Catering companies: destroying customer data
A catering company processes not only the data of the client, but also that of every guest at the table: contact details of the customer, guest and invitee lists for weddings and corporate events, dietary and allergy requirements, data of staff and on-call workers and the invoicing. Part falls under the tax retention obligation, part touches on health data and part should be kept as briefly as possible. This guide shows, by part, what you keep, when it may go and how to have it destroyed confidentially.
The quick answer: the invoicing falls under the tax seven years, the customer's contact details you keep for as long as the assignment and the aftercare run. Guest and invitee lists and dietary requirements you keep no longer than needed for the event. What may go disappears confidentially and with a certificate.
Two layers: client and guest
In catering you work with two layers of personal data. The first layer is the client, with whom you sign the contract and whom you invoice. The second layer is the guests of that event, of whom you sometimes have a name on a list and often a dietary or allergy requirement. That second layer is more sensitive than the first, because the guest has no business relationship with you and does not expect their data to linger somewhere.
So treat the data per layer and per type. The administration of the assignment has a different status than a list of names or a note about an allergy. If you make that distinction, you keep exactly what you must and clear out the rest on time. The same reasoning applies to other hospitality data, as we describe in hospitality: destroying records.
Retention periods by part
The period differs per type of data. The overview below gives the main line. Count the tax period from the end of the financial year and the other periods from the end of the event.
| Part | Starting point | Period |
|---|---|---|
| Invoicing and administration | Tax retention obligation | 7 years |
| Quotes and order confirmations | Until settlement and tax | purpose-bound + 7 years |
| Guest and invitee lists | Purpose-bound to the event | as briefly as possible |
| Dietary and allergy requirements | Health data, storage limitation | as briefly as possible |
| Staff and on-call workers | Own HR retention periods | per HR period |
| Correspondence and drafts | No retention obligation | clear out at once |
Use this as a guideline, not as an exhaustive list. When in doubt, consult your accountant or privacy adviser. A complete overview per type of data is in the GDPR retention periods cheatsheet.
Dietary and allergy requirements: health data
For a successful dinner you need dietary and allergy requirements, but that information is more sensitive than an ordinary preference. A nut or gluten allergy or a diet for medical reasons can touch on health data, which as special category personal data enjoy extra protection. Collect only what you need for the execution, keep those requirements recognisably separate from the rest and clear them out as soon as the event is over. Keeping them to come in handy one day is not a valid ground.
This approach closely resembles that of restaurants, which process reservations with allergy information. How to handle those is set out in restaurants: destroying reservations and allergy data. The starting point is always the same. Collect little, keep briefly and clear out confidentially.
Guest lists, invitees and staff
For a wedding or company party you are often supplied with a complete guest or invitee list. That list is purpose-bound to that one event and belongs gone afterwards. As soon as the day is over and the invoicing is settled, the ground for the list lapses. The same logic as with event agencies, which we work out in event agencies: destroying attendee lists.
For your own staff and on-call workers separate HR retention periods apply. Contracts, copies of an identity document and payroll data have their own rules, which stand apart from the event. What you keep of temporary workers you keep as limited as possible. More about that you can read in personnel file: retention period under the GDPR.
How to handle it in 6 steps
- Split the data into administration, guest lists, dietary requirements and staff.
- Limit the guest data to what you need for the execution.
- Treat dietary and allergy requirements separately and clear them out after the event.
- Keep the administration according to the tax period of seven years.
- Collect what may go in sealed bins, not with the waste paper.
- Have it destroyed confidentially with a certificate and record it in your register.
Destroy confidentially with a certificate
Catering data is destroyed confidentially, because it contains contact, guest and sometimes health data. The paper and any data carriers travel sealed and stay that way until destruction, so the chain is closed. An old laptop or USB stick with guest lists and menu plans belongs with it too.
Afterwards you receive a certificate of destruction with the date, quantity and level. That certificate is your proof towards the GDPR that you acted carefully. Record the destruction in your record of processing. We collect within 20 km of Amsterdam with no call-out charge, work nationwide through pooled collection rounds and charge a fixed price per box or roll container. Drop-off on site is not possible; it works by appointment through collection.
Catering data to be destroyed?
Tell us what you have and you get a fixed price. We collect it sealed, destroy it at the right DIN level and you receive a certificate for your GDPR file. No call-out charge within 20 km of Amsterdam.
Request a quoteCommon mistakes
- Keeping guest lists endlessly. After the event and the invoicing the purpose lapses.
- Treating dietary and allergy requirements as ordinary notes. Those touch on health data and call for extra care.
- Letting all the post-its and menu cards lie around. Single notes with names are personal data too.
- Throwing away unshredded. A guest list on the street is a reportable data breach.
- Keeping no proof. Without a certificate you cannot demonstrate the destruction.
Frequently asked questions
How long does a catering company keep customer and guest data?
The invoicing falls under the seven-year tax retention obligation. Contact details of the customer you keep for as long as the assignment runs and the aftercare plays out. Guest and invitee lists and preferences you keep no longer than needed for the event.
Are dietary and allergy requirements health data?
An allergy or a diet for medical reasons can touch on health data, which are special category personal data. Keep those requirements recognisably separate, use them only for the event and clear them out afterwards.
How long do I keep guest and invitee lists for an event?
As briefly as possible. As soon as the event is over and the invoicing is settled, the ground for the list lapses. The administrative side you keep under the tax period, the list of names itself you clear out.
How do I destroy catering data in line with the GDPR?
Confidentially and with a certificate of destruction. Paper and data carriers travel sealed and the destruction is recorded in the record of processing.
Conclusion
A catering company works with contact, guest and sometimes health data, spread across the client and the guests at the table. Keep the administration for seven years, keep guest lists and dietary requirements as briefly as possible and treat staff data according to the HR periods. What may go you have destroyed confidentially with a certificate as proof. That way you meet the GDPR and protect the data of your customers and their guests.
Read also: manufacturers: destroying business data, cleaning companies: destroying customer data, equipment rental: destroying customer data and the GDPR retention periods cheatsheet.
Have catering data collected? Request a quote via desnipperaar.nl. Within a few minutes you have a fixed price, including a certificate as proof.