GDPR Compliance
SimplyTicket provides tools to help you comply with GDPR requirements, including data access requests, deletion, and export capabilities.
GDPR Rights Supported
Right to Access (Article 15)
Customers can request a copy of all data you hold about them.
How to fulfill:
Customers → Search → Export Customer Data
Right to Erasure (Article 17)
Customers can request deletion of their personal data.
How to fulfill:
Customers → Search → Delete Customer
Right to Rectification (Article 16)
Customers can request correction of inaccurate data.
How to fulfill:
Customers → Edit Customer Profile
Right to Data Portability (Article 20)
Customers can receive data in a machine-readable format.
Export format:
JSON or CSV download
Data Retention
Configure automatic data retention policies in Settings → Privacy → Data Retention:
| Data Type | Options |
|---|---|
| Closed Tickets | 1 year, 2 years, 5 years, Forever |
| Chat Transcripts | 90 days, 1 year, 2 years, Forever |
| Activity Logs | 90 days, 1 year, 2 years |
| Inactive Customers | 1 year, 2 years, Never auto-delete |
Consent Management
📧 Marketing Consent
Track opt-in/opt-out status for marketing communications per customer.
📊 Analytics Consent
Respect customer preferences for analytics tracking.
Processing Records
GDPR Article 30 requires maintaining records of processing activities. SimplyTicket provides:
⚠️ Data Breach Response
In case of a data breach, GDPR requires notification within 72 hours. SimplyTicket provides breach detection alerts and pre-formatted notification templates in Settings → Privacy → Breach Response.