Important update from Dorset Chamber regarding Coronavirus (COVID-19). We have a dedicated Coronavirus section, which is being updated on a daily basis. Click Here for more details.
Home > Company News > Considerations for operating test and trace within your hospitality business from NFU Mutual Wessex

Considerations for operating test and trace within your hospitality business from NFU Mutual Wessex

Posted on: 28/10/2020

Hospitality businesses are legally required to display the NHS Track & Trace posters at the entry of their premises, so that customers who have downloaded the NHS App can scan the QR code and register their visit.

Visitors unable to scan using the NHS App will need to leave their contact details instead. Hospitality businesses need to ensure that they collect, use, and dispose of this personal data in compliance with GDPR legislation.

Here are some practical steps to help your business comply with its obligations under data protection legislation.

INFORMATION YOU NEED TO COLLECT

You should only collect the minimum amount of data that you need in order to comply with the Government guidance. Such as:

  • Customer names
  • Contact email addresses and/or telephone numbers
  • Date of attending your venue (and estimated timings at your venue)

CUSTOMER NOTIFICATION

You will need to make sure that your customers understand that you are collecting this data to comply with the NHS Test and Trace requirements, and that it may be passed to the NHS Test and Trace service operated by the Department of Health and Social care. You will also need to tell customers that hospitality businesses are required to retain this data for 21 days before destroying it.

SECURITY OF DATA

The data collected must be kept securely, for example, via password protection, and access strictly limited to those staff members that need to access the data. USE OF DATA – This data should only be used to assist with contact tracing and not for any other purpose. Please do not automatically add this customer data to your marketing lists or combine this data with any other customer databases that you may have.

DELETING DATA

If you retain the data for longer than the 21-day period, then it is unlikely to be acceptable. Once the retention period has finished, you should securely delete the data. This means shredding and/ or otherwise securely disposing of all hard copy records plus securely deleting any electronic copies.

STAFF

The guidance also recommends keeping a temporary record of your staff shift patterns for 21 days to assist NHS Test and Trace.

USE OF THIRD-PARTY BOOKING SYSTEMS

You may already have booking or reservations systems in place with third party booking platforms. Some of these service providers already facilitate the safe collection and storage of personal data in order to make bookings for your restaurant.

GET IN TOUCH If you have any questions on this matter, then please contact Simon Hedges ACII Agent at NFU Mutual Wessex on 01929 448607

Did you know you can submit your news free of charge to the Dorset Chamber?

Submit your news

Most popular reads

Become a member

Become a Dorset Member today

Find out how

Business Training

Free Training to help businesses across Dorset provided by Dorset Chamber members

Some training opportunities are open to non-members

Find out more

Platinum Sponsors