GDPR is a new regulation that will come into force on the 25th of May. It applies to businesses and data currently covered by the EU data protection act. 10to8 is introducing new features that will help you be compliant.
The most important part of these regulations for most businesses using 10to8 will be consent and access: You must ensure that your business has consent to use a customer’s data (e.g. storing, or using it to message them via SMS and email) and be able to give them access to their data if they ask.
You need to make sure your customers know what you do with their data and that they agree - for example to be emailed about their bookings. You can ask them yourself and record the consent in 10to8. Or you can use 10to8’s new tool to help you manage consent:
10to8 is currently testing opt-in questions that will be added to your online booking process. This way you can secure consent as your customers make new bookings and as you generate new customers.
As most of you already have a customer base within 10to8 we will also be providing a bulk email tool to ask your customers to opt-in. Via this email, your customers will be able to give the same consent as they would when they book with you online. This will allow you to continue business uninterrupted and collect consent with ease.
The other major component of GDPR is the individual’s right to access, change, and request deletion of their data. Under GDPR the data that you store about the customer is ‘their data’ and you must give to them, change it, and delete it, if they ask.
To help with this we will be introducing a customer data export tool, with which you can download all the data that you store on a particular customer with a single click.
Please note that if your customers ask 10to8 for data access we will pass the request on to you. This is because for privacy purposes 10to8 is not able to access your customers’ data.