CS Consulting | CS Consulting
home,page-template,page-template-full_width,page-template-full_width-php,page,page-id-149,ajax_fade,page_not_loaded,,qode-title-hidden,footer_responsive_adv,qode-theme-ver-16.8,qode-theme-affordable websites dublin,hide_inital_sticky,disabled_footer_top,qode_header_in_grid,wpb-js-composer js-comp-ver-5.5.2,vc_responsive

GDPR Consultants


Since the introduction of General Data Protection Regulation (GDPR) on May 25th 2018, it has led to much concern and confusion for businesses in the hospitality sector.


CS Consulting have a specific focus on the hospitality industry.


We provide GDPR compliance training and resource solutions making it easier for companies to understand their GDPR responsibilities.


We are associate members of the Irish Hotels Federation.


Our Services Include


Policy review and GDPR compliance policy preparation.

Local, targeted and Cost Efficient Training for staff using real life examples to help you and your staff understand your GDPR responsibilities, this is not just theory based.
Front line staff are the most exposed to GDPR compliance issues.

Ongoing GDPR compliance support.

Deal with subject access requests (where a customer requests the information that you hold on them)

What is GDPR?


General Data Protection Regulation (GDPR) came into law on the 25th May 2018.

GDPR’s focus is on ’accountability’, putting the responsibility on all businesses to protect customers personal data in a GDPR compliant manner.

Allows customers to have a right of access to personal data held by businesses.

Personal Data is everything held either electronically or on paper including, but not limited to.

Personal Data Examples and the departments that may hold the information, although not until data mapping is complete (analyse where personal data is held) can you know for sure

Names: Housekeeping, Reception, Marketing Dept, HR Dept, Leisure Centre, Golf Clubs, Restaurants and Bars

Emails: Housekeeping, Reception, Marketing Dept, HR Dept, Leisure Centre, Golf Clubs, Restaurants and Bars

Phone Numbers: Housekeeping, Reception, Marketing Dept, HR Dept, Leisure Centre, Golf Clubs, Restaurants and Bars

Addresses: Housekeeping, Reception, Marketing Dept, HR Dept, Leisure Centre, Golf Clubs, Restaurants and Bars

Health Records: HR Dept, Leisure Centre

Food Allergies: HR Dept, Restaurant, Kitchen (weddings), Kids Club

Bank Details: Reception, Bar, Restaurant, Leisure Centre, Golf Club

Credit Card Details: Reception, Bar, Restaurant, Leisure Centre, Golf Club

The difficulty is that these are a set of principles, as against rules. Therefore, nobody knows whether or not they are compliant.  We can only make sure that we have the appropriate policies in place, in line with GDPR principles.


In order to be compliant, companies must ensure they have policies in place to meet the principles of GDPR.

GDPR Principles

Fair, lawful and transparent use of customers personal data.

Purpose Limitation: Data collected only for specific, explicit and legitimate purpose.

Data Minimisation: Data held is relevant for purpose.

Accuracy: Accurate and up to date.

Data Retention: Held for no longer than is necessary.

Accountability: Businesses are responsible for the integrity and confidentiality of their customers data and are also responsible for GDPR compliance . Breaches of GDPR can result in fines up to and in some cases exceeding €20 million.

Basic Definitions

Data Subject

A customer you hold personal data on.


Data Processor

A business that holds this data, e.g. hotel, restaurant etc.


Data Controller

Third party obtaining this information from you, e.g. booking websites.

Services Provided

Local and focused training

We dissect each function within the specific hospitality sector, such as a Hotel and provide area specific training, such as:




Human Resource Departments

Marketing Departments

House Keeping

For information on training courses please contact Sean Stokes at ss@cs-consulting.ie

Discounts will apply for Irish Hotel Federation (IHF) members.

GDPR Policy procedure review

We analyse your current policies, to see are they in line with the principles of GDPR.


Data Protection Officer Support

Most companies with less than 250 staff, will not have the desire or resources to appoint a data protection officer for their organisations. We provide this resource to our customers, we will deal with any and all issues relating to GDPR on your behalf.

Contact Details



Sean Stokes

Sean has been dealing with the hospitality industry for over 30 years. He has an MBA, Dip Law in HR (Law Society of Ireland, Dip Law in Intellectual Property (Law Society of Ireland). Sean is a certified Data Protection Practitioner and is a member of The Association of Data Protection Officers.



086 814 6570




Main Street, Cabinteely, Dublin 18.

Enquiry Form