easy for the customer to decline further communications. All other uses of customer data require the customer's specific consent.
At the customer's request, the hotel shall provide the personal data stored in Nitesoft.
Find the instruction on how to get all data for a customer here.
The hotel should also be able to show how personal data is used.
At the customer's request, the hotel must anonymize the customer data.
Nitesoft offers the opportunity to replace personal data (First Name, Last Name, Email, Phone, Mobile, Postal Code, Address, Address2), with text strings that can not be related to the person. Applies to individuals as well as several.
Submit requests for change to Nitesoft Support.
At the customer's request, the hotel will correct customer data.
The hotel is required to replace incorrect data (First Name, Last Name, Email, Phone, Mobile, Postal Code, Address, Address2). User can easily do it or submit request to Nitesoft Support.
Booking Conditions
In the booking terms, the hotel should state how personal data is protected and how it will be used by the hotel. For online bookings, the customer accepts the terms by ticking the checkbox already available today. For bookings via channels or hotel reservations desk there should be instructions and the opportunity to decline.
Submit request for change to Nitesoft Support.
Data Security
All communication with Nitesoft's database is over encrypted internet connection, HTTPS. With HTTPS, the server uses a certificate to confirm the site's identity, thus ensuring communication security.
Nitesoft database is saved for 90 days, i.e. an anonymized customer is identifiable on a backup for 90 days after anonymization. After 90 days the person's data can no longer be traced or identified.
If there is reason to suspect any form of data violation or intrusion against the hotel's data, Nitesoft will promptly notify the hotel, no later than 72 hours.