Category: Administration

Does Your Pub Need Social Media?

On April 16th the pub chain, JD Wetherspoon, announced that it would be quitting social media with immediate effect.  The company, which has 900 pubs, will no longer use Twitter, Facebook or Instagram to communicate with followers. Instead it will provide information through its website and a free company magazine. A Tweet from the chain stated that:

‘In a world of Social Media J D Wetherspoon has decided to close down all Facebook, Twitter, Instagram and other Social Media accounts for individual pubs and head office’

The reasons given by the company included bad publicity surrounding social media, and concerns about the misuse of personal data. The Chairman, Tim Martin, also believes that ‘pub managers were being side-tracked from the real job of serving customers’.  These managers were consulted prior to the decision and ’90-95% felt using social media was not helping the business’.

Mr Martin doesn’t believe that closing the social media accounts will have any effect on the business, and he may be right. Prior to deleting these accounts, J D Wetherspoon had 44,000 Twitter followers, 100,000 Facebook followers and 6,000 Instagram followers. Certainly more than I’ll ever have, but not a huge number for a company of that size.  Some observers noted that much of the activity on social media was actually devoted to dealing with customer complaints.  There has also been a suggestion that this is just a publicity stunt, something that Mr Martin has vigorously denied.

So, has J D Wetherspoon made the right decision? Is it better for pub managers to come offline and focus on other aspects of their job?  I believe that, for most hospitality businesses, social media is an important part of your marketing strategy. Here are six reasons why:

1.  You can see what people are saying about your venue

What are you doing well? What needs to be improved? It’s also important to monitor your pages for inappropriate posts.  If Johnny has tagged himself at your venue downing sixteen shots for his 16th birthday, this is something you need to be aware of.

2.      You can showcase your venue

Let your customers know that you have a brand new menu, that your amazing staff have been doing some cocktail training, or that your function room has been refurbished. Social media is a quick and easy way to get your venue in front of people.

3.      You can see what your competition are doing

What sort of promotions are they running? What events do they have coming up? What do they do well, and what can you do better? It’s not all about competing though, you may find opportunities for collaboration, such as putting on a local beer festival.

4.      You have an opportunity to quickly rectify complaints

Receiving complaints on social media means that they can be seen by potential customers, and of course they may be put-off as a result. However, you also have the opportunity to publicly respond. If your response is timely, appropriate, and shows that you actually care, it can actually help to increase customer loyalty.

5.      You can promote upcoming events and promotions

Social media is one of the easiest and quickest ways to make details of events and promotions available to a wide audience.  And your followers can also share this information, greatly expanding your reach.

6.      You can chat to your customers

Pubs are social. When you use social media to engage with your customers, it’s an extension of the conversations you have with them when you’re behind the bar. It’s a great way to get to know your customers and build loyalty.

Although I would generally recommend that hospitality businesses don’t follow the lead of J D Wetherspoon and quit social media, there are two instances when I believe it’s better to come off the platforms:

1.      Your target audience isn’t there

Although it often feels like it, not everyone uses social media.  If your ideal customer just happens to be my parents, who love a good pub lunch and a bottle of wine, you’re never going to reach them via social media. However, they are likely to try somewhere after spotting a good advert in the local paper.

If your target audience does use social media, which platforms do they go on? You’re much better off using one or two really well, than trying and failing to keep up with all the channels.

2.      You’re not there

Have you ever checked the social media page for a pub and seen than it hasn’t been updated for weeks, or even months?

When prospective customers or employees hear about you, one of the first things they often do is check out your social media presence.  If you’re posting infrequently, or not responding to messages it can give a poor impression of your business.   It’s also frustrating when information on things like opening times and menus is outdated. If your accounts are not being used, or you’re being inconsistent about posting, it’s better not to have them.

If you’re struggling to keep on top of the social media for your pub, I’d love to meet you for a coffee and a chat about how I can help you. There is no charge, and no obligation to use any of my services. I can be contacted at info@elevatepa.com.

Is Your Hospitality Business Ready For GDPR?

Of course you’ve heard of GDPR, it’s been a hot topic for months. But are you ready for it?

Whether you’re a landlord with one pub, or the owner of a hotel chain, the new regulations will apply to you. So here is a quick guide to the changes and to some of the steps that you should be taking.

 What is GDPR?

The General Data Protection Regulation (GDPR) is the new legal framework that will replace all the current data protection legislation in the EU. It’s a set of guidelines for the collection and processing of personal data, and the aim is to give people more control over their own data. GDPR will supersede the Data Protection Act 1998, and we’ll see tougher penalties for the non-compliance and breaches. GDPR comes in to force on May 25th 2018, so you’ll need to have adequate measures in place by this date.

 Will it apply to my business?

The short answer is ‘yes’.

All businesses must comply if they are involved in the processing of personal data and your hospitality business will hold almost certainly hold personal data such as guest details, credit card information, or an email mailing list.

 What if I’m not ready?

If a complaint is filed against your business, you’re potentially looking at a fine of up to €20m or 4% of your annual global turnover, whichever is the greater. Having said that, the ICO has also stated that “it’s scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm”.

It also makes good business sense to demonstrate that you’re compliant with GDPR. Customers value their privacy and want to know that you are respectful of this.

 What do I need to do?

The Information Commissioner has described GDPR as ‘an evolution, not a revolution’. Although it may sound like there will be a lot of work, for most businesses it’s likely to be a case of reviewing, tightening up and enhancing your existing policies and processes. Here are eight steps to help you get on top of GDPR

1.      Review the personal data that you currently hold.

This includes data on both employees and customers. In addition to your paper and online filing systems, you may be holding personal data in:

  •  Booking Engines
  • CRM systems
  • Customer databases
  • Email marketing lists
  • Membership lists
  • Payment processors
  • Social media marketing tools
  •  Website cookies

You need to establish exactly what personal data you are holding, and then document your findings. Make a record of what information you hold, where it came from, where it is stored, who it is shared with, and whether you have obtained consent before collecting it.

During this review, it’s a good idea to shred or securely delete any data that is no longer required.

2.      Make all of your team aware of the changes.

You’ll need buy-in from everyone. Managers need to fully understand GDPR and its impact on their department. Employees should also be trained to comply with the requirements and they also need to know what to do in the event of a personal data breach.

3.      Make your customers aware of the changes

You’ll have an obligation to make customers aware of their rights under GDPR. These rights include:

  • The right of access to their data
  • The right to rectification
  • The right to erase
  • The right to restrict processing
  • The right to transfer their data to another party
  • The right to object
  • The right not to be included in automated marketing initiatives or profiling

You will need to be prepared to handle any questions or requests from guests regarding their rights. You’ll have one month to provide an answer to any queries and you can’t charge a fee for this. If you decide to refuse a request, then you must provide your guest with the reasons for this and also give them the details for the Privacy Commission, so that they are able to file a complaint if they wish to.

In addition, ‘making customers aware’ will probably require you to update documents such as your website privacy policy and your Ts&Cs.

4.      Be aware of the purpose of the data you are collecting.

When you’re capturing guest data it will need to be for a specific reason. For example, if you ask for an email address to send a table booking confirmation, you cannot then automatically add this address to your marketing list.

You also need a lawful reason for collecting any data. It’s a good idea to conduct a review of all the questions you are asking guests (on your booking forms, registration cards, email sign-up forms etc.). Can you justify requesting all of the data? You may need to know their address for billing purposes, but is a date of birth necessary?

5.      Get consent

You must be able to prove that you have been given consent to use data in the manner in which you are using it.  You’ll need to disclose your purpose for collecting the data and how long you intend to keep it for.

You must get a clear opt-in from your customer to receive any communications, rather than presenting them with an option to opt-out.

Opting-In

  • You cannot use any pre-ticked boxes for opting-in on your forms
  • The opt-in must be a positive statement. You can’t ask people to tick ‘if they don’t want to join your list’.
  • For email subscriptions, a double opt-in process is the best method for proving that you have obtained consent. This requires the subscriber to complete and submit an online form. They will then receive a confirmation email asking them to click on a link to verify their email.
  • If your existing email marketing list did not require a double opt-in, it would be wise to reconfirm permission with all those currently on it.
  • Be specific about what communications people are opting in to receive. Is it a weekly update? Special offers? If you have several types of communication, then obtain separate confirmations for each one.
  • Make it very easy to unsubscribe. There should be a clear unsubscribe button on all of your communications.

There’s an additional consent consideration for children under 16. Authorisation to process a minor’s data, for example at a hotel check-in, must obtained from their parents or a responsible adult.

And remember – even if you purchased a mailing list from a third party, it is still your responsibility to ensure that you have consent from those customers to use their data.

6.      Review your data storage processes.

When you’re storing data, the storage method needs to be secure. You should have a company-wide policy in place, and educate your team on how to keep data secure.

Electronic Storage:

  • Audit your systems What data are you storing and where is it being held (CRM system? Excel spreadsheets? Cloud storage?)
  • Who can access this data? Is it secure and accessible only to those who have permission to use it? Is it just your employees, or do you work with suppliers or contractors who also access this data?
  • Do you have permission to store this data? If not, are you going to delete it, or contact the subjects to request consent?
  • Where are the servers for the systems that you use located? Under GDPR businesses will be prohibited from transferring personal data outside of the EU to a country that does not have adequate data protection.  You will need to check where the servers that you are using are based and, if they are outside the EU, consider using the Privacy Shield to ensure compliance. This includes servers located in the US!
  • Encrypt your devices. Although passwords will provide an element of security, only encryption will protect data if your device is lost or stolen. Remember to encrypt devices like external hard drives and mobile phones, as well as laptops and pcs.
  • Protect your devices against viruses. It’s important to invest in good virus protection. Free software generally isn’t going to be adequate, so protect your network and storage systems the latest intrusion detection   programs. For extra security you can conduct penetration testing.
  • Passwords. Create strong passwords (use a mixture of symbols, numbers, upper and lowers cases). Don’t base them of any personal details such as birthdays! Change your passwords regularly and store them in a safe place such as Lastpass.
  • Back-Up your data. Hopefully you’re already backing up your data regularly as it’s good business practice. It’ll be even more important under GDPR because in the event of a data breach, you will have an obligation to inform anyone who has had their data compromised.  If a laptop with a file of personal details has been stolen, you’ll need the back up to establish who has been affected. You can back-up to a hard drive, the cloud or a mixture of both.

7.      Check that your payment processes are compliant

As a hospitality company, you are likely to be accepting card payments every day. A good start is to ensure that you are already compliant with the Payment Card Industry Data Security Standard (PCI DSS). The two standards overlap significantly and complying with PCI DSS will demonstrate that that you are compliant with GDPR.

8.       Data breaches or theft

You need to put a process in place to detect, and remedy any data theft concerning personal data. Any incident should be reported within 72hrs to the Privacy Commission, for all cases where there is a risk that guest data may have been compromised.

This article is based on my interpretation of GDPR and how it will affect the hospitality industry. Please treat it as a guide, rather than gospel!  For the most comprehensive and up-to-date information on GDPR, I recommend looking at the ICO website. https://ico.org.uk/.

Complying with GDPR may seem a huge task, but it’s a great opportunity to review your processes and systems. It’s also a chance to really think about the data that you’re collecting and how you can use this to add value for your customers. The requirement for consent means that people on your mailing list genuinely want to hear from you, giving you a great platform to develop your relationships and build brand loyalty.

If you’re struggling with your preparations for GDPR, I’d love to meet you for a coffee and a chat about how you can get ready. There is no charge, and no obligation to use any of my services. I can be contacted at info@elevatepa.com.