Articles on: Managing Customers

Data Protection

  1. Customer marketing consent
  2. Named third-party marketing consent
  3. Customer retention period and auto-deletion
  4. Adding your own data privacy policy


We have put together a blog article on GDPR Myths to help event creators understand their obligations in protecting customer data.



During the booking process, customers will be asked if they would like to receive information from you, the event creator, about your products, services, and future events. Customers are required to opt-in to marketing and state which communication method they would prefer (email | post | text message). You can offer all three communication methods or restrict to the type of marketing activity that you undertake. 



  1. Go to Settings and Customers.
  2. Under the Marketing consent heading, tick the communication methods you would like to offer. If an option is not selected, then marketing consent will not be sought from the customer, and they must not be contacted by your organisation via that method. 
  3. Click Save Changes



  1. Go to Customer and Search Customers.
  2. Search for the customer by entering their name in the search box and selecting the relevant customer from the list.
  3. Click Modify Customer.
  4. Update the consent as requested by the customer.
  5. Click on Save Changes.





  1. Go to Events and Modify Events.
  2. Select your event and click Modify Event
  3. Within the event designer under the event title click the pencil icon to edit.
  4. Expand the Advanced settings section.
  5. Under Third-party marketing consent, tick next to Obtain marketing consent from the customer to be contacted by a third party with updates about their products, services, and future events.
  6. Enter the name of the third party.
  7. Tick the relevant communication methods the third party would like to offer.
  8. Click Save Changes.



  1. Go to Customers and select Search Customers.
  2. Search for the customer by entering their name in the search box and selecting the relevant customer from the list.
  3. Go to the Customer Bookings tab.
  4. Next to the relevant booking which links to the event which has sought consent for the third party marketing, go to Actions and select Modify Third Party Communication Consent.
  5. Update the preferences as requested and click Save Changes.


Export customers who have agreed to third-party marketing:


  1. Go to Customers and Export Customers.
  2. Select whether you wish to extract customer data for all events or specific events.
  3. Use the filters to extract more specific customer data if necessary.
  4. Under Export detail, select Customer and booking details.
  5. Tidy your list by using Export Options (e.g. exclude customers if no email address is provided).
  6. Under Marketing Consent, select the marketing communication type you want to download and the option for third-party data.
  7. Choose whether you would prefer to have your data in the form of a CSV or an excel spreadsheet.
  8. Click on Export Customers.
  9. An email will be sent to your user email address containing an authentication code. Enter the code received and click authenticate
  10. Your document will be downloaded to your device.


3. Customer retention period and auto-deletion


You can specify your data retention period within your TicketSource account, and the system will automatically delete a customer’s personal data once this period has expired.


Personal data consists of a customer’s name, address, email, phone number, and membership number – i.e. any identifiable data.  Booking details (e.g. event, ticket information, ticket value) is not personal data and will not be deleted.


Set your retention period:


  1. Go to Settings and Customers.
  2. Under the Data Protection and Customer Data Privacy Policy heading, select your retention period from the Retain Customer Data Dropdown. 
  3. Click Save Changes


Retention rules:


The retention period is calculated from the date of a customer’s last booking (or the date the customer's record was created where they have no bookings).  If a customer is a frequent booker, the retention period countdown resets at each subsequent booking. Therefore a customer’s personal data will only be deleted if their customer account is dormant for the retention period.


Following the retention period, customers’ historic booking details will remain, but their personal details will be purged and anonymised.


Customer data will be automatically purged from our servers when it falls outside of the specified retention period.


If you have linked your TicketSource account to a MailChimp account, affected customers will automatically unsubscribe from your MailChimp mailing list when their data is purged from our servers.


Please exercise caution when applying this setting, as customer data cannot be retrieved once it has been purged from our servers in line with GDPR requirements. 


4. Adding your own data privacy policy


The TicketSource Data Privacy Policy is displayed as part of the online booking process; however, you can also add your own Data Privacy Policy to enable it to be presented to the customer.


  1. Go to Settings and Customers
  2. Scroll down to Data Protection and Customer Data Privacy policy and add your own information. 
  3. Click Save Changes.


Customers can now access your Data Privacy policy during the online booking process.

Updated on: 14/07/2025