1. Help Centre
  2. Technical questions & problems
  3. Privacy Conditions

Resengo & GDPR

Youri Teijema
Edited:

In this article you can gather a lot of information about Resengo and the GDPR legislation. Learn about this topic and read carefully this page, or proceed in a targeted manner and use the titles to search for specific information that answers your question.

In this article:

What is GDPR?

From May 25, 2018, the GDPR regulation will come into effect in Europe. The GDPR means General Data Protection Regulation, simply the protection of personal data for all European citizens. In Dutch we also speak of GDPR or General Data Protection Regulation. This one law says that every organization must be able to demonstrate which personal data it collects and how this data is used and secured.

When you manage reservations via Resengo you collect personal data of your customers, such as name and first name, telephone number, email address, date of birth, allergies, reservation history,... Your business must therefore comply with the rules of GDPR to handle.

When making an online reservation, your customer must now give permission for collection and use of personal data, know why his data are stored and what they are used for.

In addition, your customer has the right to request and correct data or to supplement. The right to be 'forgotten' and his consent back to pull.

What is Resengo doing for GDPR?

As an entrepreneur, in connection with the management of your customer data, you must: can submit matters to the Privacy Commission:

  1. Privacy Policy.
    When a guest visits your business make a reservation, you must be able to demonstrate why you are requesting personal data and whether you really need that information. In your privacy statement make you know which data you request, manage and process, why you need this data and how long you keep it.
  2. A data processing register.
    This is an overview of all personal data that you manage and process. This states where this data comes from and with whom it is shared.
  3. A processing agreement.
    Your organization is responsible for the personal data you collect. Resengo is the processor of this data. By signing the processing agreement both parties agree that your data will be processed in accordance with the GDPR conditions that your company complies with.

If your company does not comply with these information obligations, you risk your severe sanctions. It is therefore important that you have the correct documents has.

How does Resengo help?

As a data processing partner, Resengo ensures that your company is completely is in order for these three parts. Various technical updates and developments were added to your Resengo system for this. In addition we developed dynamic privacy terms together with our GDPR legal expert on. These legal texts ensure the correct management of your customer data in Resengo and for links with Resengo partners.

Please note that the GDPR also applies to the management of, among other things, personnel data and any system in which your customer data that is not related to Resengo. The documents that Resengo provides are not applicable for this. The technical implementation and activation of the GDPR documents will be billed together once for the amount of €89. If we do not receive a response within 7 days, we assume that you use our GDPR module. This allows guarantee that you comply with the new regulations.

Questions?

Do you want to know more about the new legislation? Visit the official website of GBA. Are you not sure whether you only request permitted data in your reservation module? Or do you have questions regarding the GDPR and Resengo? Ask them via privacy@resengo.com. Do you need in a later phase extra help with regard to privacy legislation, for example with a visit of the Privacy Commission? Or do you wish to provide the implementation yourself? Then we offer the necessary support through our lawyer based on his/her current hourly rate.

Troubleshooting

What is a processor agreement and why is it important to sign it?

In the context of GDPR you are a "Data Controller" and Resengo is "Processor" for you. As a Controller are you obliged to deal with every processor you order? allows you to process data, a processing agreement to close.

In summary, the following points are included in the processing agreement:

  1. You give permission to the processor to to process data
  2. You determine which data the processor may process for you
  3. Only allow you to process data that is lawful acquired in a way, and thus comply with the rules of GDPR
  4. You demand from the processor that they are also in line with GDPR and those in turn as controller also conclude processing agreements with its processors

This agreement has no financial consequences but is mandatory under the GDPR. So it's for you to make sure that we drafted that agreement and offer, not for ourselves.

The offering of this agreement is within the scope of our efforts that we do for our customers to make sure to ensure that you are also GDPR compliant.

Other providers don't seem to charge for the GDPR measures. Why do we have to pay at Resengo?

> Resengo charges like most other reservation system providers NOTHING for the measures to be taken under the GDPR. However, Resengo goes a long way beyond its legal obligations and it is in that framework that we offer our customers the opportunity to to take advantage for a one-time cost of €89. Before we can explain what we do more than the others and where we go beyond what we are obliged to do, it is important that you know what the Controller-Processor relationship defined by GDPR.
 
Definition Data controller: The controller determines the purposes for which and the means by which personal data are processed. So if your company/organization decides “why” and “how” personal data should be processed, she is the controller. Definition Processor: The data processor processes personal data exclusively on behalf of the controller. The data processor is usually a third party outside the company.
 
In other words, in the relationship between, for example, restaurants and suppliers of reservation systems are the restaurants Controller and is the provider of the reservation system processor. As a processor, Resengo has taken all measures necessary for GDPR. We always take all measures to reduce the chance that something could go wrong with the data is as small as possible, we invest heavily in safety. We did that long before the GDPR and we always will keep doing. Most reservation system providers meanwhile will have settled (or would must) with GDPR from their point of view as processor and possibly controller to their processors. It is namely a cascade relationship: you are the controller and Resengo is your processor. To the company where we then, for example, have the applications hosted, we are then again the controller and they are our processor.
 
No company passes these measures on to it customers, not even Resengo. As a Controller However, you are legally the first responsible if there something goes wrong with the data. That's a responsibility that you can no longer avoid since the start of the GDPR on 25/05/2018. It's not because your reservation system is another party is offered to assume that responsibility can shrug off you. The system is in your site so you are undeniably the controller.

You have three important obligations as a controller:
  1. You must have a processing agreement with all your processors shut down
  2. You must draw up your own privacy conditions according to the rules of the GDPR
  3. You need to create a data register to locate where your data is processed
It is in points 1 and 2 where Resengo goes way beyond the rest.

1. The processing agreement: FREE
Each controller must have a processing agreement to conclude with its processors. Among other things, it states which data may be processed, how long they are kept should be, etc. It is normal for the controller to prepare and sign this agreement with the processor. In other words, you should actually format these and put them on submit to us.
That is the first point we do: we apply to all our customers a processing agreement for those tailor-made is based on the data that we process for you. We know that most providers don't already do this. At Resengo so yes and here too we don't charge anything.

2. Your own tailor-made privacy conditions: one-time € 89
As a controller, you are also responsible for it that when you request data from the consumer, you can submit clear privacy conditions to the consumer that are drawn up in accordance with the rules of the GDPR.
 
We have a module called Privacy & Requirements developed, together with legal specialists, who of the configuration of your system, immediately the correct privacy conditions will generate according to the rules of the GDPR and prepared from your point of view, as it is also obligatory.And that is the big difference with all other providers: what they do is offer privacy terms from their point of view but that is definitely not correct. If they have all the data of the case, they are still generic conditions that are the same for everyone, but that is not allowed.

In addition, those privacy conditions are mainly there aimed so that they can use your data, something that is excluded at Resengo: data is only and only your property.

The privacy terms generated by our Privacy & Conditions module also ensure that you optimally can continue to use your data within the framework of GDPR, e.g. for sending birthday wishes.
So it is only for this part, which no one else offers, for which we charge a one-off €89 at Resengo. Then you are for the rest of the time you work with Resengo sure that keep your privacy conditions in order because we keep them up to date. In addition, they are also correctly legally translated in French and English.
These privacy conditions are then automatically displayed in the reservation flow at the moment the data is submitted to the be requested by the customer. But you can also just standard integrate into your own website. Moreover, you can do this yourself can easily be expanded via the module itself.
 
And as an extra advantage, you also get a template for Terms and Conditions that allow you to reduce your no-shows.
 
For example, if you work for a company specialized in GDPR ask what it would cost to have such (privacy) conditions you will see that that will soon be a few € 1000 can cost.
 
It is certainly not mandatory to use the GDPR module. You don't have to pay if you already have privacy conditions.

Is Resengo OK for GDPR? Am I okay with Resengo for the GDPR?

Resengo has all obligations as a processor of personal data arranged for free. Resengo also offers a free processor agreement at. You can find this on the home page of your system. It is best if you can accept it as soon as possible.

To relieve our customers of their responsibilities as a controller, we offer the GDPR module at. This module costs €89 once (per billing) and keeps in that you get dynamic privacy terms, general terms conditions and a data register. The dynamic privacy terms are conditions that are tailored to your business and that are kept up-to-date if things change to your way of working or to the GDPR legislation. This one conditions come into your reservation module so that customers must accept these before booking.

If you want to use our GDPR module, you don't have to to do. If you have the right documents yourself just give us a heads up. We will then meet the conditions from your reservation flow and ensure that you are not billed is becoming.

Can I send out a birthday mailing since the new one GDPR legislation?

The privacy conditions of the Resengo GDPR module state state that you request a date of birth for the birthday mailing. You can therefore continue to send the mailing.

We don't actually use a newsletter, should we? something extra besides the GDPR module?

Even if you don't use a newsletter getting a few things in order for GDPR. The GDPR has namely also relates to your personnel data, data from suppliers, etc. The GDPR module ensures that you are in order for the management of personal data in your Resengo system and for possible links. We recommend that you make your own check other information. You will find more information with a legal GDPR expert or the official GDPR site: https://www.privacycommission.be/nl/prepare-your-13-steps.

Are we also in order for GDPR if we make telephone reservations contract?

In the terms and conditions of Resengo it is indicated that also by telephone transmitted data manually entered into the Resengo platform become.

This means that you are also okay when you call request data when you have the Resengo module.

Do we need to contact our webmaster to get the GDPR module? integrate?

No, this is not necessary. The module was automatically updated.

Where can I find the signed processing agreement?

You can find the signed processing agreement via Icon > Company > Terms and Privacy > Documents.

Then click on the PDF icon next to the processing agreement. You will find the electronic signature at the bottom of the document back.

Does Resengo have a processing agreement for the GDPR legislation?

Yes, we have a free processor agreement for the GDPR legislation.
You can view and accept these via the home page in your Resengo system. You must be registered for this as administrator of the system. Your staff can read this document so don't watch.

To relieve our customers of their responsibilities as a controller, we offer in addition to the free agreement also the GDPR module.

Where can I find the Resengo data processing agreement?

Where is the processing agreement?

  1. Go to the Icon home page from your Resengo.
  2. At the top of this page you will find the blue box with the processing agreement. Here you click on View and sign. You will be able to read the document before signing.
 

Was this article helpful?