Issues for the hotel industry - Marketing

In September 2003, new legislation was passed dealing most notably with marketing activities of businesses by email, text, picture and video messaging. The Privacy and Electronics Communications (EC Directive) Regulations 2003 came into force on 11th December 2003. Hotels and travel agents, like other UK businesses, should have already updated their marketing practices to ensure proper compliance with these regulations. This article gives guidance on main issues of relevance to hotels and travel agents.

Three principles of marketing

The regulations introduce three important principles for e-marketing, that is marketing by electronic mail such as e-mail and text/picture/video marketing messages.

Prior consent rule

Hotels and travel agents, like other UK businesses, cannot send out unsolicited marketing material by electronic mail to an individual subscriber unless the recipient as previously notified the business, that he consents for the time being to receive such communications.

Soft opt-in rule

Hotels and travel agents, like other UK businesses can by-pass the prior consent rules in certain circumstances. First, the business has obtained the contact details of the recipient in the course of a sale, or negotiations for the sale, of a product or service to that recipient. Second, the direct marketing the business is sending is in respect of similar products and services. Third the recipient has been given a simple means of refusing (free of charge except for the cost of transmission) the use of his contact details for marketing purposes at the time those details were initially collected, and where he did not refuse the use of those details, at the time of each subsequent communication.

Identity rule

All e-marketing, whether solicited or unsolicited, and whether to a corporate or individual subscriber, must ensure that the identity of the sender is not disguised or concealed, and that there is a valid address to which the recipient can send an opt-out request.

Practical solutions

Here are some helpful tips to assist businesses in the complying with these rules:

• Unsolicited e-marketing – Remember the prior consent rule only applies to unsolicited e-marketing. If you are responding to a specific request it doesn't apply.
• Different lists for individuals and corporates – The prior consent rule also only applies to "individual subscribers", meaning that the person who pays the bill for the use of the line is an individual, a sole trader or a non-limited partnership in England, Wales and N. Ireland. It does not apply to contacting an individual on a corporate line, meaning that lines for limited companies, limited liability partnerships in England, Wales and N. Ireland, partnerships in Scotland, and public bodies such as government departments, hospitals etc. Marketing departments can therefore operate different rules for each, but should check whether this is going to be cost-efficient and remember that general data protection rules will remain relevant when contacting individuals at corporate e-addresses.
• Express consent for the prior consent rule – If your marketing department does not wish to rely on the soft opt-in rule, make sure that you update your marketing consent language to ensure that you obtain express consent to unsolicited emarketing. Express consent can often be achieved by an "opt-in", where the individual ticks a box or another positive act to indicate consent. An "opt-out" giving the individual the opportunity to object, and presuming no objection is consent, is more risky and is less likely to constitute valid consent.
• Making use of the exemption – The soft opt-in exemption could be used by hotels or travel agents. This is because marketing activities will commonly be hotel offers directed to individuals, whose details have been obtained as a result of a previous hotel booking. However, remember that the individual must have been given the means of refusing the use of his details at the time of collection and thereafter, free of charge except for the cost of transmission. Also be careful of using the exemption when your business is structured with a number of companies within a group. The soft opt-in only applies to use by the same entity that obtained the details in the first place.
• Allowing the recipient to opt-out – Under the data protection act a recipient has the right to require the sender to cease the use of his contact details for any form of direct marketing. For all emarketing, the hotel or travel agent will need to an address at the end of any emarketing where the recipient can contact the sender to request the direct marketing to cease. For e-mail a valid email address will be sufficient (but not a telephone number). For text, picture, video messaging the official guidance suggests a short postal address, such as "HotelXPOBox25BR24DD". Where the hotel or travel agent has relied on the soft opt-in exemption, it will also need to provide a simple means of refusing further marketing with every message. With e-mail an unsubscribe response procedure is relatively easy. For text/picture/video messaging this requires a number of characters in the text such as "HotelXPOBox25BR24DD.2STOPMS GSTXT'STOP'TO (then add 5 digit short code)". Supplying a premium rate or national rate number will not satisfy the opt-out obligation. In order to streamline procedures, it may be the easiest for companies to continue to provide an opportunity to opt-out in every message even if they are not obliged to do so.
• Maintaining a suppression list – If an individual opts-out of direct marketing at any time, including e-marketing, your marketing department should ensure that it maintains a record of the opt-out details. You should not simply delete them from a marketing list. Otherwise if you (or your subcontractor) subsequently receives the same details from a list broker, then you might inadvertently breach the opt-out. The obligation for compliance always falls on the party on whose behalf any emarketing is sent, e.g. the hotel or the travel agent not any marketing company which you may use.
• Existing marketing lists – The regulations do not include any transitional provisions to allow businesses to continue using marketing lists properly collected before 11th December 2003, if they now breach the new regulations. However, the official guidance states that the authorities will accept that use of mailing lists properly obtained in accordance with privacy legislation in force before 11th December 2003, which have been used recently and unless the recipient has subsequently opted-out.
• Third party lists and group companies/ trading names – There is nothing in the regulations which expressly rules out the provision of consent via a third party, but if you are buying or renting the list from a broker then you will need to seek assurances about the basis on which the information was collected. The fact that most hotels and travel agents have a number of trading names and group companies causes some complications. In particular the soft-opt-out rule relates to the entity which was involved in the sale or the negotiation of the sale and collected the data. For pre-11th December 2003 lists, it is suggested that group companies can continue to use the information properly collected, shared and used by group companies. Going forward, it is advisable to rely on the prior consent rule, and make sure the collection notice and consent refers to the services provided by group companies, affiliated hotels and travel providers.
• Nominate a friend – Some e-mail campaigns allow an individual to forward an e-mail on to a friend. This is unlikely to breach the regulations, as it is the individual who is forwarding the marketing not the hotel or travel agent. Nominate a friend schemes which result in an individual e-mailing a friend's details, without the friend's consent, to the hotel or travel agent to contact separately at a later stage will, however, be in breach of the regulations, as the hotel or travel agent will be contacting the individual directly without his consent.

Other changes to be aware of

The rules on e-marketing are the most significant consequences of the latest regulations, but it is probably worthwhile highlighting a few other points which arise from the regulations.

Cookies

Hotels and travel agents will need to ensure that their websites incorporate an appropriate "cookie" statement in their privacy policy or elsewhere on the website which provides "clear and comprehensive information" about the purposes of the storage of, or access to information collected by cookies or similar devices. In addition, the subscriber or user should be given the opportunity to disable the use of cookies. This could be done either by providing a switch-off facility or by giving a satisfactory explanation as to how to disable the cookies. The official guidance says that the mechanism should be intelligible not just to the computer literate or technically aware. There is an exemption for those cookies, which are solely for the purpose of carrying out or facilitating the electronic transmission and where such storage or access is strictly necessary for the provision of the e-service.

Tele/faxsales

The regulations cover telephone and fax marketing and generally restate the existing 1999 regulations, but with one main change, the introduction of a telephone preference service for corporate subscribers. From May 2004, corporate subscribers will be able to register telephone numbers to opt out of unsolicited telesales.

Location data

Finally the regulations also provide rules for the communication providers on the collection and use of location data. Location data is data collected from say a user's mobile phone as to where the phone is located, the direction of travel and time at a location. Such data may be of use obviously to the travel industry, for example in providing value added services to the user or subscriber of the phone.