- Overview
GDPR posture
Per-channel consent, captured where it’s given, with a full history of every change.
What is it?
Stampede treats consent and privacy as built-in, not bolted on. Consent is tracked per channel — email, SMS and push independently — captured where it is given, with the exact wording kept each time. No consent on a channel means no marketing send on that channel, and the check happens when a message goes out, not when it is scheduled.
A right-to-be-forgotten request is handled in one place: personal details are removed within minutes and all consents switch off, while anonymous, aggregated figures are kept so your reporting stays accurate. Transactional messages like booking confirmations are exempt from marketing consent and still send.
- ✓Track email, SMS and push consent independently.
- ✓Capture consent where it’s given, with a record of exactly what was agreed.
- ✓Keep the exact wording each guest agreed to.
- ✓Handle a right-to-be-forgotten request in one place — remove personal data, keep the audit trail.
- ✕Roll consent up into a single “marketing opt-in” toggle.
- ✕Rely on the team to keep a separate audit log up to date.
- ✕Hide subject-access requests behind an engineering ticket.
- ✕Lose the exact wording a guest agreed to.
Where consent is captured
- Wi-Fi sign-up
- Per-channel opt-ins, tied to the exact wording shown at the time.
- Booking flow
- Optional consent on confirmation — off by default, never assumed.
- Loyalty enrolment
- Marketing consent captured separately from the loyalty terms.
- Email preference centre
- A self-serve page where guests update their choices any time, logging each change.
FAQs
See GDPR posture running on your venues
Thirty minutes is enough. Book a demo or send a question — both routes land on the same team.