EUs personal data directive 2018 popularly called GDPR has a number of restrictions on how to store and use your guests' personal data.

Read more about the subject at EUs GDPR information webpage. (link opens in new window)

It is extremely important that you, as a hotel, is aware of GDPR and take measures to follow the rules for data processing as you will be responsible for your guest's data and liable for substantial fines if the standards are not met.
Techotel has implemented features in Picasso that can help you comply with the parts of the new legislation that concern Picasso. You can use these with a GDPR Standard or GDPR Digital solution. The following explains how..
The course of action required to make Picasso GDPR ready.
1. Decide which solution you want - Standard or Digital?
2. Fill out the attached booking form and return to Techotel.
3. Setup and activation of the different consent types.
4. Set up of GDPR email (GDPR Digital Edition).
5. Obtaining written consent via the chosen solution.
6. Anonymisation of personal data and activation of GDPR. These two steps must be done at the end! (Note that anonymised guest data cannot be recreated)

GDPR Standard 

Dispatch of consent email:
1. Generate a list of the guests you need to seek consent from (filter by bookings, date range, etc)
2. Select the required guests and click the ‘Mail’ button.
3. When the mail dialog box opens your template can be inserted (a template ‘Suggested format for GDPR standard email’ can be downloaded here) *attached
4. Send consent email to the guests.

Receipt of GDPR mail:
5. Find the guest in the guest book
6. Open the ‘Consent’ tab and tick the consent of the guest*.

samtykke en

 * Please keep in mind that GDPR requires written consent so there must be an email or similar documentation.
Alternatively, for guests who have given the same consent, select the guests and right-click. Select ‘Edit Selected Customers / Modify Selected Customers’ from the drop down list and change consent for multiple guests at once.

It may be a good idea to repeat the sending of e-mails several times, for example at monthly intervals, to maximise exposure.


1. Techotel provides a link that the hotel can send to all or selected guests through the marketing module. It is possible to select more guests and send to everyone at the same time.
2.The guest now receives a link to a landing page. Via the landing page the guest will be able to update their consent as desired. (download ‘Suggestion for GDPR Digital email’) *attached
3. The guest can also enter their e-mail address directly on the hotel's website, which will generate the same link to change their consent. GDPR Digital contains a link you can integrate into your website for this.


Landing Page (GDPR Digital)

When the guest follows the link in their email, they will land on a page with an overview of the different types of consent.

The types are defined by the hotel in Picasso in Hotelsetup -> Types -> GDPR consent types. On each concent type is marked whether the guest has given consent - eg. to the newsletter or similar mailing.

By clicking on the consent the guest can read additional information and change their consent. Picasso automatically updates permissions in the guest list.

Logging of changes

In the marketing module you can see what changes have been made and what consent has been given.
The ‘Consent tab’ shows what consent has the guest given.

contacts eng


GDPR consentsconcent types en

Before the consent can be automated, the consents must be configured in Hotel setup -> Types -> GDPR consent types

Here you will find a list of partners Picasso may need to send personal data to.

It is important to make sure that ALL the descriptions you want to use exist AND that they are correct!


‘Activate consent’: Enables the relevant consent in Picasso, and the guest is now able to update this consent.
‘Common Terms’: means that the consent is part of the hotel's general terms and conditions, so the guest does not give this consent as it is already provided in the general terms and conditions.
‘Activate GDPR’: Enables GDPR functionality. If this setting is not set, Picasso will still send personal data to partners despite the absence of consent. (NB: Activate this only when consents have been collected and input - if activated without the consent of the guest then no data will be sent to any partners)

Note! Personal data will only be sent to partners when the guest has given their consent or the consent has been given by the ‘Common Terms’


setup of GDPR mail (GDPR Digital)

In Hotelsetup -> Basic -> E-mails
you can edit the text for the email the guest receives with the link to amend their consent. (download ‘Suggestion for GDPR digital email’ here)

setupmail en



Open -> Hotelsetup -> Basic -> GDPR.
Here the anonymisation is activated. When anonymisation is enabled Picasso will begin to anonymise personal data during the Night Audit.

Note that anonymised guest data cannot be recovered!

 anonymisering en

If you would like to book extra instruction or help for the setup, you are welcome to book one of our capable Picasso consultants.

We bill for the time we spend.

{module contakt Alistair}

Note: We recommend booking in good time.


More information:

GDPR operation