Under the General Data Protection Regulation (GDPR), you need a lawful basis for processing your customers' data, which includes emailing or SMSing them. The most straightforward way to have lawful access is to secure consent, which 10to8 can take care of for you.


You do not need to read this article if you manage customers' consent yourself. However, 10to8 can automate this process, taking a weight off of your shoulders.


Securing Consent During Booking

When you book a customer into 10to8 yourself, you will be asked whether they have granted "Consent to contact".



You do not have to tick this to place a booking, but it is a good prompt to remind you to ask.


When your clients book themselves in online, 10to8 will automatically ask them to consent to be contacted. Our research suggests this does not reduce booking rates and keeps your business within the spirit, and letter, of the GDPR.


10to8 keeps a full audit of when your clients consented to be contacted. Contact us if you want details on a specific customer.


Communicating only with those who have consented

To stop 10to8 from contacting customers who have not consented, go to "Set Up" > "GDPR & HIPAA" > "Consent for Customer Communications". By default, 10to8 will contact your customers for new bookings, reminders etc. To stop 10to8 from contacting people who have not consented, click the relevant option.


On being compliant

Turning this option on does not automatically make your business compliant, and leaving it off does not make you non-compliant. But these features can take some of the sting out of the GDPR.