The importance of having a CRM Strategy

 

With the continuing reduction and uncertainty in arts funding, most arts organisations have to achieve more with less. We all have to work harder to prove that what we are doing is effective so having a Customer Relationship Management (CRM) strategy in place is becoming ever more urgent.

CRM isn’t about selling, it’s about marketing. It helps you build and maintain long-term relationships, through discovering how your audiences want to interact with you, and actively meeting their stated and unstated wants and needs.

So, if it is such a good idea, why is CRM not practised more widely? Partly because it takes hard work and the day to day tactical necessities of selling tickets and filling seats always takes priority. But today’s multi-channel environment means that there are a whole host of ways to talk to potential customers, and that, coupled with increased competition for people’s time and today’s economic climate, make it imperative for us to work smarter, listen and be more responsive. The days of pushing out a standard direct mail letter or email to all our customers are gone.

In 2016 Shakespeare’s Globe recognised that they needed a deeper understanding of what motivates, frames and influences the buying, engaging and supporting behaviour of their different audience segments.  They had the aim to maximise the opportunities for all areas of their business – including theatre, education, commercial and development.  That’s when I was commissioned to work with them to build an audience-focused CRM strategy that is reinvigorating the way they work and interact with their diverse audiences.

The Globe needed a CRM system to enable them to better manage and analyse audience data across departments and an insightful segmentation system that would give them the understanding required to develop and maximise their audience relationships.

Finding the right technological solution to provide the CRM/ticketing system needed was a key factor for the Globe in achieving a successful CRM Strategy.  The box office system is your organisation’s most powerful CRM tool, it contains every ‘touch-point’. Underdevelopment of that data means that only the most loyal customers are contacted; the task should be to persuade the wary to come and to come more often.

The process began with a series of intensive information gathering sessions with staff across the organisation (including the CEO) which proved to be revelatory; highlighting the historic silo working and its effect on progress, the multiplicity of ‘data’ systems, a need to review practices and processes. Armed with this insight, developing a specification outlining the kind of CRM system functionality needed was made so much easier.

Confident with their choice of CRM system, implementation was the next stage. Discovery sessions involving the Globe, the new system supplier (Tessitura) and HD Consulting brought about in-depth customer journey mapping which showed just how each customer group interacts with the Globe across multiple touch-points, identifying where it was easy to interact and where was it difficult and convoluted.  As a result, the CRM system and website are being configured to eliminate those pain-points.

But technology (no matter how good) and data mining are worthless without a deeper understanding of the audience’s motivations and values.  Through a process of in-depth research with the Globe’s audiences by Morris Hargreaves McIntyre they gained rich and invaluable insight into their audiences enabling them to differentiate their customer segments, and understand and agree behaviours using their Culture Segments segmentation.  They now have a three segment focussed strategy that will allow them to grow audiences and engage them better.

A key factor in the success of The Globe’s project is that they have embraced CRM by ensuring that it is a strategic function.  They have created a core CRM team with representatives from different departments where colleagues’ needs and concerns are addressed.  A training policy and data policy are being created to show staff teams the value of adopting and applying the strategic initiatives, and in setting an organisational ‘rule book’ or benchmark to work to.   CRM was never seen as a tactic or marketing function and The Globe’s leadership team were on board from the start – clear about both the end game and the cultural change that would be needed.

This is still a work in progress. They know it won’t be a quick win but will ultimately be a new (better) way of connecting with their audiences.

This process is not for the faint hearted but for arts organisations that want to look to the future.

It requires a fundamental change to the way strategies are planned, budgeted, communicated and monitored.

So if theatres really do want to develop an effective CRM strategy don’t forget:

  1. 1. CRM isn’t CRM unless it affects the customer experience.
  2. 2. CRM is a strategy not a project.
  3. 3. CRM should improve return on investment.
  4. 4. Technology is a means not an end.
  5. 5. A 360-degree view of your customer

©Helen Dunnett

www.hd-consulting.co.uk

How is Ticketsolve Getting Ready for GDPR?

 

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at Ticketsolve

 

 

System

Ticketsolve

 

Back Ground

Ticketsolve have continued to add to their already substantial customer base in the UK and Ireland. With over 260 customers in the arts and culture sector they are one of the major providers of ticketing solutions.

 

Their view

As ever, Ticketsolve have considered the importance of design and usability as well as compliance in their development of GDPR compliant tools. They have decided to deliver both best practice advice as well as a comprehensive set of tools for their customers to use to help them ensure compliance.

 

What we saw

During our session, we were shown the latest iterations of the Ticketsolve interfaces looking at the customer record, audit trail as well as new options to shape the tone of voice to be used in collection of permissions, expanding the ‘Ok to Email?’ labels seen in other systems to a full explanation of how the information will be used.

 

Great to see

The journey around the features and tools in Ticketsolve did have me saying ‘nice’ on a number of occasions. Whereas there was nothing in functions that stands out too far from others, it was the intelligent design and extra touches that caught the idea. Specifically, a key word search in audit trails – imagine a customer of x years – how long would their audit trail. Simply type ‘permissions SMS’ in the search box to filter all changes in that specific permission. I was also impressed that Ticketsolve appear to be one of only a few systems that offer a third party log in for safe and secure data transfer – perhaps GDPR will bring an end to those customer spreadsheets being emailed between companies!

The use of Keywords to narrow Audit Searches

 

 

What we didn’t see ……. but is coming

As with every system we have seen as part of this series – there is still work to be done by Ticketsolve. Key delivery dates in January are already inked in to roll out a new named third-party permission option – based on the contents of the customers basket. As well as these dynamic opt ins – there will also be the ability to add an unlimited number of fixed consent requests – allowing the ability to recorded consent for marketing and fundraising separately in the system. The extended audit of the customer record will also be printable to produce Data Subject Access Requests with one click.

 

The Production Company Portal Offers Direct Access to Consented Data and Sales Profiles

Transition Services and Issues

The result of Ticketsolve taking their time to consider all of the issues before starting to deliver the solutions that we saw, is that they have invested heavily in research but also staff training.  Our call to look at the features and functions had a number of support staff actively involved all with a good working knowledge as well as practical ways in which features could and should be used to ensure compliance. These staff will be taking the lead to work with existing (and new) customers to help them get the best from the tools.

 

Issue to consider

The move to offer ‘unlimited’ anything is always a worry. It’s nice that Ticketsolve will give their customers a chance to create multilevel and purpose permissions, but venues will need to consider which ones are relevant and help the customer understand their communication preferences. The danger is that venues, or new staff may be tempted to add ‘just another one’ and the list suddenly becomes unwieldy.

 

Stand out feature

We have seen a fair amount of innovation during this series, with some great new tools. My stand out feature for Ticketsolve is an ‘old’ one – one they have had for years – which is their tight integration to Mailchimp. It is one of the best integrations we have seen in terms of granularity and synchronised data. The use of the API allows real-time consents to be used in email campaigns and unsubscribes written back to Ticketsolve.

 

Overal

Ticketsolve deliver some solid tools to their customers already. There are some more to come, which should hit the user base in January, allowing venues to get fully up to speed ahead of May. Our key take-away from the look we had though was clever, clever design.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


Ticketing Systems’ Preparedness for #GDPR

After several months and many hours of looking at systems and talking to vendors we today published a series of articles on how ticketing systems are preparing for GDPR.
From the outset these articles were not designed to be ‘reviews’ or in any way endorsements of the products or the direction their architects have taken.
It is fair to say there are differing approaches, priorities and overall levels of preparedness, in our opinion.
There were two key areas where we saw these differences, firstly in the customer audit, some systems have a robust, and have had for many years, audit of customer records, tracking each change, the channel, operator as well as before and after values. Others appear slightly later to the party. The auditing of descriptions, labels and other ‘sign up’ phrases was only seen in a few systems.
We also saw differences in readiness to be able to collect granular third party consent, that is the named party a customer is consenting to share their data with, typically this is for touring or co-productions. Here, we saw a number of vendors deliver a solution, whilst some were still in design phase. As we see in all implementations of software, there was some difference in the quality of the design and deployment.
Venues will need to examine how they move forward with their current provider and satisfy themselves that the software is capable and is configured to fit in with their own organisations policies to be compliant with GDPR. As we have said on numerous times, compliance is not the responsibility of the provider, but of the organisation using it. GDPR also stretches way beyond boring ticketing and marketing!
We have seen vendors already openly talking about or briefing their users on new GDPR tools, with more due in the New Year. So if you haven’t made a start, you best make a start. A call to your software’s support department could be a good place to start.

Systems Covered

This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.
The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.

This work has been made possible by support from Arts Council England

How is AudienceView Getting Ready for #GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at AudienceView

 

System

AudienceView

 

Back Ground

AudienceView provides systems to organisations around the globe, so has a strong history of providing national or continental compliance tools.

 

Their view

As a software supplier, their belief is around facilitation, not enforcement. Their mission (and what we have seen in versions examined) is to provide their clients with the tools they need, leaving them to decide how they use them to operate in a GDPR compliant way.

 

What we saw

During our session we examined version 6.8 – some customers in the UK will have already moved to version 7, but most are still using the version we saw as part of our session.

 

Great to see

AudienceView is one of only a few systems we have seen that has a very granular audit system. Not simply which seat was sold by whom, but much deeper. If venues are using consent as their basis for processing data, they should be able to reference when, where and how consent was obtained. It will also be necessary to be able to show the message that was displayed (or read) to the customer at that time. Audienceview audits changes to labels in their system, so venues will be able to definitively prove the message displayed at time of consent.

 

Audit

 

 

 

What we didn’t see ……. but is coming

AudienceView shared their roadmap on issues relating to GDPR – with three key items set for delivery in early 2018. The expansion of the 3rd party permissions solution that they current use will be a key element, at present this is handled through event specific questions, which does allow both an audit and a specific named permission to be sought. Customer obfuscation – as it is called on the roadmap delivers simple tools to facilitate ‘the right to be forgotten’ should that right be deemed appropriate by venues. Perhaps the one I liked the title of most was ‘GDPR success’ which is a collection of tools to make life easier for data controllers, bringing views and reports together for easier data management.

 

Transition Services and Issues

There are already some of the key elements in AudienceView that venues can use on their journey towards GDPR compliance. With the update due in 2018, venues will need to consider how these are deployed and whether they will need to migrate or update newly available fields from the ones currently used to store consent or third party sharing options. The ability to mass move data has long since existed in Audienceview, it will be the venues that will need to plan that transition and updates to their customer service team policies.

 

Issue to consider

One of AudienceView’s standout features, in my opinion, is their inbuilt CMS which enables venues to create multiple microsites. These can all deliver differing content or inventory. The rules that control these flows are called roles. Commonly they use a role called ‘internet’ for online. The role is shown as part of the audit trail. If differing methods or wording around data sharing and GDPR compliance are to be used on these different sites, organisations may wish to think about having a clear role for each microsite (Internet-mainsite) / (Internet-panto-site) for instance.

 

Stand out feature

Again, my stand out feature is one rarely seen in other systems. This is a simple ‘stop all communication’ option that is available in a customer’s record. ( I called ithe ‘nuke’ feature)  – but we must understand that, if using consent as a basis for marketing, we must make it as easy for a customer to withdraw their consent as it was to grant it.

 

Overall

Audienceview are already well on the way to deliver some great tools to allow venues to achieve GDPR compliance. There may be updates to come in 2018, but we were encouraged to see they have, for a very long time, had a solid and reliable audit engine around permissions and customer data as a whole.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


How is Red61 Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at Via by Red61

 

System

VIA by Red61

 

Back Ground

VIA has traditionally been thought of as a ‘festival’ ticketing system, however recent additions to both the product and team behind the solution now sees them as an emerging provider to both the attractions and venue ticketing space.

 

Their view

Given their background in the complex world of festival ticketing (think festival, artist, venue all with an interest in data) it is no surprise that Red61 have already invested time into modelling data ownership and permissions for customer contact. As they put it “It’s where we came from, it’s in our DNA”

 

What we saw

During our session, we discussed the possibilities for multiple permissions per customer as well as the flows of data for ‘agency’ sales. In addition to this we also looked at the flow for collecting named third party consent.

 

Great to see

Red61 joins a select few systems that from our inspection can currently deliver ‘named’ third party consent. As with other leading systems in this field they perfectly manage the concept of ‘Promoter’ or ‘Producer’ allowing customers to clearly see (and consent) to who their data may be shared with.

Permissions

Collecting Third Party Permissions and a feature we loved – ‘Preferred Contact Method’

 

What we didn’t see ……. but is there

VIA supports exposing the questions and answers to both the standard out of the box online ticketing platform that Red61 supply to some of their clients. It also supports this through its API, allowing venues to build a smooth and tailored flow that suits their needs and data permissions accordingly.

 

Transition Services and Issues

Many of the features that venues will need to be using to remain compliant under GDPR – (if using consent as the basis for processing) are already in VIA, and as such many clients are already using them.

 

Issue to consider

For those clients who have been using the generic ‘Third Party’ or ‘Producers of shows I go to see’ statements may need to think about campaigns and actions to go out and confirm consents from these customers. Given the data may have already been shared before the 18th May deadline the implications for the users may be minimal, the organisations to which the data was shared may need re-consent.

 

Stand out feature

We really like not only the features but the attitude around best practice in data sharing / permission gathering.  Even though it is not a GDPR requirement, it was so refreshing to see that each customer can set their own ‘preferred method’ for contact, not just once, but for each of the possible future data controllers. Surely a great tool for marketing campaigns not only to hit the right people but also the right way.

 

Overall

It is not surprising given their experience in dealing with complex ticketing networks ( the Edinburgh Fringe Festival – need we say more?) that Red61 seem to have put solid data management and consenting tools at the core of their offering.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


How is ProVenue from Tickets.com Getting Ready for GDPR?

 

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at ProVenue from Tickets.com.

 

System

Tickets.com ProVenueDatabox / ProVenueMax / ProVenue

 

Back Ground

Tickets.com currently has three products in active use, its latest iteration ProVenue is the focus of this report and currently is their actively developed offering to the Arts, Sports and Visitor Attraction sectors.

 

Their view

Tickets.com has researched both their responsibilities and those of venues ahead of their developments to the product. With their experience in delivering multi-purpose and shared systems, they have built on previous work to deliver tools to help venues achieve GDPR compliance.

 

What we saw

During our session, we focused mainly on the ProVenue product, both from a box office as well as online interface. We also looked at how legacy products such as ProVenueMax and ProVenueDatabox have been delivering (for many years) the levels of granular permissions that are required under GDPR if relying on consent as a basis for processing.

Great to see

It was refreshing to look at systems / versions of product released many years ago that even before legislation, gave marketing staff (and consumers) granular permissions based on content and channel.

 

What we didn’t see ……. but is there

In ProVenue there are very detailed audits of not just customer data field changes, but also changes to the field labels. This makes ProVenue one of a small group of systems that can adequately demonstrate WHAT a customer saw during their sign up. We did see that many of these fields or audit trails can be configured to display in the Box Office UI. Whereas the ability to see this in the UI is not required under GDPR it is refreshing to see that a vendor understands how important this is.

 

Transition Services and Issues

Overall Tickets.com have a selection of tools and interfaces which seem to give venues the ability to accurately gain, record and report on consent, if this is the basis for processing customer data. With these tools already in the product there is little transition work needed it seems.  Venues requiring bulk updating of records or such services can seek help through the Tickets.com service desk.

 

Issue to consider

Whereas many of the features and tools to help clients operate in a GDPR compliant manner are in all three products, development focus is on the ProVenue system and the MPV (My ProVenue) online interface. Venues who require third party (promoter / producer) sharing tools will need to look out for upcoming developments in this area.

 

Stand out feature

As many of you may remember from Databox use, the ‘ask later’ tool is once again in the latest iterations of software from Tickets.com. Users can therefore rest easy that operators who do not capture customer preferences have not ‘lost’ a client – the next operator that serves them will be prompted to collect preferences. This is great, however, we were particularly impressed by the ability to define multi-facetted multi-channel combinations, including the ability to define which are ‘pre ticked’ – users can have mail, sms, email and phone for venue communication, but just email and phone for fundraising. This also opens the possibility to have electronic methods of communication pre-ticked during a purchase path – a sure way to make sure soft opt ins to your venue mailings.

 

Overall

Tickets.com has a proven track record of delivering compliant systems, their latest ProVenue offering has many great features, but once again shows solid and smart thinking in helping venues achieve compliance, while continuing to provide them with the tools they need to grow their audiences.

 

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

 

ACE_Logo


 

 

 

 

How is PatronBase Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at PatronBase.

 

System

PatronBase

 

Back Ground

PatronBase supplies ticketing / crm systems to a variety of organisations around the World, including the UK and Spain.

 

Their view

PatronBase has focused its offering on consent based permission as a basis for processing and on-going marketing communications.

 

What we saw

We examined several elements of the PatronBase offering during our session, including the box office and online flows for recording consent, as well as examining the granular audit trail that the system records and the tools PatronBase offer to allow for customised messaging online through its ‘Web Module’ – their out of the box online tool.

 

Great to see

PatronBase offers and almost unlimited range of marketing communication ‘levels’ and ‘channels’ – allowing venues to specify the types of communication a patron would like to have, as well as the method they would like to receive them in. This opens the door to allow customers to perhaps specify emails and postal contact for brochures and promotional material, whilst only post for fundraising asks.

 

Privacy_Report

PatronBase has audits permissions by operator and application channel as standard

What we didn’t see ……. but is coming

At present PatronBase’s communication levels are not driven by a user’s basket or previous consents obtained. There is a concerted development drive to deliver ‘named third party’ consents in an upcoming version. Given PatronBase already has a deep level of segmentation on events, by ‘Promoter’, “Project’ and other key identifiers, they will simply be needing to reference these to develop the consent user journey.

 

Transition Services and Issues

With many of the foundations in place to allow venues to be GDPR compliant there may not be a huge amount for PatronBases users to actually do or need assistance with.  Once the new named third-party consent permission structure is delivered, it will be necessary for venues to seek the correct named consents for their existing users. PatronBase will be delivering consulting and professional services to their clients in this area.

 

Issue to consider

They key item we saw that users should check is that their statements displayed to box office operators and web customers (including all web interfaces, as PatronBase supports many different online personas or ‘skins’) are consistent, in their meaning and scope.  We didn’t see this as likely, but it is possible, that online a statement may read “tick this box if you don’t…..” and offline it may read “tick this box if you do…..”.

 

Stand out feature

It sounds incredibly boring to list the strength and clarity of audit trails as a stand out feature, but when using consent as a basis for processing and contacting customers under GDPR it is going to be vitally important. Not only are these audit trails already (and have been for many years) they are clearly exposed in the UI too. This audit, coupled with already existing reports which look to satisfy as DSAR (Data Subject Access Request) that may come in, could mean that venues can respond with almost a single click of the button. We do hope venues do not find themselves subject to too many DSARs, but already having that box ticked is a great feature to see.

 

Overall

PatronBase has a strong audit engine underlying its ticketing and fundraising toolsets. The ability to edit messaging to clearly as well as having a suite of reports to satisfy DSAR requests provides a solid base for venues to move towards GDPR. The delivery of named third party consents based on purchases is the only piece of the puzzle missing and we look forward to seeing that in soon to be released versions.


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


 

How are Monad Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at Monad.

 

System

Monad

 

Back Ground

Monad supplies its web-based ticketing tools to small and medium sized venues across the UK, based in London, they have a strong focus on usability and smart design.

 

Their view

Monad have always championed permissions being post checkout, allowing customers to secure their tickets with minimal clicks, maximising conversion.

 

What we saw

We worked through many examples, seeing the web flow for customers, as well as operator interfaces within the Monad system. (these are actually almost identical to each other). Using a demo system, we also walked through creating new ‘marketing lists’ – which are the mechanism to store permissions in Monad.

 

Great to see

Monad effectively ‘freezes’ the text around permissions once permissions begin to be collected on that list. So, it is impossible to just change the label that appears to a customer or staff member from “I’m happy to receive show news” to “I’m happy to receive show and fundraising info” – this therefore allows staff to definitely show the exact wording displayed to a customer at time that consent was gained. A new list can of course be created with the new description, all new consents will be stored in that list, the original list is still there and can be used for segmentation. Existing users will be offered the chance to upgrade to the new consent statement on next purchase.

 

 

What we didn’t see ……. but is coming

At present it is not possible to see a customer’s audit trail from within the customer record itself – you must look at the log of the list itself to show a customer’s opt in and out. Also, the current system only shows leaving or entering a list, not the channel or staff member who made the change. Ben Curthoys, the CEO, explained that this would be available very shortly. The other feature which is currently missing, but we would hope to see shortly is those around named third party permissions. Monad’s innovative ‘Folders’ way of dividing data, will allow individual or custom questions based on one (or many) factors. Permissions may be driven by promoter, performance space, performance, or membership status.

 

Transition Services and Issues

There are limited tools within Monad for customers to mass move data into new permissions structures. This is by design as Monad believes mass changes to customer permissions should really never be needed. Monad’s staff will be available to provide technical services should a reformatting or mass move of state

 

Issue to consider

Venues using Monad will need to consider how they will migrate users to a new third party consent system, particularly their choice of folder structures to trigger these questions. In addition to collecting these permissions, they must also examine their current consent label wording and decide if to begin using new, compliant text (if not already clear and unambiguous) to make sure all new data has been obtained in a compliant manner.

 

Stand out feature

Monad is one of very few systems who push marketing permissions and preferences to post transaction screens.  This is a major shift in the transaction flow, but one that makes total sense. It allows very clear focus to be placed on ‘closing the sale’ – selling tickets, and then allowing clear and simple layout of permissions without a countdown clock scaring customers to rush through options. This methodology also allows customers to be reminded of their preferences on each transaction without having to dive off into ‘my account’

 

Overall

Monad still have some work to do to tidy up interfaces to allow clients to find exact permission opt-in times and places. Locating the marketing permissions post-transaction is a bold design decision, but it has been in place for many years, and there is no evidence that it has limited sign up. The ability of the company to move items through a streamlined development and deployment cycle helps them and their customers get access to the tools they need.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


 

How is SRO by SeatGeek Enterprise Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at SRO by SeatGeek Enterprise

 

System

SRO by Seat Geek Enterprise

 

Back Ground

SRO, or SRO4 until recently, is an enterprise ticketing platform used by a range of entertainment, sports and attraction clients around the World.

 

Their view

SRO empowers their users through a variety of tools to allow them to configure data collection, customer flows and experience, using their cutting edge ‘Rules Engine’ to shape these experiences.

 

What we saw

During our session, we examined the online customer experience using the eSRO module (the out-of-the-box) online experience, in addition to this we walked through gaining consent in a face to face transaction using a number of the interfaces that Seat Geek offer, including their intuitive touch screen interface.

 

Great to see

It sounds old fashioned but we have loved seeing the ‘Ask me later’ feature as part of this process, several systems have it and SRO is in that select group. Even as venues push towards GDPR compliance they must not lose sight of the fact that customers (and staff) are busy people – someone not being asked or not positively giving their consent is not the same thing as them saying ‘NO’. The use of ask me later functionality or even recording that no answer was given allows the question to be foregrounded in a later transaction.

What we didn’t see ……. but is coming

Seat Geek’s large development team have prioritised the delivery of tools to seek what we will describe as ‘basket content specific permissions’. Given that SRO allows an almost unlimited number of levels of permission venues could choose to create a new level for every visiting show or company, however the end user or operator would not be directed to which ones were relevant for the current purchase.

EDIT: We have recently seen a beta version showing this.

Transition Services and Issues

As part of Seat Geek’s commitment to providing a high quality service to their clients, they have embarked on a series of education sessions with all helpdesk staff on both the issues and different basis for processing approaches. With a number of tools to export, import and manipulate data within SRO users may choose to undertake tasks themselves or engage with the helpdesk

SeatGeek Enterprise are also planning training sessions on new tools and ways of working with SRO / GDPR in the new year.

 

Issue to consider

Currently in SRO there are two levels of permission on a customer record – first ‘XYZ can contact m’ and then communication specific preferences. Putting ourselves in the consumers position, will then realise that if they tick the ‘first’ box that they also need to give the granular permissions for each type of communication?  As businesses, we are aware of our obligations, but I am not sure consumers will be aware of it. It may be necessary to think about online forms are labelled and worded.

 

Stand out feature

SRO has one of, if not perhaps the, best auditing engine we have seen in any system, certainly as part of this series of reviews. It is in a select few systems that audits EVERY field, recording both the before and after values, along with date and time stamping. What does this add to a venue’s drive towards compliance? Simple, your consent based opt-in says ‘We would like to contact you about upcoming shows’ – people opt it. Someone then changes that phrase to read ‘We would like to contact you about upcoming shows, restaurant offers and send you membership offers’ – people opt in. Which people saw message 1 and which saw message 2 when indicating their consent?  The fact that SRO audits that change, their users are in a select group that could demonstrate the exact message a customer saw when giving consent.

 

Overall

SRO’s powerful database is its key strength in providing tools to achieve GDPR compliance. If relying on consent as a basis for processing, it is vital that where, when, who and whats are all recorded and easy to produce if ever needed. Still some pieces to add to the jigsaw but SRO has the key pieces in place to build on.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


 

How is Spektrix Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at Spektrix

 

System

Spektrix

 

Back Ground

With over 312 venues now using Spektrix, it is a widely used system supporting small, medium sized and large venues alike.

 

Their view

Spektrix are usually front runners in adding functions and features not only to help venues earn more revenue, but help them with their tasks and deliverables, from gift aid submission to HMRC or supporting data sharing agreements between NPOs.

 

What we saw

During our session, we walked through the buyer journey online as well as in the box office. Spektrix clients can integrate using both the API and iframes. With most of Spektrix’s clients using their iframe integration from the point of seat selection, the online journey is very similar for each of their clients (except, of course, for branding).

 

Great to see

The Partner Companies feature is a slick and well thought out piece of software. Too many system flows rely on going through ‘My Account’ to update preferences. Spektrix has built in logic to the checkout flow that examines basket contents and checks current permissions set, as well as producers and promoters of the shows in basket to determine questions to ask (if any) .

 

Through the Partner Companies interface, third parties can log in, via a username and password, to securely collect the contact details for those customers who have said that they are happy to be contacted by the named third party. From this part of the system they can also run any reports that they have been given access to.

 

 

Partner Company contact preferences in the Sales interface:

Spektrix

The customer audit gives the ability to go deep into the audit trail and see clear individual fields changes.

 

The customer audit:

Audit_log

 

Spektrix plans to make add the ability to erase all of the data in the customer audit if required.

 

Transition Services and Issues

Being a ‘full service’ offering Spektrix customers enjoy a range of support services and consultancy advice as part of their monthly service charge. The Spektrix support and consultancy team will be on hand to help configure new features such as partner companies as well as train staff on how to effectively deploy them.

 

Support and training consultants are on hand to work with each client on developing a bespoke strategy to gain and/or maintain the ability to contact their customers. They will consider the condition of current consent documentation and the client’s own approach to consent and legitimate interest before giving their advice.

 

Issue to consider

If venues are using consent as a basis for processing data under GDPR they will need to be able to prove where and when consent was gained, along with wording the customer saw and the action they performed to give the consent.  When customers migrated to Spektrix, (as with many other systems) the data permissions settings were brought across, but NOT these time and channel stamps. In addition to historical data, consents gained before the introduction of the new audit tools will not be complete. Whereas it is unlikely that this will present huge issues for venues, it may be worth documenting or possibly re-consenting / reminding customers of their right to opt out of marketing communication

 

Stand out feature

Even though we have already covered in ‘Great to See’ – the partner companies feature is the clear jewel in the offering. By wrapping a number of tools into an easily configurable (and free!) module / feature set – Spektrix have given venues a clear focus for managing third party consent and data sharing, as well as the ability to share this data securely.

 

Overall

As with all the systems reviewed in this series, Spektrix still has some work to do. However, they have already delivered some very smart tools, that are well thought out and help venues present and collect permissions in a clear and understandable way.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo