S-360 Documentation

Page tree




What is GDPR ?

General Data Protection Regulation defines precisely what is a personal data and the various roles every entity handling or porcessing them has.

You can find the official SecuTix page and cheatsheet by clicking on this link : GDPR

The authorizations we have in SecuTix ?

There are 7 fields in SecuTix attached to authorization management :

Legal information section in the contact sheet

  • Accept communication from institution by email
  • Accept transmission of elec. coordinates to third parties
  • Accept communication from partners

Communication section in the contact sheet

  • SMS MMS
  • Telephone
  • Email (will be soon depracated)
  • Letter

In green : fields that will impact the way SAM in filtering contacts for you in respect of GDPR rules

The touch points you need to GDPR check ?

The sales channel/features you should consider when talking about communication authorizations :

  • Online sales channels (B2C, B2B, ...)
  • Backoffice sales channel (Box office, etc...)
  • SAM

Note: A new "Double opt-in" option has just been implemented which will require a contact to confirm their authorization for the property.

From August 15, 2023, we will enable double opt-in for all newsletter subscription forms. Double opt-in requires recipients to confirm their subscription to your newsletter by responding to a verification email.

Please see this page to adapt to your SAM campaign



What to do to have clean authorization management ?

Having a clean authorizations management means that you users are able to set and update the authorization you need to do your marketing. In 90% of the cases (as most of the marketing campaigns are done through emails) you need to make sure the following authorization is displayed on the touch points you have with your customers : 

  • Accept communication from institution by email : By ticking this authorization the customer confirms accepting to receive communications from your institution by email.


Standard authorization setup in the marketing tab of the contact sheet.

Standard authorization setup in the marketing tab of the profile page on the Ticketshop.

Please make sure the wording you choose in the online version of your authorization cleary states to the customers the email communication channel and the purpose of this authorization



How SAM handles the authorization checks ?

Here are the rules applied by SAM for filtering out automatically the contacts regarding the SAM campaigns

The overall rule
  • Contacts are only excluded in the context of a given campaign.
  • Contacts meeting a target are automatically filtered out in the context of a given campaign if following conditions are met:

The type of the campaign is different from "Information directly related to a contact's purchase or reservation"

AND (

Accept communication from institution by email authorization is set to false or not set

OR (campaign communication channel is Email and authorization EMAIL is set to false or not set) (soon to be depracated)

OR (campaign communication channel is Letter and authorization LETTER is set to false or not set)

OR (campaign communication channel is Phone Call and authorization PHONE is set to false or not set)

OR (campaign communication channel is SMS and authorization SMS_MMS is set to false or not set)


  • When doing an Advantage channel campaign : there is no filtering


How can I choose which authorizations are displayed to the end-user ?

Online

A. Setup the authorization that will be displayed in the B2C register form online

B. Online corresponding Point of sale, select the authorization you want to be displayed


Quick contact creation form

A. Setup the authorization that will be displayed in the contact creation form on boxoffice


Strict GDPR activation

SecuTix can work in 2 ways depending on the "Apply strict GDPR" parameter value you have set for the corresponding institution (this parameter can be change in Elcaadmin).

Filtering rule when Apply strict GDPR = true
  • Contacts are only excluded in the context of a given campaign.
  • Contacts meeting a target are automatically filtered out in the context of a given campaign if following conditions are met:

The type of the campaign is different from "Information directly related to a contact's purchase or reservation"

AND (

Accept communication from institution by email authorization is set to false or not set

OR (campaign communication channel is Email and authorization EMAIL is set to false or not set) (soon to be depracated)

OR (campaign communication channel is Letter and authorization LETTER is set to false or not set)

OR (campaign communication channel is Phone Call and authorization PHONE is set to false or not set)

OR (campaign communication channel is SMS and authorization SMS_MMS is set to false or not set)


  • When doing an Advantage channel campaign : there is no filtering
Filtering rule when Apply strict GDPR = false
  • Contacts are only excluded in the context of a given campaign.
  • Contacts meeting a target are automatically filtered out in the context of a given campaign if following conditions are met:

The type of the campaign is different from "Information directly related to a contact's purchase or reservation"

AND (

Accept communication from institution by email authorization is set to false

OR (campaign communication channel is Email and authorization EMAIL is set to false) (soon to be depracated)

OR (campaign communication channel is Letter and authorization LETTER is set to false)

OR (campaign communication channel is Phone Call and authorization PHONE is set to false)

OR (campaign communication channel is SMS and authorization SMS_MMS is set to false)


  • When doing an Advantage channel campaign : there is no filtering