Skip to content
English
  • There are no suggestions because the search field is empty.

When can you message guests? (transactional vs. marketing)

The lawful basis for transactional and marketing messages, made clear.

A question we hear a lot, often from a client's legal team, is "what is our basis for messaging guests through HiJiffy?" The answer depends on what kind of message it is. Getting this right protects you and your guests.

Important: You are the controller, so you choose the basis for each message. The guidance below reflects common GDPR practice but is not legal advice. Confirm the details with your own legal team, as rules vary by country.

The three buckets

1. Transactional and booking-related. These are needed to deliver the reservation, so they usually rely on performance of the contract (Art. 6(1)(b)) and do not need separate consent. Examples: booking confirmation, check-in instructions, room-ready notices, departure reminders, invoice and payment links.

2. Operational and service messages. Not strictly contractual, but a guest reasonably expects them. They often rely on legitimate interest (Art. 6(1)(f)), with a short assessment on file and an easy way for the guest to object. Examples: post-stay feedback requests, satisfaction surveys, service alerts.

3. Promotional and marketing messages. Not necessary for the booking, so they need consent (Art. 6(1)(a)): a clear opt-in collected before you send, with no pre-ticked boxes and an easy way to withdraw. Examples: upgrade offers, spa and dining promotions, events, newsletters.

Tip: The channel matters. For WhatsApp and SMS marketing, treat opt-in as required in practice: ePrivacy rules sit on top of the GDPR, and Meta's WhatsApp policies require opt-in for promotional templates.

Quick reference

Message type

Examples

Usual lawful basis

Opt-in needed?

Transactional

Confirmation, check-in, room-ready, invoice link

Contract, Art. 6(1)(b)

No

Operational

Post-stay feedback, service alerts

Legitimate interest, Art. 6(1)(f)

No, but allow easy objection

Promotional

Upsells, offers, newsletters

Consent, Art. 6(1)(a)

Yes, especially on WhatsApp/SMS

How we help you stay on the right side of it

  • Privacy by design. When the chat widget needs personal data (name, email, phone), it can show a privacy checkbox the guest accepts first. Casual, anonymous questions like "what time is breakfast?" are treated as normal browsing and do not trigger a checkbox.
  • Consent capture. Add a clear marketing opt-in at your booking page or check-in step, so promotional messages rest on a documented basis.
  • Opt-outs honoured. When a guest opts out, you register it in HiJiffy and we stop the relevant messages.
  • Approved templates only. All proactive WhatsApp and SMS campaigns use approved templates submitted through the Console.

Important: Never collect full card numbers in chat. If you take a payment, use a secure payment link that opens your payment provider's own page. This keeps card data out of the conversation.

Bottom line: transactional messages usually rely on the booking, operational messages on a documented legitimate interest, and marketing on a clear opt-in. We give you the tools to collect, record and respect those choices. The decision stays with you.