This article answers common questions about ResDiary’s customer retention policy and how it helps restaurants meet their GDPR obligations, specifically the storage limitation principle. You can find guidance on setting retention periods, manage customer data, and understand how data is anonymised or deleted in line with legal requirements.
Retention policy basics
Follow the guidance on the list below to understand and set your retention policy:
A customer retention policy is the time period set for how long customer data is held. At the end of the time period set, customer data which is no longer required is anonymised.
It is up to you to choose an appropriate time period for your policy but can seek further information via articles from the information commissioner's office.
Where no retention period is set, the diary does not automatically delete any customer’s personal data within a venue or venue group at all.
For venue groups, a single setting for retention policy can be configured and will apply across all venues. The retention period can not be different for each diary.
Any changes to the retention policy are recorded in the setup changes audit.
Retention policy period changes will take effect immediately and the new value set in months will apply upon updating.
If the customer has not interacted with the diary within the retention policy time period, the retention policy will anonymise the profile. Any new interaction with the diary will begin the retention policy again.
Customer deletion process
This section outlines how to delete your customers and how data deletion is held:
You can easily delete a customer from your database using our guidance. You cannot delete a customer that has a future booking attached.
If your customer requests to be deleted from your restaurants customer database, then under the GDPR regulations a venue has one month to respond to the request.
When the process of deletion is initiated, the customer will remain in the customer list for a fixed period of seven days. The date of deletion will be recorded against the booking and within the view customer the following information will display:
Deleted on
Deleted by
You can search the customer list for any customers deleted and if the deletion was initiated within the past seven days the option to restore the customer will be available.
For customers scheduled to be deleted, after seven days, their profile will be removed from your database entirely and their personal information anonymized.
No email is delivered to the customer at any stage of deletion.
Impact on data and marketing
The following details cover how deleted data interacts with merges, marketing lists and diary views:
Deleted customer profiles will no longer exist, therefore they are not going to be factored into the merge function.
The marketing function relies on customer profile data to compile marketing lists, where this data has been deleted, it will not function, regardless if a deleted customer was once opted into a venue.
The deleted data shows the booking on the diary as normal with customer deleted.