![Picture1-1.png]](https://faqs.safetynetsolutions.co.uk/hs-fs/hubfs/Picture1-1.png?height=18&name=Picture1-1.png){kind=small}
No visit event recorded
GDPR rules trigger based on a user's last (or future) visit event. If the user was created but never pre-booked or checked in at the site, no visit event exists for the rule to reference. As a result, the user will not be removed.
No active GDPR rule for the visitor type
GDPR rules can be configured per visitor type. For example, one type might delete data after 1 month, while another (e.g., contractors) has no rule set.
To check: Go to System Admin > Locations > Visitor Types, locate the user's visitor type, and review the Active Data Rule dropdown. If it shows 'default', no rule is active and data will not be deleted.
User is a host
A separate host GDPR rule applies to anyone with the host box ticked on their profile, overriding their visitor type. If this rule is unconfigured, hosts are never deleted by default. The host rule appears as shown below and can be edited by your site's GDPR administrator.
No visitor type assigned
GDPR rules target specific visitor types. Users without an assigned type are excluded from the rules and will not be deleted.
High-volume deletion blocked by fail safe
SkyVisitor detects when a GDPR rule would remove an unusually large number of users (e.g., >5,000 at once) and halts the process to prevent accidental data loss from misconfiguration. Contact Safetynet staff to confirm if this safety net triggered. They can advise on next steps: force deletion or adjust the rule.