Viewing and Handling Guests' Sensitive Personally Identifiable Information (PII) in myfrontdesk

Follow
What is Sensitive Personally Identifiable Information (PII)?

Personally identifiable information (PII), or sensitive personal information, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. 

Sensitive Personally Identifiable guest data in myfrontdesk includes:

  • Document Number
  • Tax ID
  • Company Tax ID
  • Custom Fields with PII (if GDPR is enabled)

(Integrations Data:)

  • API Client ID on the API Credentials page
  • Access Tokens on the API Credentials page
  • Client Secret on the API Credentials page
  • Tax identification number for Czech Gov integration
  • Fact API Key field for Portuguese government integration
Handling PII data in myfrontdesk
1. Adding PII data

All myfrontdesk users can add PII to the new reservation on guest details page:

2. Editing PII data

By default, all users have permission to edit PII data but editing it can be limited on 'Roles' page by Property Owner (see section "How to limit permission to edit or view PII" below). Property Owner can always edit PII data.

Editing PII data can be done on Reservation Details page ('Guest Details' tab) or on 'Guests' page

3. Viewing PII data

By default, all users have permission to see PII data but viewing PII can be limited on 'Roles' page by Property Owner (see section "How to limit permission to edit or view PII" below). Property Owner can always view PII data.

To view PII the user needs to click eye-icon next to the field:

Each time the user clicks eye-icon it will be noted in the activity log

How to limit permission to edit or view PII data

There is a section on the Roles page that indicates what kind access a user has to view and handle sensitive data.

This data and actions that will receive permissions include:

  • Document Number
  • Tax ID
  • Company Name
  • Company Tax ID
  • Permission to print registration card
  • Custom Fields with PII (This is a feature that appears when GDPR is enabled.)
  • Extract guest data (This is a feature that appears when GDPR is enabled)

If a user is not permitted to view sensitive data, they also will not be able to modify this data in a reservation or a guest’s profile (Guest Page), regardless of whether user has permission to edit guest data generally. By default, all users have permission to see this data. Users responsible for managing permissions should review all users to confirm which can view sensitive data.

To access PII permissions

  1. go to Roles page
  2. next to specific role click pencil icon
  3. enable/disable the permissions under section "Sensitive & Personally Identifiable Information (PII)"
Have more questions? Contact Support

Comments

Powered by Zendesk