In many countries, it is required by law to provide a reason for processing and storing personal information of customers. If your restaurant may not justify such a need, it is required to obtain a direct agreement from a guest to be able to store his or her personal information. Personal information may be required to provide a service or improve its quality.
If a guest demands removing his or her personal information and you have no reason to keep it, it has to delete such information. In some case, you may refuse to remove personal details. For instance, if a blacklisted guest asked that you remove his/her personal data, you may decline such a request for it poses a threat to your business.
Besides, personal information may not be endlessly stored anyways. After some time, you have to remove it. There is no use in keeping information about a guest who ordered at your venue over a year ago.
You cannot completely delete a guest from iiko. Instead, you may anonymize his or her details. A guest will remain in the system, as well as his/her orders, but all personal details will be anonymized: a guest record will be marked as deleted and all the fields in the record will show “Anonymized.”
To anonymize the data, please contact iiko help desk.
Where in iiko we specify such a consent
You may specify a guest’s consent to processing his or her personal details in the following sections of iiko software:
Consent to personal data processing in iikoFront
Consent to personal data processing in iikoCard