Configuring data deletion & retention policies

Standard policies for configuration

There are currently 4 standard policies that be configured for your system:

Common policies

• Anonymising guests X days after an event - This rule converts guest names to Guest 1, Guest 2 etc so guest records are still available in reports but personal data is deleted
• Permanently delete event data after X days - This rule forces a hard delete of all event data so must be used with caution. This deletes the event, the allocations, all user requests and all guest data. Data is not retrievable (except from backup, which is a chargeable activity).

Policies if address books are enabled

There are two additional policies which may be required to comply with data protection policies if user address books are enabled:

• Remove link between requests and associate addresses X days after an event - if a user has specified a home delivery address for tickets or merchandise, for example, it may no longer be necessary to store that information once the order has been fulfilled.
• Remove addresses X data after being added to user address book - to avoid storing home address data which may become out of date over time, addresses can be automatically be deleted from address books after a certain interval.

Configuring enabled policies

Administrators can see the status of data retention policies by visiting Settings > Security > Data Protection.

Policy configuration can only be carried out by the Sponsorworks Helpdesk so please log a support request if changes are required.

Custom policies for your organisation

If your organisation needs custom data deletion / retention policies, these can be created by the Sponsorworks custom coding team. Please get in touch with us to discuss.