Early bird
tickets
available now!
Software
Building relationships

Using personal data to stay in touch with spa guests and customising experiences can increase repeat visits, but GDPR can make this challenging and operators have been fined millions for breaches. So how can software suppliers help?


Sneha Thuppul
Agilysys
Sneha Thuppul / photo: Agilysys

The Agilysys Spa solution provides valuable information to employees to enhance the guest experience and retain wallet share for future visits, whether that’s via automated, targeted campaigns or one-to-one outreach. Onsite, staff can use Agilysys’ common profile and single itinerary view to identify and cater to guests – if they’re only staying and playing golf, for example, staff can target specific offers to entice them to book a spa appointment too.

Agilysys Spa enhancements allow properties to create custom policies that enable staff to collect guest consent to retain guest information for a specified period. After the specified period, if guest consent to keep their data longer isn’t obtained, that data is rendered anonymous to comply with region-specific data protection and privacy acts, such as GDPR and CCPA.

Agilysys Spa enhancements allow properties to create custom policies for collecting and retaining guest information
Craig Griffin
Journey
Craig Griffin / Journey

With Journey, spas can easily capture customer information and send messages via the client’s preferred contact method – email, call or SMS. Marketing is restricted to clients who opt-in for such messages; this complies with GDPR requirements. Contacts can be segmented based on times of visit, treatment types and spending history. Those who’ve not explicitly opted-in to receive marketing are marked for service emails only such as booking and/or payment confirmations.

Spas must maintain customer records within Journey’s system, including removing and deleting their data and updating preferences when required. Spa clients can update their details and preferences online; updates act as an electronic signature meeting the ‘right to rectification’ requirement of GDPR.

Journey helps simplify data processes for spas. Our software is GDPR and PCI-DSS compliant, keeping customer data secure. We regularly audit customers and assess our software’s functionality, releasing updates to ensure spas meet and retain GDPR compliance.

Journey regularly releases updates to ensure spas meet and retain GDPR compliance
Devon McKercher
Spasoft
Devon McKercher / photo: SpaSoft

Due to the nature of the spa industry and the type of services offered, guests share a lot of information and operators need to be careful that all their systems and data processes – not just software – are GDPR compliant and that employees are trained on how to respond to inquiries and requests.

SpaSoft has strong reporting capabilities allowing staff to pull reports on past guests. Combined with customisable wellness intake forms and post-service surveys spas have all the data they need to recommend services that are personalised to guest preferences.

SpaSoft has developed a series of features that allow spas to comply with GDPR and enhance overall guest data security.

These include:

• Enhanced change logs that allow spas to track any guest anonymisation with change reason codes

• A report that lists the personal information that is retained for a guest. This report can also be shared with a guest for verification

• An anonymisation feature that removes all guest information retained in the system on demand – although references to some items are inserted with generic tags that allow the operational data to remain intact for reporting and historical accuracy.

SpaSoft’s enhanced change logs allow spas to track guest anonymisation
An anonymisation feature removes guest data on demand / photo: Spasoft
Sal Capizzi
Book4Time
Sal Capizzi / photo: Book4Time

It’s been proven that when a guest feels seen and heard, they’re more likely to spend more time at your spa, increasing the overall ticket amount. Book4Time offers a digital intake solution which guests fill out before they even arrive on site, allowing operators to get to know them before their treatment and potentially provide an exceptional experience. Our system also easily enables spas to create customised marketing campaigns.

Book4Time ensures that personal data stored on the system is compliant with ever-changing regulations. Enterprise and global reporting gets stripped of personal data (name, address). We also have a data processing agreement with operators and give recommendations on how to use the information once collected.

Book4Time has a data processing agreement and gives recommendations on how to use information once collected
Charity Hudnall
Vagaro
Charity Hudnall / photo: Vagaro

Vagaro’s spa software offers spas a robust suite of marketing features to effectively keep in touch with clients to help with retention, loyalty and recurring revenue.

In addition, Vagaro’s Forms feature allows service providers to create client SOAP notes – to further customise treatment plans and product suggestions – as well as intake questionnaires and surveys for feedback.

This amounts to a lot of personal information and spa owners are ultimately responsible for keeping records of their clients safe and secure. Any data breach can compromise the trust between a business and its customers and has the potential to invite huge fines and litigations.

Regularly updating staff training on best practices for data protection is essential for maintaining GDPR compliance. Software systems can help too – Vagaro encrypts all customer data and stores it securely. In addition, spas can limit which employees have access to view, add, edit or delete SOAP notes.

As per GDPR guidelines, customers can request businesses to delete all their data. If spa owners are manually managing their customer data, this could pose a major issue. It’s beneficial in this instance to use spa software such as Vagaro, which provides a process for customer data deletion and helps businesses to be GDPR compliant at all times.

Vagaro encrypts all customer data and stores it securely
 


CONTACT US

Leisure Media
Tel: +44 (0)1462 431385

©Cybertrek 2024

ABOUT LEISURE MEDIA
LEISURE MEDIA MAGAZINES
LEISURE MEDIA HANDBOOKS
LEISURE MEDIA WEBSITES
LEISURE MEDIA PRODUCT SEARCH
PRINT SUBSCRIPTIONS
FREE DIGITAL SUBSCRIPTIONS
 
16 Jul 2024 Leisure Management: daily news and jobs
 
 
HOME
JOBS
NEWS
FEATURES
PRODUCTS
FREE DIGITAL SUBSCRIPTION
PRINT SUBSCRIPTION
ADVERTISE
CONTACT US
Sign up for FREE ezine

Features List



SELECTED ISSUE
Spa Business
2024 issue 1

View issue contents

Leisure Management - Building relationships

Software

Building relationships


Using personal data to stay in touch with spa guests and customising experiences can increase repeat visits, but GDPR can make this challenging and operators have been fined millions for breaches. So how can software suppliers help?

Spa-goers share a lot of personal details which makes GDPR compliancy crucial photo: shutterstock/sergey causelove

Sneha Thuppul
Agilysys
Sneha Thuppul / photo: Agilysys

The Agilysys Spa solution provides valuable information to employees to enhance the guest experience and retain wallet share for future visits, whether that’s via automated, targeted campaigns or one-to-one outreach. Onsite, staff can use Agilysys’ common profile and single itinerary view to identify and cater to guests – if they’re only staying and playing golf, for example, staff can target specific offers to entice them to book a spa appointment too.

Agilysys Spa enhancements allow properties to create custom policies that enable staff to collect guest consent to retain guest information for a specified period. After the specified period, if guest consent to keep their data longer isn’t obtained, that data is rendered anonymous to comply with region-specific data protection and privacy acts, such as GDPR and CCPA.

Agilysys Spa enhancements allow properties to create custom policies for collecting and retaining guest information
Craig Griffin
Journey
Craig Griffin / Journey

With Journey, spas can easily capture customer information and send messages via the client’s preferred contact method – email, call or SMS. Marketing is restricted to clients who opt-in for such messages; this complies with GDPR requirements. Contacts can be segmented based on times of visit, treatment types and spending history. Those who’ve not explicitly opted-in to receive marketing are marked for service emails only such as booking and/or payment confirmations.

Spas must maintain customer records within Journey’s system, including removing and deleting their data and updating preferences when required. Spa clients can update their details and preferences online; updates act as an electronic signature meeting the ‘right to rectification’ requirement of GDPR.

Journey helps simplify data processes for spas. Our software is GDPR and PCI-DSS compliant, keeping customer data secure. We regularly audit customers and assess our software’s functionality, releasing updates to ensure spas meet and retain GDPR compliance.

Journey regularly releases updates to ensure spas meet and retain GDPR compliance
Devon McKercher
Spasoft
Devon McKercher / photo: SpaSoft

Due to the nature of the spa industry and the type of services offered, guests share a lot of information and operators need to be careful that all their systems and data processes – not just software – are GDPR compliant and that employees are trained on how to respond to inquiries and requests.

SpaSoft has strong reporting capabilities allowing staff to pull reports on past guests. Combined with customisable wellness intake forms and post-service surveys spas have all the data they need to recommend services that are personalised to guest preferences.

SpaSoft has developed a series of features that allow spas to comply with GDPR and enhance overall guest data security.

These include:

• Enhanced change logs that allow spas to track any guest anonymisation with change reason codes

• A report that lists the personal information that is retained for a guest. This report can also be shared with a guest for verification

• An anonymisation feature that removes all guest information retained in the system on demand – although references to some items are inserted with generic tags that allow the operational data to remain intact for reporting and historical accuracy.

SpaSoft’s enhanced change logs allow spas to track guest anonymisation
An anonymisation feature removes guest data on demand / photo: Spasoft
Sal Capizzi
Book4Time
Sal Capizzi / photo: Book4Time

It’s been proven that when a guest feels seen and heard, they’re more likely to spend more time at your spa, increasing the overall ticket amount. Book4Time offers a digital intake solution which guests fill out before they even arrive on site, allowing operators to get to know them before their treatment and potentially provide an exceptional experience. Our system also easily enables spas to create customised marketing campaigns.

Book4Time ensures that personal data stored on the system is compliant with ever-changing regulations. Enterprise and global reporting gets stripped of personal data (name, address). We also have a data processing agreement with operators and give recommendations on how to use the information once collected.

Book4Time has a data processing agreement and gives recommendations on how to use information once collected
Charity Hudnall
Vagaro
Charity Hudnall / photo: Vagaro

Vagaro’s spa software offers spas a robust suite of marketing features to effectively keep in touch with clients to help with retention, loyalty and recurring revenue.

In addition, Vagaro’s Forms feature allows service providers to create client SOAP notes – to further customise treatment plans and product suggestions – as well as intake questionnaires and surveys for feedback.

This amounts to a lot of personal information and spa owners are ultimately responsible for keeping records of their clients safe and secure. Any data breach can compromise the trust between a business and its customers and has the potential to invite huge fines and litigations.

Regularly updating staff training on best practices for data protection is essential for maintaining GDPR compliance. Software systems can help too – Vagaro encrypts all customer data and stores it securely. In addition, spas can limit which employees have access to view, add, edit or delete SOAP notes.

As per GDPR guidelines, customers can request businesses to delete all their data. If spa owners are manually managing their customer data, this could pose a major issue. It’s beneficial in this instance to use spa software such as Vagaro, which provides a process for customer data deletion and helps businesses to be GDPR compliant at all times.

Vagaro encrypts all customer data and stores it securely

Originally published in Spa Business 2024 issue 1

Published by Leisure Media Tel: +44 (0)1462 431385 | Contact us | About us | © Cybertrek Ltd