Anonymising & Exporting Customers

Go to Administration > Workgroup Setting > Workgroup Settings to configure a data retention policy for the entire workgroup. Customers can be anonymised either automatically after a specified period of inactivity or manually by the theatre or the customers themselves.

Export Customer Data

All customer data can be exported and downloaded from the Customer Card in Box Office. The compressed ZIP file contains multiple CSV files with customer information. The file can be sent by email to the customer upon request. However, it is also possible to configure the system so that the data can be downloaded directly by customers from their online profile.

When exporting all customer data, the notes in the description field on the Customer Card are also included.

Manual Anonymisation

Manual anonymisation can be activated in the Workgroup Settings. It is either possible to anonymise individual customers from their Customer Card. 

Or it can be configured so that customers can anonymise their own account under the User Information tab in their online account. 

Automated Anonymisation

There also is the option to automatically anonymise customers who have been inactive for a specified period of time. Conditions are configured to determine when customers should be anonymised.

The rules for defining customer inactivity are as follows:

The cut-off date is calculated as [NOW] minus the retention period (the current date minus the period specified in the configuration).

In the backend two lists are generated: one with customers to be anonymised, and another with customers who are excluded from anonymisation.

Customers to be anonymised:

• Customers who purchased tickets for events that occurred before the cut-off date.
• Customers who bought gift cards before the cut-off date.
• Customers who are owners of expired memberships.
• Customers who are payers of expired memberships.
• Customers who were created before the cut-off date and have never made a purchase.

Customers excluded from the anonymisation:

• Customers who have purchases for events that started after the cut-off date.
• Customers who have reservations for future events.
• Customers who purchased gift cards that expire after the cut-off date.
• Customers who bought products linked to events with a start date after the cut-off date.
• Customers who bought products not linked to events, but purchased after the cut-off date.
• Customers who are owners of active memberships that expire after the cut-off date.
• Customers who are payers of active memberships that expire after the cut-off date.
• Customers who have an active consent configured in the conditions (this is optional).
• Customers who were created after the cut-off date.
• Customers who logged in after the cut-off date.
• Customers who made a purchase after the cut-off date.

The list of excluded customers is then subtracted from the list of customers marked for anonymisation. The result is the final list of customers who will be anonymised.

Anonymisation Process

The anonymisation process clears all fields on the Customer Card. The description field is updated to read Changed for GDPR anonymisation process, and the record name is changed to Manual GDPR or GDPR. The Customer Card is then marked as deleted. The associated web user is anonymised and the connection to the Customer Card is removed. All permissions linked to the customer are also deleted.