The General Data Protection Regulation (GDPR) is the key European standard with regard to the protection of personal data. It strengthens and harmonises data protection for individuals in the European Union. It will come into force on 25 May 2018.
Click this page General Data Protection Regulation for an outline of your role and that of SecuTix in respect of the GDPR. The information below describes the new features that will help you carry out your role more easily. In previous versions, SecuTix had already provided features to take into account the previous European directive on data protection and the stipulations imposed by national authorities responsible for implementing it. Whymper V1 introduces additional features.
The requirement to obtain the contact's consent before storing a photograph
When operators store a photograph in a contact file, a message will be displayed reminding them to obtain the contact's consent to do so.
Entering comments about contacts
From the contact file, operators can:
- Create a new note relating to the contact. There may be several notes produced for a single contact.
- Enter or modify a contact comment. There is only one comment per contact.
When a note is created, SecuTix displays information and a link to further recommendations on entering free text. This process has been extended to include contact comments. As a result, when an operator saves a modified comment, the following message will be displayed:
By clicking on a link, they can display the following recommendations:
Visitor acceptance of your data protection policy
SecuTix allows you to create a separate URL, displaying your data protection policy in the Ticket Shop. In order to reinforce this practice, a message is displayed whenever an operator creates a point of sale without specifying a separate URL.
When a specific URL is defined:
- Visitors must confirm acceptance of your data protection policy when creating their account.
- Visitors may browse the policy:
- From the account creation or modification page
- From the order completion page
Bulk anonymisation/deletion of inactive contacts
Current situation (before Whymper V1)
SecuTix already has a contact anonymisation/deletion feature. Specifically:
- Prospects (contacts who have never bought or benefited from a ticket) are deleted.
- Contacts who have bought or benefited from a ticket are anonymised. This operation cannot be reversed. Operators are no longer able to view the history of this contact nor to access it for any reason whatsoever. Only SecuTix support personnel may recover information about this contact from logs. After the log information is deleted (this information is kept for a year), the information about this contact is irretrievably deleted. It may no longer be accessed, even by support.
- Beneficiaries (the first name and surname of a ticket holder are taken without creating an actual contact) are not anonymised. In practice, this information is used to enhance security (e.g. to identify all spectators at a match) and may not be used for marketing purposes.
New batch facility for anonymisation/deletion of inactive contacts
SecuTix Whymper V1 now offers a batch process for bulk anonymisation of inactive contacts. You can select the minimum period of inactivity. The batch process has a default setting of 36 months, which corresponds to the normally recommended 3-year period. The batch process also offers a simulation mode, which displays the list of contacts about to be anonymised/deleted. Since this batch process will have a considerable and irreversible impact on your contact database, we strongly recommend you run in simulation mode first in order to identify all affected contacts. No contact who is a debtor or creditor to your institution may be anonymised. These contacts will be included in the run-time log. They will be anonymised when the batch process runs and their transaction has been settled.
Calculating the period of inactivity for a contact
The batch process calculates the period of inactivity by checking the date of the last transaction by a contact. This data is held in a special indicator (calculated directly by the batch process) called the GDPR recency. This recency covers:
- Option acquisition
- Option confirmation
- Reservations and sales made, either as a purchase contact or a cultural contact. Completing payment does not, therefore, modify the contact recency.
- Being added to the waiting list
- If the contact has not carried out any of the above actions, the contact creation date is used.
The indicator then refers to the validity date of dated products and the order date of undated products.
Comment:
- In order to maintain performance levels, the indicator is only recalculated if a contact is eligible for deletion or anonymisation, given the current value of the indicator and the chosen period of inactivity. It does not necessarily provide the complete contact recency.
- For example: A contact has purchased a ticket for a performance taking place on 15 June 2018. The initial batch process runs and sets the indicator to 15 June. A few weeks later, the contact purchases a ticket for a performance on 1 September 2018. Suppose the batch was executed on 1 August after the purchase of the second ticket. The second batch process will not update the contact recency as it is too recent to be anonymised.
- The batch anonymisation process only deals with individual contacts and relays and not the structures themselves nor contacts with another role (eg, supplier, guide, exhibitor, producer, partner, contractor)
How to use this new batch process
- If it does not yet exist, create a batch type "Deletion/anonymisation of inactive contacts"
- Schedule the following program "Deletion/anonymisation of inactive contacts". By default, the period of inactivity is initially set to 36 months and simulation mode is chosen.
A contact's right to access their own data
At any time, contacts may ask to see a summary of the information held about them. Although we have received very few requests of this kind, our BI interface will feature two domains that will collate contact information (basic information about the contact, contact criteria values and indicators etc.), which will make this kind of request easy to fulfil.
Marketing campaign targets (SAM – SecuTix Audience Management)
Our marketing tool (SAM) makes it possible to remove all contacts who have opted out of receiving marketing communications and those who have not given their explicit consent. SecuTix Whymper V1 goes even further by introducing a more specific, automatic filtering mechanism.
- All contacts who have opted out of receiving marketing communications in general or who have opted out via the communications channel planned for your campaign will be automatically excluded from the campaign target list.
- There is one exception: Contacts are not filtered out from campaigns of the new type entitled "Information directly related to a contact purchase or reservation". This type of campaign should only be used to provide information which is directly related to contractual obligations, (e.g. announcing the cancellation or postponement of a performance). Under no circumstances should it be used for a marketing campaign.
- Contacts who have not given their explicit consent (but have not opted out either) are not yet automatically filtered out. However, they can be explicitly filtered out when setting up the target group.
SecuTix urges you to:
- Use your best operational endeavours to minimise the number of contacts who have neither given their express agreement nor confirmed their wish to opt out.
- Specifically remove all contacts who have not given their explicit consent. SecuTix intends to widen the scope of automatic filtering in this contact category in a later version.
