Track and Trace for Wedding Venues in England
Government guidance for wedding venues and other hospitality venues in England and Wales means that the venue manager is responsible for ensuring there is an accurate temporary record of visitors to the venue.
Contact details of all suppliers visiting the venue, including those visiting prior to or following the event, should also be recorded and maintained for 21 days to support NHS Test and Trace. If your current system is designed for bookings or reservations it will need to be modified to comply with GDPR and Privacy laws on contact tracing, so using a specialist app may be the answer.
The Trusted Trace app, developed by Guides for Brides specifically for weddings and already used by over 270 venues, fully complies with government guidance so you have one less thing to worry about.
Any venue can use it for weddings and it is available online, as an iPhone app and as an Android app. Note: The app takes you straight to the log in screen so if you haven’t already registered for an account, use the top right menu option to navigate to the REGISTER screen the first time you use the app.
From the experts
This is a fantastic system, easy to set up and use and gives great peace of mind for both us as a venue and our clients and guests. We know that the information is properly stored in line with GDPR and easily available to the relevant bodies should it be needed.Heritage Venues, UK
What are the relevant laws on collecting data for contact tracing?
If you are planning to use your own contact tracing solution, please read the guidance below and refer to the ICO’s full guidance on collecting customer and visitor details for contact tracing.
What do you need to tell people when we collect data for contact tracing?
You must be clear, open and honest with people about why you are collecting their data,. You must not collect and process personal data in a way that is misleading, detrimental or outside of what people would reasonably expect. If data is to be used for a contact tracing scheme (such as NHS Test and Trace) you need to make this clear to people.
Collecting customer contact details may already be standard practice for your organisation, but the purpose of collecting this particular information is wider than managing bookings or similar tasks, and there are greater implications should an outbreak occur. You need to explain this to people.
~ Trusted Trace fully complies with these guidelines to protect your venue’s reputation
How much personal data should you collect for contact tracing?
You must make sure the information you collect is adequate, relevant and limited to what you need. It must be accurate and not used for anything else. You should also keep it secure, so you minimise the risk of accidentally losing or destroying it. For weddings you need only collect data on the lead member of each group or household.
You should only collect the personal information that is needed to help with contact tracing. It should be deleted securely after 21 days.
~ Trusted Trace fully complies with these guidelines to give your customers complete peace of mind
How should you store the data?
Venue managers are responsible for ensuring that the personal data they hold is kept securely. That includes making sure it’s physically safe, in the case of paper records, or digitally safe, in the case of electronic records. You must also have rules and staff training in place to make sure information isn’t lost, stolen or destroyed.
These measures will vary depending on how you hold this information, including whether it is collected manually or electronically. Electronic collection measures are recommended by government in England, and you will need to ensure you have adequate cyber security in place. Again, you should involve some form of staff training so that employees understand their responsibilities when handling personal data.
Basic measures include:
- Make sure your staff understand what they should and shouldn’t do with customer information. It is a criminal offence under the Data Protection Act to obtain or disclose customer information without your organisation’s consent.
- Do not use an open access sign-in book where customer details are visible to everyone.
- Keep any paper records in a safe place, with measures to prevent malicious access (eg locked doors, safes, CCTV).
- Consider which members of staff need access to the logs and limit access to those staff.
- Do not store customer logs in an accessible, unsecured file.
- Check your approach to cyber security – the ICO has published online guidance and the National Cyber Security Centre’s Cyber Essentials scheme is a good place to start.
- When deleting or disposing of data, do so in a way that is not at risk of unintended access (eg shredding paper documents, and ensuring permanent deletion of electronic files).
~ Trusted Trace fully complies with these guidelines to give your venue complete peace of mind
Questions? Email firstname.lastname@example.org or call 07841 650225