skip to main content
Site banner


Blog - Data Protection

Fiona Rollings, October 2019

This week is a bit of a showoff week for me although it is also a grump about some rules and regulations that have come in over the last couple of years.

We (because the gift was directed more at my husband than I!) received in the mail this week a bottle of chardonnay from Germany from an Austrian winemaker. Our guests from last season had such a lovely time they sent us the bottle as a thank you gift when they returned home!

Luckily, they also sent us their contact details because thanks to GDPR and privacy rules I no longer keep the names and email or postal addresses of our guests.

I recently attended a conference which had a session on privacy rules including GDPR and our Association website also contains information about this. Tony Krzyzewski was speaking (a local from Bridge Pa, Hawkes Bay) and he is one of eight Global Cyber Alliance Ambassadors nominated from around the world.

The basic rules are that if you collect any personal information - the way you collect it, store it and use it, are covered by data protection rights under law either here or overseas. For those who wish to steal identities it is the combination of information bites that are most valuable, ie. name and address, plus email address, plus phone – the more bites of personal information collected the more valuable the information becomes to the black market and the more it is critical to protect it.

As we collect data and information about our guests it is critical to protect it and there are penalties if we don’t, particularly for European guests. As B&B owners we are only allowed to keep information as long as it is related to our businesses, ie. before the guest arrives we can store their personal information. Once they have left we need to ensure we have good reason or a business reason to keep that information. Storing guests personal information in case they send us a thank you gift isn’t a good enough reason to keep their details; storing their information because they have opted in to receiving our newsletters is.

There were a couple of other interesting things he said:

  • Online programmes such as Google, Mailchimp, etc. are usually safe as they spent large amounts of money protecting their systems;
  • Never ever use the same user ID and password combination. We all know this but how do we remember our passwords?;
  • Save all your passwords in a little handwritten notebook(!!) that is hidden in your house somewhere. These days you are at greater risk from people hacking your computer (or phone) than breaking in and if all your passwords are saved on your computer, and it is hacked you are at even greater risk.
  • Make sure someone (eg. your partner) knows where your passwords are saved just in case something happens;

The most important piece of advice, however, was make sure your phone, tablet and computer are password protected to prevent anyone from opening them. Apparently, there are a large number of people who do not even have swipe access activated on their phone.

There is further information about GDPR on our website – simply login to our website ( and search on GDPR.

While you’re doing that I shall be enjoying a lovely (hopefully) chardonnay!

Nga Mihi

Fiona Rollings

+ Text Size -
Original generation time 1.3474 seconds. Cache Loaded in: 0.0398 seconds.