Chapter Three Consulting
  • Home
  • About us
    • About us
    • Team
    • Services
    • FAQs
    • ISO Certification
    • Testimonials
    • Our Partners
  • Services
    • Licensing
    • CCTV
    • ISO 9001
    • ISO 27001
    • GDPR
    • COMPLIANCE
    • Training Platform
    • Onboarding
  • Contact
  • PPL Insights ISO 27001 Case Study
  • OneFix ISO 9001 Case Study
  • Bright ISO 27001 Case Study
  • Helpdesq ISO 27001 Case Study
  • Brittain Marketing Case Study
  • Walton Heath Case Study
  • SimplyVAT Case Study
  • Cumberland Hotel Case Study
  • Clark Brownscombe Case Study
  • Helpdesq Case Study
Cumberland Hotel
 
Delivering paper-based and online GDPR Compliance

Executive Summary

The Cumberland with 72 bedrooms is one of Eastbourne’s premier hotels, commanding a pre-eminent position on the seafront, overlooking the promenade, the Bandstand, and the Channel. Surveyed guests' and independent reviews say that the Hotel’s location is their favourite part of Eastbourne and couples rate it as 9.0 for a two-person trip on Booking.com
 
The Challenge
The Cumberland, like any hotel, continually takes personal details and credit card details from guests online, over the telephone and at reception. So as soon as GDPR became a ‘hot topic’, Elizabeth Rickey, the Front of Desk Manager, quickly became aware of the implications and that she would need the right advice to ensure The Cumberland could be seen to be compliant.
 
Having engaged Chapter Three Consulting for other needs previously, it was an easy decision to make and Tana Jackson became The Cumberland’s GDPR consultant.
 
The Solution    
Tana audited and undertook a detailed needs analysis to fully understand all of the processes through which the Hotel conducts its business to identify areas of risk.
 
This revealed a number of activities which required attention. Firstly, that the Cumberland has a disproportionate number of mature guests who prefer to book traditionally by writing and receiving letters, so much of the communication was paper based. Tana also pointed out that the CCTV cameras (in capturing personal data) must be GDPR compliant too, providing the appropriate policy template to be tailored to reflect the requirement of the hotel.
 
Accordingly, data management planning, based upon GDPR data subject rights (e.g. opt-ins, opt-outs, subscribes and unsubscribes) and the definition of personal data was high on the list for policy definition and development.
 
The Results  
As part of ensuring that the Cumberland was GDPR compliant online and offline, Tana also proposed a ‘clear desk and locked draws – is it safe’ policy, where all personal information can be secured or destroyed, as per data protection regulation, at the end of every working shift.  
 
This, Elizabeth said, has been ‘a great policy’ creating other very real benefits. It has made staff far more mindful of keeping personal details safe and as a result it has encouraged everyone to be much more efficient in completing their work and putting things away.

Elizabeth Rickey, Front of House Manager

www.hotelcumberland.co.uk

Compliance Advisory Limited trading as Chapter Three Consulting
Podium House, 61 Chapel Road, Worthing, West Sussex BN11 1HR
Telephone 0330 004 0020
 Registered in England and Wales 17 Liverpool Road, Worthing, West Sussex BN11 1SU under registration 10006908 | VAT number 235914794 | ICO Registration ZA207739

Copyright 2017
PRIVACY POLICY    |    TERMS & CONDITIONS    |    COOKIE POLICY
Picture
Cert No. 11203
​ISO 9001   ISO 27001

  • Home
  • About us
    • About us
    • Team
    • Services
    • FAQs
    • ISO Certification
    • Testimonials
    • Our Partners
  • Services
    • Licensing
    • CCTV
    • ISO 9001
    • ISO 27001
    • GDPR
    • COMPLIANCE
    • Training Platform
    • Onboarding
  • Contact
  • PPL Insights ISO 27001 Case Study
  • OneFix ISO 9001 Case Study
  • Bright ISO 27001 Case Study
  • Helpdesq ISO 27001 Case Study
  • Brittain Marketing Case Study
  • Walton Heath Case Study
  • SimplyVAT Case Study
  • Cumberland Hotel Case Study
  • Clark Brownscombe Case Study
  • Helpdesq Case Study