Embedded Files
GDPR is a set of rules that protect people’s personal data – like names, phone numbers, email addresses, credit card details, or booking info. GDPR helps us handle this information the right way.
Everyone at Strawberry handle personal data in some way – a little or a lot. That’s why it’s important that we all know the basics.
Table of Contents
General Information
General Information
Why is it important?
Why is it important?
Protecting personal data isn’t just about avoiding fines - it builds trust with guests, members, and colleagues.
What is personal data?
What is personal data?
Any information that identifies a person, like:
Name, email, phone number
Booking & payment details
Photos, video footage, IP address
Health or biometric data
Sensitive Data
Sensitive Data
Some data needs extra protection, like:
Race, religion
Health records
Biometric data
Always follow security rules when handling sensitive data.
Guest Rights (GDPR Rules)
Guest Rights (GDPR Rules)
Guests can:
Ask how we use their data
Request a copy of their data
Correct mistakes in their data
Ask for their data to be deleted
For most requests, refer them to our website or privacy@strawberry.no.
What is a Data Breach?
What is a Data Breach?
A data breach happens when personal info is lost, stolen, or sent to the wrong person. Examples:
Lost laptop with guest details
Email sent to the wrong person
Cyber-attack stealing credit card info
Report any breach ASAP to your manager and SOS!
You can see the GDPR video in Motimate here.
Front Office, Reservation og Conference
Front Office, Reservation og Conference
To remember
To remember
When someone calls to ask if a guest is staying at the hotel — never confirm or share. Even confirming someone’s stay is considered personal data.
If a guest asks for an invoice, but someone else made the booking — only share it with the original booker or someone they’ve authorized.
If someone asks for a list of conference guests — don’t share it. Instead, refer them to their company contact person.
When sending info to multiple guests — use BCC, not CC. Never expose guest e-mail addresses to others. If a guest copies colleagues on an e-mail, don’t reply-all using CC. Use BCC or reply only to the sender, and let them know.
Sent personal data to the wrong recipient? Or left guest info visible in public areas? → Report it to your manager and SOS immediately. This counts as a data breach.
💡 Tips:
Always double-check before sharing data.
Keep documents and screens out of sight.
When unsure — ask, don’t risk.
Mews
Mews
You should not be afraid to write information in the free text field in Mews. This can be important information to ensure a good and safe environment for employees and guests. But remember that you have to write so that the guest will be able to read it afterwards. Therefore, be careful about how you formulate what you write.
Writing Guest Incident Details: Stick to the Facts!
When writing details of a guest; avoid assumptions or judgments about a guest's behavior. Focus on clear, accurate, fact-based notes to maintain good records and comply with data protection rules.
Key Guidelines:
Key Guidelines:
Stick to Facts, Not Opinions: Describe what happened without guessing or assuming.
Instead of: "The guest seemed suspicious."
Write: "The guest attempted to access an off-limits area."
Examples of Clear, Fact-Based Notes:
Examples of Clear, Fact-Based Notes:
"Drug paraphernalia found in the room."
"Guest expressed dissatisfaction with the room."
"Guest appeared intoxicated and spoke aggressively."
Accurate notes protect both the hotel and our guests.
Sensitive notes should be deleted when they’re no longer needed.
However, keep them if:
The guest hasn’t paid their bill.
There’s an ongoing investigation.
Other reasons that require the information to be kept.
Important:
Only mark information as "do not delete" if one of these reasons applies. Otherwise, sensitive details should be removed once they are no longer necessary.
See motimate here.
Page updated
Report abuse