The client obfuscation feature has been implemented to address increasing concerns, from business owners, about potential data theft. By limiting access to client data, risks of unauthorized use will be reduced.
Objectives
Deter staff from stealing client data while still allowing them to find and identify a client when required.
Prevent staff from taking screenshots of customer contact information, while still allowing a staff to find a customer using name, phone and email search.
Protect the business owner by preventing unethical handling of client data that could harm the business and reputation of the store/company.
Protect the client by ensuring that their data is used responsibly by the store staff, and only for purposes that they have consented to with the business (not using their information for unsolicited services outside of the store by store staff, avoiding unauthorized/unwanted contact with the client by store staff).
Foster a trusting relationship between business and client, where the client trusts that the store staff is handling their personal information responsibly and accordingly.
Avoid conflict of interest between employees who offer competing services outside of the business and business hours, on their own time by preventing them from being able to use client data for their personal gain.
Obfuscate data based on user roles, by controlling which staff see what client data and when (permissions below).
Impacted Products
Client obfuscation will impact the following products for the features listed below.
Back Office and Head Office
Bookings, client list and client summary page.
Print schedules from the Back Office.
Staff notifications posted in the Back Office.
Booking notifications and daily reminders.
Mobile Application
Tracking Page v3 (used by staff to edit bookings)
*Note: Staff tracking page will be disabled if obfuscation is enabled
Check-In Mobile App
Staff alerts and emails
Obfuscation Rules
Permissions
Staff and Restricted Staff user roles are impacted by obfuscation; Administrator, Supervisor and Manager user roles (aka management roles) are not affected by obfuscation (i.e. they can view all client data).
Rules
All phone numbers will be displayed as * except for the last 2 digits.
Example: (***)***-**34
All eMail addresses will be displayed as *** except for the first two characters and the domain name.
Example: ja***@gmail.com
Addresses and postal codes will be displayed as ********.
Client’s gender is not obfuscated.
Client’s date of birth is not obfuscated.
Copy/pasting obfuscated data from fields will not copy/paste the unobfuscated value. This is applicable to all impacted products.
For shared clientele, data will be obfuscated based on a store’s configuration. Therefore, client data may be clearly displayed if obfuscation has not been activated for a given store.
Activation/Deactivation
Back Office
Obfuscation is enabled or disabled with the use of a toggle button in a store's booking rules. This feature is visible and usable only by staff with Admin, Supervisor or Manager roles.
Head Office
Obfuscation can be activated or deactivated by pushing updated booking rules.
Creating stores from a store template will copy/transfer its obfuscation configuration to all new stores.
Obfuscated Data
Lists and Search Results
In the Back Office, the email address and phone numbers associated with a client will be obfuscated when browsing the client list and when viewing the results of a search. See screenshots below.
Lists | Search Results |
 |  |
In the Mobile Application, the same client data will be obfuscated. See screenshots below.
Lists | Search Results |
 |  |
Client Details
In the Back Office, a client’s email address, phone numbers (mobile and home) will be partially obfuscated when browsing the client’s details and summary page. The client’s home address will be entirely obfuscated (street name and postal code). See screenshots below.
Summary | Details |
|  |
In the Mobile Application, the same data will be partially obfuscated (email and phone numbers) or obfuscated (home address and postal code) as shown in the screenshots below.
Summary | Details |
 |  |
Message History
In the Back Office, a client’s email address and phone number will be partially obfuscated when browsing the message history or when sending a new notification/message.
Message History | Notify |
 |  |
Booking Previews / Details
When viewing appointment summary from a calendar, email address and phone number associated with clients will be partially obfuscated. See screenshots below.
Appointment | Group event |
 |  |
In the Mobile Application, the same client information will be partially obfuscated (email address and phone number) as shown in the screenshots below.
Appointment | Group event |
 |  |
Staff Booking Notification Emails and Daily Reminders
Client’s email address and phone numbers will be partially obfuscated in all staff booking notification emails and daily reminders received by email or SMS. See screenshots below.
Staff Daily Reminder eMail | SMS |
 |  |
Staff Booking Notification Emails |
 |
Alerts
Client’s email address and phone numbers will be partially obfuscated in staff alerts. See screenshots below.
Back Office | Mobile Application |
 |  |
Invoices and Receipts
When client obfuscation is activated, invoices and receipts will no longer be accessible by staff unless their role is Manager, Supervisor or Admin.
Limitations
In case you offer services at home or over the phone, obfuscation will prevent staff roles from delivering the service. Consequently, the following should be considered:
Client obfuscation should not be activated.
Grant such staff a higher staff role (admin, supervisor or manager).
Obfuscation is limited to client phone numbers, emails and addresses. It will not be applied to surveys and notes.
Obfuscation does not apply to APIs, webhook and connectors. It only applies to UI and staff notifications (alerts and emails). Data received/exchanged from API endpoints, webhook and connector payloads will not be obfuscated.
The FTP reports, exports and other features only accessible by manager roles (and higher) will not be obfuscated.
The data is obfuscated at the client side application level, which means it is obfuscated on the screen. It’s acceptable that client data can be seen without obfuscation using a browser developer tools to look at the network packages, or doing a HTML view source. The obfuscation is done at the UI level.