News and Discussion

Launched in 2010, The Ticketing Institute’s aim is to give commentary and a place for discussion on the new opportunites for ticketing, marketing and CRM, for digital marketing and social media integration.

Our news and discussion area is a home to press releases on stories affecting the industry as well as our own blog posts on the issues, trends and news of Sports and Entertainment ticketing / customer engagement.

Syx Ticketing Announces Plopsa Amusement Parks Deal

Plopsa amusement parks selects Syx Ticketing for its innovative ticketing solutions

Syx is very excited to announce its partnership with the Plopsa amusement parks. As of 2018, Syx Ticketing will provide the Plopsa parks with an innovative cloud-based ticketing and booking system. Over 30 ReCreateX POS systems will be implemented across the six Plopsa venues:

–          Plopsaland De Panne (B)

–          Plopsaqua (B)

–          Plopsa Indoor Hasselt (B)

–          PlopsaCoo (B)

–          Plopsa Indoor Coevorden (NL)

–          Plopsa Holiday Park (D)

 

The Rheinland-Pfalz based Holiday Park comes as Syx’s first customer in Germany, from where it will launch its further growth into the German-speaking countries.

To avoid long queues at the ticket desks and to grant its visitors quick access to the park, Syx will deliver Plopsa’s first 4 self-service kiosks in De Panne. 

Plopsa also selected Syx as its partner for online ticket sales, payment gateway and the brand new 3rd-party reseller platform. ReCreateX will be hosted from Syx Automations’ ultramodern new ISO27001 certified data centre in Amsterdam.

 

Edwin Hemkes, Sales Director at Syx: “We have been in contact with the Plopsa team for over 15 years and are thrilled to finally have them on board. Our recent Gantner merger provides us with a global network of offices from where we can support customers like Plopsa with a cross-border growth strategy.  The partnership with Plopsa also gives us the opportunity to translate and prepare our ticketing solutions for the German-speaking countries. We are accelerating our further international growth which is beneficial for all our software users – it allows us to further invest in continuous innovations, which in turn provide our customers with tools which focus on increasing revenues and enhancing visitor experience.

 

Steve Van den Kerkhof, CEO Plopsa Group: Plopsa selected Syx Automations because of its innovative integrated total solutions, the extended functional possibilities, open API and its elaborate services: 24 hours a day, 365 days a year.

 

About Plopsa:

The Plopsa group, as part of Studio 100, exploits six spectacular theme parks located across Belgium, The Netherlands and Germany.

In Belgium, Plopsaland De Panne opened its doors in 2000 and Plopsa Indoor Hasselt opened in 2005. In the same year, Plopsa took over Télécoo and renamed it Plopsa Coo in July 2006. Plopsaqua, the first themed waterpark of Plopsa, was proudly opened in 2015. 

In 2010, Plopsa went abroad with the opening of its first indoor theme park in the Netherlands: Plopsa Indoor Coevorden and in 2011 Plopsa took over Holiday park in Germany.

The parks welcomed three million visitors in 2015. They all provide great days out for the whole family, with numerous attractions and entertainment to serve all age groups.

 

About Syx:

Syx Ticketing has been providing ticketing and leisure management solutions for the arts and cultural sector, visitor attractions and leisure industry customers for the last 30 years. 150 ticketing professionals work closely with international clients offering superior technology and fully customisable software aligned to each individual organisation’s specific needs.

ReCreateX is the state-of-the-art software application that processes high volumes of ticket sales, memberships and event bookings. The software includes bespoke modules such as sophisticated CRM and has an easy to use Point Of Sale front-end which processes ticket sales including invoicing and itineraries, retail, food & beverages and course bookings management.

We are proud of our + 800 customers using ReCreateX and these include: The Tower Bridge, The View from the Shard, The Rijksmuseum, Van Gogh Museum, Pairi Daiza, the Zoos of Amsterdam, Rotterdam and Antwerp, the Royal Museums Greenwich plus many more spread across the UK and mainland Europe.

More Traction for Make it Social

Edinburgh tech company makes the A-list

 

Edinburgh-based start-up, Make it Social, whose software enables people to book as a group but pay individually, has extended its West End reach with ticketing for its first play – ‘Glengarry Glen Ross.’  The iconic production, staged first in 1983, was later made into a film in 1992 starring Jack Lemmon and Al Pacino.

 

Audiences going to see Christian Slater, who plays a cut-throat salesman and stars in this latest revival in London’s Playhouse Theatre, are now able to take advantage of the technology for the first time.

 

Earlier this year Make it Social partnered with Ambassador Theatre Group (ATG) for the musical ‘Wicked,’ also in London.  The company’s software is now being rolled out to productions of the show in all major cities across the UK – those going to see it in The Edinburgh Playhouse can already ‘Make it Social.’

 

Established in 2013, Make it Social now employs 16 staff.  Two months ago it announced another significant partnership with Ticketmaster enabling it to move into ticketing markets in Europe, Australia and New Zealand.

 

Founder Eddie Robb said:  “Make it Social is delighted to be associated with such a high profile and popular play and it’s hugely satisfying to see people using our online vehicle to get offline and do more things in the real world.”

 

Charles Bruner of ATG added:  “Make it Social takes the hassle out of group booking making sure the organiser isn’t out of pocket.  We are always looking for ways to make life easier for, and thus enhance the experience of, our audiences.  We look forward to using the software for more ATG productions in the coming months and have a planned programme to achieve this.”

Ticketing Systems’ Preparedness for #GDPR

After several months and many hours of looking at systems and talking to vendors we today published a series of articles on how ticketing systems are preparing for GDPR.
From the outset these articles were not designed to be ‘reviews’ or in any way endorsements of the products or the direction their architects have taken.
It is fair to say there are differing approaches, priorities and overall levels of preparedness, in our opinion.
There were two key areas where we saw these differences, firstly in the customer audit, some systems have a robust, and have had for many years, audit of customer records, tracking each change, the channel, operator as well as before and after values. Others appear slightly later to the party. The auditing of descriptions, labels and other ‘sign up’ phrases was only seen in a few systems.
We also saw differences in readiness to be able to collect granular third party consent, that is the named party a customer is consenting to share their data with, typically this is for touring or co-productions. Here, we saw a number of vendors deliver a solution, whilst some were still in design phase. As we see in all implementations of software, there was some difference in the quality of the design and deployment.
Venues will need to examine how they move forward with their current provider and satisfy themselves that the software is capable and is configured to fit in with their own organisations policies to be compliant with GDPR. As we have said on numerous times, compliance is not the responsibility of the provider, but of the organisation using it. GDPR also stretches way beyond boring ticketing and marketing!
We have seen vendors already openly talking about or briefing their users on new GDPR tools, with more due in the New Year. So if you haven’t made a start, you best make a start. A call to your software’s support department could be a good place to start.

Systems Covered

This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.
The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.

This work has been made possible by support from Arts Council England

How is AudienceView Getting Ready for #GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at AudienceView

 

System

AudienceView

 

Back Ground

AudienceView provides systems to organisations around the globe, so has a strong history of providing national or continental compliance tools.

 

Their view

As a software supplier, their belief is around facilitation, not enforcement. Their mission (and what we have seen in versions examined) is to provide their clients with the tools they need, leaving them to decide how they use them to operate in a GDPR compliant way.

 

What we saw

During our session we examined version 6.8 – some customers in the UK will have already moved to version 7, but most are still using the version we saw as part of our session.

 

Great to see

AudienceView is one of only a few systems we have seen that has a very granular audit system. Not simply which seat was sold by whom, but much deeper. If venues are using consent as their basis for processing data, they should be able to reference when, where and how consent was obtained. It will also be necessary to be able to show the message that was displayed (or read) to the customer at that time. Audienceview audits changes to labels in their system, so venues will be able to definitively prove the message displayed at time of consent.

 

Audit

 

 

 

What we didn’t see ……. but is coming

AudienceView shared their roadmap on issues relating to GDPR – with three key items set for delivery in early 2018. The expansion of the 3rd party permissions solution that they current use will be a key element, at present this is handled through event specific questions, which does allow both an audit and a specific named permission to be sought. Customer obfuscation – as it is called on the roadmap delivers simple tools to facilitate ‘the right to be forgotten’ should that right be deemed appropriate by venues. Perhaps the one I liked the title of most was ‘GDPR success’ which is a collection of tools to make life easier for data controllers, bringing views and reports together for easier data management.

 

Transition Services and Issues

There are already some of the key elements in AudienceView that venues can use on their journey towards GDPR compliance. With the update due in 2018, venues will need to consider how these are deployed and whether they will need to migrate or update newly available fields from the ones currently used to store consent or third party sharing options. The ability to mass move data has long since existed in Audienceview, it will be the venues that will need to plan that transition and updates to their customer service team policies.

 

Issue to consider

One of AudienceView’s standout features, in my opinion, is their inbuilt CMS which enables venues to create multiple microsites. These can all deliver differing content or inventory. The rules that control these flows are called roles. Commonly they use a role called ‘internet’ for online. The role is shown as part of the audit trail. If differing methods or wording around data sharing and GDPR compliance are to be used on these different sites, organisations may wish to think about having a clear role for each microsite (Internet-mainsite) / (Internet-panto-site) for instance.

 

Stand out feature

Again, my stand out feature is one rarely seen in other systems. This is a simple ‘stop all communication’ option that is available in a customer’s record. ( I called ithe ‘nuke’ feature)  – but we must understand that, if using consent as a basis for marketing, we must make it as easy for a customer to withdraw their consent as it was to grant it.

 

Overall

Audienceview are already well on the way to deliver some great tools to allow venues to achieve GDPR compliance. There may be updates to come in 2018, but we were encouraged to see they have, for a very long time, had a solid and reliable audit engine around permissions and customer data as a whole.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


How is Red61 Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at Via by Red61

 

System

VIA by Red61

 

Back Ground

VIA has traditionally been thought of as a ‘festival’ ticketing system, however recent additions to both the product and team behind the solution now sees them as an emerging provider to both the attractions and venue ticketing space.

 

Their view

Given their background in the complex world of festival ticketing (think festival, artist, venue all with an interest in data) it is no surprise that Red61 have already invested time into modelling data ownership and permissions for customer contact. As they put it “It’s where we came from, it’s in our DNA”

 

What we saw

During our session, we discussed the possibilities for multiple permissions per customer as well as the flows of data for ‘agency’ sales. In addition to this we also looked at the flow for collecting named third party consent.

 

Great to see

Red61 joins a select few systems that from our inspection can currently deliver ‘named’ third party consent. As with other leading systems in this field they perfectly manage the concept of ‘Promoter’ or ‘Producer’ allowing customers to clearly see (and consent) to who their data may be shared with.

Permissions

Collecting Third Party Permissions and a feature we loved – ‘Preferred Contact Method’

 

What we didn’t see ……. but is there

VIA supports exposing the questions and answers to both the standard out of the box online ticketing platform that Red61 supply to some of their clients. It also supports this through its API, allowing venues to build a smooth and tailored flow that suits their needs and data permissions accordingly.

 

Transition Services and Issues

Many of the features that venues will need to be using to remain compliant under GDPR – (if using consent as the basis for processing) are already in VIA, and as such many clients are already using them.

 

Issue to consider

For those clients who have been using the generic ‘Third Party’ or ‘Producers of shows I go to see’ statements may need to think about campaigns and actions to go out and confirm consents from these customers. Given the data may have already been shared before the 18th May deadline the implications for the users may be minimal, the organisations to which the data was shared may need re-consent.

 

Stand out feature

We really like not only the features but the attitude around best practice in data sharing / permission gathering.  Even though it is not a GDPR requirement, it was so refreshing to see that each customer can set their own ‘preferred method’ for contact, not just once, but for each of the possible future data controllers. Surely a great tool for marketing campaigns not only to hit the right people but also the right way.

 

Overall

It is not surprising given their experience in dealing with complex ticketing networks ( the Edinburgh Fringe Festival – need we say more?) that Red61 seem to have put solid data management and consenting tools at the core of their offering.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


How is ProVenue from Tickets.com Getting Ready for GDPR?

 

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at ProVenue from Tickets.com.

 

System

Tickets.com ProVenueDatabox / ProVenueMax / ProVenue

 

Back Ground

Tickets.com currently has three products in active use, its latest iteration ProVenue is the focus of this report and currently is their actively developed offering to the Arts, Sports and Visitor Attraction sectors.

 

Their view

Tickets.com has researched both their responsibilities and those of venues ahead of their developments to the product. With their experience in delivering multi-purpose and shared systems, they have built on previous work to deliver tools to help venues achieve GDPR compliance.

 

What we saw

During our session, we focused mainly on the ProVenue product, both from a box office as well as online interface. We also looked at how legacy products such as ProVenueMax and ProVenueDatabox have been delivering (for many years) the levels of granular permissions that are required under GDPR if relying on consent as a basis for processing.

Great to see

It was refreshing to look at systems / versions of product released many years ago that even before legislation, gave marketing staff (and consumers) granular permissions based on content and channel.

 

What we didn’t see ……. but is there

In ProVenue there are very detailed audits of not just customer data field changes, but also changes to the field labels. This makes ProVenue one of a small group of systems that can adequately demonstrate WHAT a customer saw during their sign up. We did see that many of these fields or audit trails can be configured to display in the Box Office UI. Whereas the ability to see this in the UI is not required under GDPR it is refreshing to see that a vendor understands how important this is.

 

Transition Services and Issues

Overall Tickets.com have a selection of tools and interfaces which seem to give venues the ability to accurately gain, record and report on consent, if this is the basis for processing customer data. With these tools already in the product there is little transition work needed it seems.  Venues requiring bulk updating of records or such services can seek help through the Tickets.com service desk.

 

Issue to consider

Whereas many of the features and tools to help clients operate in a GDPR compliant manner are in all three products, development focus is on the ProVenue system and the MPV (My ProVenue) online interface. Venues who require third party (promoter / producer) sharing tools will need to look out for upcoming developments in this area.

 

Stand out feature

As many of you may remember from Databox use, the ‘ask later’ tool is once again in the latest iterations of software from Tickets.com. Users can therefore rest easy that operators who do not capture customer preferences have not ‘lost’ a client – the next operator that serves them will be prompted to collect preferences. This is great, however, we were particularly impressed by the ability to define multi-facetted multi-channel combinations, including the ability to define which are ‘pre ticked’ – users can have mail, sms, email and phone for venue communication, but just email and phone for fundraising. This also opens the possibility to have electronic methods of communication pre-ticked during a purchase path – a sure way to make sure soft opt ins to your venue mailings.

 

Overall

Tickets.com has a proven track record of delivering compliant systems, their latest ProVenue offering has many great features, but once again shows solid and smart thinking in helping venues achieve compliance, while continuing to provide them with the tools they need to grow their audiences.

 

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

 

ACE_Logo


 

 

 

 

How is PatronBase Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at PatronBase.

 

System

PatronBase

 

Back Ground

PatronBase supplies ticketing / crm systems to a variety of organisations around the World, including the UK and Spain.

 

Their view

PatronBase has focused its offering on consent based permission as a basis for processing and on-going marketing communications.

 

What we saw

We examined several elements of the PatronBase offering during our session, including the box office and online flows for recording consent, as well as examining the granular audit trail that the system records and the tools PatronBase offer to allow for customised messaging online through its ‘Web Module’ – their out of the box online tool.

 

Great to see

PatronBase offers and almost unlimited range of marketing communication ‘levels’ and ‘channels’ – allowing venues to specify the types of communication a patron would like to have, as well as the method they would like to receive them in. This opens the door to allow customers to perhaps specify emails and postal contact for brochures and promotional material, whilst only post for fundraising asks.

 

Privacy_Report

PatronBase has audits permissions by operator and application channel as standard

What we didn’t see ……. but is coming

At present PatronBase’s communication levels are not driven by a user’s basket or previous consents obtained. There is a concerted development drive to deliver ‘named third party’ consents in an upcoming version. Given PatronBase already has a deep level of segmentation on events, by ‘Promoter’, “Project’ and other key identifiers, they will simply be needing to reference these to develop the consent user journey.

 

Transition Services and Issues

With many of the foundations in place to allow venues to be GDPR compliant there may not be a huge amount for PatronBases users to actually do or need assistance with.  Once the new named third-party consent permission structure is delivered, it will be necessary for venues to seek the correct named consents for their existing users. PatronBase will be delivering consulting and professional services to their clients in this area.

 

Issue to consider

They key item we saw that users should check is that their statements displayed to box office operators and web customers (including all web interfaces, as PatronBase supports many different online personas or ‘skins’) are consistent, in their meaning and scope.  We didn’t see this as likely, but it is possible, that online a statement may read “tick this box if you don’t…..” and offline it may read “tick this box if you do…..”.

 

Stand out feature

It sounds incredibly boring to list the strength and clarity of audit trails as a stand out feature, but when using consent as a basis for processing and contacting customers under GDPR it is going to be vitally important. Not only are these audit trails already (and have been for many years) they are clearly exposed in the UI too. This audit, coupled with already existing reports which look to satisfy as DSAR (Data Subject Access Request) that may come in, could mean that venues can respond with almost a single click of the button. We do hope venues do not find themselves subject to too many DSARs, but already having that box ticked is a great feature to see.

 

Overall

PatronBase has a strong audit engine underlying its ticketing and fundraising toolsets. The ability to edit messaging to clearly as well as having a suite of reports to satisfy DSAR requests provides a solid base for venues to move towards GDPR. The delivery of named third party consents based on purchases is the only piece of the puzzle missing and we look forward to seeing that in soon to be released versions.


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


 

How are Monad Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at Monad.

 

System

Monad

 

Back Ground

Monad supplies its web-based ticketing tools to small and medium sized venues across the UK, based in London, they have a strong focus on usability and smart design.

 

Their view

Monad have always championed permissions being post checkout, allowing customers to secure their tickets with minimal clicks, maximising conversion.

 

What we saw

We worked through many examples, seeing the web flow for customers, as well as operator interfaces within the Monad system. (these are actually almost identical to each other). Using a demo system, we also walked through creating new ‘marketing lists’ – which are the mechanism to store permissions in Monad.

 

Great to see

Monad effectively ‘freezes’ the text around permissions once permissions begin to be collected on that list. So, it is impossible to just change the label that appears to a customer or staff member from “I’m happy to receive show news” to “I’m happy to receive show and fundraising info” – this therefore allows staff to definitely show the exact wording displayed to a customer at time that consent was gained. A new list can of course be created with the new description, all new consents will be stored in that list, the original list is still there and can be used for segmentation. Existing users will be offered the chance to upgrade to the new consent statement on next purchase.

 

 

What we didn’t see ……. but is coming

At present it is not possible to see a customer’s audit trail from within the customer record itself – you must look at the log of the list itself to show a customer’s opt in and out. Also, the current system only shows leaving or entering a list, not the channel or staff member who made the change. Ben Curthoys, the CEO, explained that this would be available very shortly. The other feature which is currently missing, but we would hope to see shortly is those around named third party permissions. Monad’s innovative ‘Folders’ way of dividing data, will allow individual or custom questions based on one (or many) factors. Permissions may be driven by promoter, performance space, performance, or membership status.

 

Transition Services and Issues

There are limited tools within Monad for customers to mass move data into new permissions structures. This is by design as Monad believes mass changes to customer permissions should really never be needed. Monad’s staff will be available to provide technical services should a reformatting or mass move of state

 

Issue to consider

Venues using Monad will need to consider how they will migrate users to a new third party consent system, particularly their choice of folder structures to trigger these questions. In addition to collecting these permissions, they must also examine their current consent label wording and decide if to begin using new, compliant text (if not already clear and unambiguous) to make sure all new data has been obtained in a compliant manner.

 

Stand out feature

Monad is one of very few systems who push marketing permissions and preferences to post transaction screens.  This is a major shift in the transaction flow, but one that makes total sense. It allows very clear focus to be placed on ‘closing the sale’ – selling tickets, and then allowing clear and simple layout of permissions without a countdown clock scaring customers to rush through options. This methodology also allows customers to be reminded of their preferences on each transaction without having to dive off into ‘my account’

 

Overall

Monad still have some work to do to tidy up interfaces to allow clients to find exact permission opt-in times and places. Locating the marketing permissions post-transaction is a bold design decision, but it has been in place for many years, and there is no evidence that it has limited sign up. The ability of the company to move items through a streamlined development and deployment cycle helps them and their customers get access to the tools they need.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


 

How is SRO by SeatGeek Enterprise Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at SRO by SeatGeek Enterprise

 

System

SRO by Seat Geek Enterprise

 

Back Ground

SRO, or SRO4 until recently, is an enterprise ticketing platform used by a range of entertainment, sports and attraction clients around the World.

 

Their view

SRO empowers their users through a variety of tools to allow them to configure data collection, customer flows and experience, using their cutting edge ‘Rules Engine’ to shape these experiences.

 

What we saw

During our session, we examined the online customer experience using the eSRO module (the out-of-the-box) online experience, in addition to this we walked through gaining consent in a face to face transaction using a number of the interfaces that Seat Geek offer, including their intuitive touch screen interface.

 

Great to see

It sounds old fashioned but we have loved seeing the ‘Ask me later’ feature as part of this process, several systems have it and SRO is in that select group. Even as venues push towards GDPR compliance they must not lose sight of the fact that customers (and staff) are busy people – someone not being asked or not positively giving their consent is not the same thing as them saying ‘NO’. The use of ask me later functionality or even recording that no answer was given allows the question to be foregrounded in a later transaction.

What we didn’t see ……. but is coming

Seat Geek’s large development team have prioritised the delivery of tools to seek what we will describe as ‘basket content specific permissions’. Given that SRO allows an almost unlimited number of levels of permission venues could choose to create a new level for every visiting show or company, however the end user or operator would not be directed to which ones were relevant for the current purchase.

EDIT: We have recently seen a beta version showing this.

Transition Services and Issues

As part of Seat Geek’s commitment to providing a high quality service to their clients, they have embarked on a series of education sessions with all helpdesk staff on both the issues and different basis for processing approaches. With a number of tools to export, import and manipulate data within SRO users may choose to undertake tasks themselves or engage with the helpdesk

SeatGeek Enterprise are also planning training sessions on new tools and ways of working with SRO / GDPR in the new year.

 

Issue to consider

Currently in SRO there are two levels of permission on a customer record – first ‘XYZ can contact m’ and then communication specific preferences. Putting ourselves in the consumers position, will then realise that if they tick the ‘first’ box that they also need to give the granular permissions for each type of communication?  As businesses, we are aware of our obligations, but I am not sure consumers will be aware of it. It may be necessary to think about online forms are labelled and worded.

 

Stand out feature

SRO has one of, if not perhaps the, best auditing engine we have seen in any system, certainly as part of this series of reviews. It is in a select few systems that audits EVERY field, recording both the before and after values, along with date and time stamping. What does this add to a venue’s drive towards compliance? Simple, your consent based opt-in says ‘We would like to contact you about upcoming shows’ – people opt it. Someone then changes that phrase to read ‘We would like to contact you about upcoming shows, restaurant offers and send you membership offers’ – people opt in. Which people saw message 1 and which saw message 2 when indicating their consent?  The fact that SRO audits that change, their users are in a select group that could demonstrate the exact message a customer saw when giving consent.

 

Overall

SRO’s powerful database is its key strength in providing tools to achieve GDPR compliance. If relying on consent as a basis for processing, it is vital that where, when, who and whats are all recorded and easy to produce if ever needed. Still some pieces to add to the jigsaw but SRO has the key pieces in place to build on.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo


 

How is Spektrix Getting Ready for GDPR?

GDPR // Ticketing System Readiness Series

How are leading systems responding to changes in EU Data Protection? In the latest in this series we take a look at Spektrix

 

System

Spektrix

 

Back Ground

With over 312 venues now using Spektrix, it is a widely used system supporting small, medium sized and large venues alike.

 

Their view

Spektrix are usually front runners in adding functions and features not only to help venues earn more revenue, but help them with their tasks and deliverables, from gift aid submission to HMRC or supporting data sharing agreements between NPOs.

 

What we saw

During our session, we walked through the buyer journey online as well as in the box office. Spektrix clients can integrate using both the API and iframes. With most of Spektrix’s clients using their iframe integration from the point of seat selection, the online journey is very similar for each of their clients (except, of course, for branding).

 

Great to see

The Partner Companies feature is a slick and well thought out piece of software. Too many system flows rely on going through ‘My Account’ to update preferences. Spektrix has built in logic to the checkout flow that examines basket contents and checks current permissions set, as well as producers and promoters of the shows in basket to determine questions to ask (if any) .

 

Through the Partner Companies interface, third parties can log in, via a username and password, to securely collect the contact details for those customers who have said that they are happy to be contacted by the named third party. From this part of the system they can also run any reports that they have been given access to.

 

 

Partner Company contact preferences in the Sales interface:

Spektrix

The customer audit gives the ability to go deep into the audit trail and see clear individual fields changes.

 

The customer audit:

Audit_log

 

Spektrix plans to make add the ability to erase all of the data in the customer audit if required.

 

Transition Services and Issues

Being a ‘full service’ offering Spektrix customers enjoy a range of support services and consultancy advice as part of their monthly service charge. The Spektrix support and consultancy team will be on hand to help configure new features such as partner companies as well as train staff on how to effectively deploy them.

 

Support and training consultants are on hand to work with each client on developing a bespoke strategy to gain and/or maintain the ability to contact their customers. They will consider the condition of current consent documentation and the client’s own approach to consent and legitimate interest before giving their advice.

 

Issue to consider

If venues are using consent as a basis for processing data under GDPR they will need to be able to prove where and when consent was gained, along with wording the customer saw and the action they performed to give the consent.  When customers migrated to Spektrix, (as with many other systems) the data permissions settings were brought across, but NOT these time and channel stamps. In addition to historical data, consents gained before the introduction of the new audit tools will not be complete. Whereas it is unlikely that this will present huge issues for venues, it may be worth documenting or possibly re-consenting / reminding customers of their right to opt out of marketing communication

 

Stand out feature

Even though we have already covered in ‘Great to See’ – the partner companies feature is the clear jewel in the offering. By wrapping a number of tools into an easily configurable (and free!) module / feature set – Spektrix have given venues a clear focus for managing third party consent and data sharing, as well as the ability to share this data securely.

 

Overall

As with all the systems reviewed in this series, Spektrix still has some work to do. However, they have already delivered some very smart tools, that are well thought out and help venues present and collect permissions in a clear and understandable way.

 


This article gives information in relation to what we consider to be best practice. However, compliance is context and fact sensitive and as such following any guidance does not guarantee regulatory or statutory compliance.

The Information Commissioners Office will judge any complaint on its own merits, and organisations in need of context or situation specific legal advice should seek it from an appropriately qualified source.


This work has been made possible by support from Arts Council England

ACE_Logo