Setting the Retention Period for Sensitive Customer Data
Purpose
The Retention Period for your customers Identity Data determines how long you retain their identity data before it is permanently obscured.
Note that once the data is permanently obscured, it can no longer be viewed - this is irreversible.
System Parameters
There are Two Tiers for the Retention Period depending on the sensitivity of that data and they are controlled by two different system parameters. These system parameters can be accessed by going to System Setup > System Parameters > Miscellaneous Parameters:
Tier 1
Tier 1 is specifically for the more sensitive Identity Data, and it involves the customers:
- Driver's License Number
- Passport Number
- Date of Birth
The Retention Period is the length of time in months that this information is kept after the booking is returned. To protect this sensitive data and avoid the chances of it being compromised, it is recommended that this Retention Period is set to as short a time as possible, while still abiding the requirements of your business.
By default, the Retention Period for Tier 1 is set to 6 months, but it can be changed to any of the following:
- 3 months
- 6 months
- 9 months
- 12 months
Tier 2
Tier 2 involves the less sensitive customer data, and you can choose whether or not to obscure it. It includes the customers:
- Email address
- Mobile number
- Address information
By default, this will be set to Always Retain, meaning that the data will never be obscured, no matter how much time passes after the booking is drop off. However, you are able to set a Retention Period for this data that will act the same as for Tier 1. As the Tier 2 data is less sensitive, the options for the Retention Period are longer, and they are:
- Always Retain
- 6 Months
- 12 Months
- 18 Months
- 24 Months
Example
When data is obscured, the first and last characters will appear with the rest replaced by asterixis (*) as shown in the licence and Passport fields as in the example below.
Important Articles
Related Articles
Customer Data Retention Policy
As a result of recent data breaches affecting Optus and Medibank in Australia, we have been reviewing how we can further protect your customers’ ‘identity data.’ This includes data that is commonly used not only when renting a vehicle but also for ...New - Customer Data Retention Policy
As a result of recent data breaches affecting Optus and Medibank in Australia, we have been reviewing how we can further protect your customers’ ‘identity data.’ This is specifically data that is commonly used not only when renting a vehicle but also ...New - Tiered System for Customer Data Retention
The Identity Data Retention Policy was implemented to prevent the compromise of customer information. This is done by permanently obscuring Identity Data after a set retention period. A recent update has been made to improve this Retention Policy by ...Setting up Payment Subscriptions
Setting Up Payment Subscriptions Firstly, ensure you have an account setup with Paypa Plane and advise support@rentalcarmanager.com that you are ready to commence the setup process. Step 1 - Completed by RCM We will then do some setup our end and ...Customer List Report
Purpose The Customer List provides an extract of all customers based on various criteria provided when generating the report. Note that the filters allow a wide range of options. Common use of the customer list is to produce email campaigns as well ...