You can remove a customer from your system completely with the Customer Personal Data Anonymization feature. This feature searches for and permanently removes all key information about a customer (name, email, address, phone, date of birth, etc.) from the entire system. Records that reference the customer can then be accessed only by customer ID.
NOTE: Contact Revel Support to enable this feature. Once the feature is enabled you'll be able to select it on the Settings tab.
- Enabling Customer Personal Data Anonymization
- Removing a Customer from Your System
- Anonymization "Under the Hood"
- Anonymization on the Point of Sale
- Anonymization and Online Ordering
Enabling Customer Personal Data Anonymization
Once Revel Support has enabled the feature, you can change it in Settings. Here's how:
- In the Management Console ([yoursubdomain].revelup.com) go to the Settings tab.
- Click Clear Selections.
- Type consumer in the search field.
- In the left-hand window click the checkbox labeled Customer Personal Data Anonymization to view the option.
- In the right-hand window click the checkbox to enable the feature.
- Click Save:
Removing a Customer from Your System
- In the Management Console, go to the CRM tab.
- Click the anonymization icon in line with the customer's name:
- In the pop-up window, confirm anonymization by clicking Continue, or click Cancel.
The customer's personal data has now been completely scrubbed from the system, although you will be able to see records concerning them under their anonymous customer ID in your Action Log.
Note that there is no way to perform this action in bulk at the moment.
Anonymization "Under the Hood"
While the steps above will get you up and running with Customer Anonymization, you may be curious how we handle it "under the hood.
After you remove a customer's data from your system (see Removing a Customer from Your System above), here's what happens:
- Anonymization iterates through all the customer's database fields and replaces them with a null value, with the exception of a few fields:
- Email is replaced using the format noreply+anonymous_<ID>@revelup.com
- First and last names are replaced using the format anonymous_<ID>
- Phone number is replaced with ID and zeros up to 15 symbols, e.g., 00000000<ID>
- Gender is set to Decline to State
- All related models (e.g., customer address, customer vehicle) are also iterated, their values replaced with null.
- Customer photo is deleted.
Since a customer record might contain duplicates underneath it, all duplicates go through the same process. Customer is set as inactive and deleted, so is not visible in customer list. If merchant were to navigate to such customer's details page knowing his ID, he could be able to see such data:
Anonymization on the Point of Sale
After you make anonymization changes in your Management Console ([yoursubdomain].revelup.com), your Point of Sale operator will be prompted to log out of the Point of Sale and refresh. A refresh is required to clear any non-anonymized customer data stored locally on the iPad.
Anonymization and Online Ordering
Be aware that if you anonymize Online Ordering customer data, those customers:
- Will no longer be able to receive Online Ordering receipts via email
- Will need to reset their username and password to log in to your Online Ordering site