This article answers common questions about ResDiary’s customer retention policy and how it helps restaurants meet their GDPR obligations, specifically the storage limitation principle. You can find guidance on setting retention periods, manage customer data, and understand how data is anonymised or deleted in line with legal requirements.
Below is a table with you commonly asked questions about customer retention:
Question | Answer |
What is a retention policy? | A customer retention policy is the time period set for how long customer data is held. At the end of the time period set, customer data which is no longer required is anonymised. |
How long should you set your retention policy? | It is up to you to choose an appropriate time period for your policy but can seek further information via articles from the information commissioner's office. |
Is there a default retention period? | Where no retention period is set, the diary does not automatically delete any customer’s personal data within a venue or venue group at all. |
If you have a group of diaries, do you need to set a retention period for all your venues? | For venue groups, a single setting for retention policy can be configured and will apply across all venues. The retention period can not be different for each diary. |
How do I delete a customer manually? | You can easily delete a customer from your database using our guidance. You cannot delete a customer that has a future booking attached. |
How long do you have to respond to a customer request for deletion? | If your customer requests to be deleted from your restaurants customer database, then under the GDPR regulations a venue has one month to respond to the request. |
Is there a record of when customers were deleted?
| When the process of deletion is initiated, the customer will remain in the customer list for a fixed period of seven days. The date of deletion will be recorded against the booking and within the view customer the following information will display:
|
Deleted someone by mistake? | You can search the customer list for any customers deleted and if the deletion was initiated within the past seven days the option to restore the customer will be available. |
What happens once the seven day cooling off period is over? | For customers scheduled to be deleted, after 7 days, their profile will be removed from your database entirely and their personal information anonymized. |
If I choose to carry a database merge, will it affect any anonymised data? | As a deleted customer profile will no longer exist it is therefore is not going to be factored into the merge function. |
Does the customer get notified when their user is deleted? | No email is delivered to the customer at any stage of deletion. |
Are data deletion and marketing opt-ins separate? | The marketing function relies on customer profile data to compile marketing lists, where this data has been deleted, it will not function, regardless if a deleted customer was once opted into a venue. |
What does deleted data look like on the diary? | The deleted data shows the booking on the diary as normal with customer deleted. |
Are changes to the data retention policy recorded in the audit repor? | Any changes to the retention policy are recorded in the setup changes audit. |
What happens when I change the retention policy time period? | Retention policy period changes will take effect immediately and the new value set in months will apply upon updating. |
Does every single time I make a booking count as a new countdown? | If the customer has not interacted with the diary within the retention policy time period, the retention policy will anonymise the profile. Any new interaction with the diary will begin the retention policy again. |