Manage visibility for guest contact details
Zenoti allows businesses to mask guest contact information, such as phone numbers and email addresses, from employees who do not need access to those details. When masking is enabled for a security role, employees assigned to that role see only a partially hidden version of the contact information instead of the complete details. Businesses leverage masking to protect guest privacy, prevent unauthorized use of contact information, and comply with data protection practices.
Masking is controlled through security role permissions and can be enabled or disabled for each of the following areas independently:
Guest Manager – Controls masking in the Zenoti web application, including the Appointment Book, guest profiles, and booking screens.
Zenoti Mobile – Controls masking on the Zenoti Mobile app.
Zenoti Connect – Controls masking in the Zenoti Connect interface. This applies only to businesses using Zenoti Connect on the web application.
Before you begin
The following conditions must be met before configuring masking settings:
Organization-level access in Zenoti is available.
Permission to view and edit security roles is in place.
The security role assigned to the relevant employees is identified.
Note
Masking settings apply to security roles, not individual employees. Changes to a role affect all employees assigned to that role.
Mask guest contact information in Zenoti web
The Mask Guest Contact permission in the Guest Manager section controls whether employees can view full guest contact information in the Zenoti web application. When enabled, phone numbers and email addresses appear in a masked format on booking screens, guest profiles, and the Appointment Book.
To enable masking in the web application
At the organization level, click Configuration.
Navigate to Security > Security Roles.
Select the security role to configure, for example, Front Desk or Therapist.
Click the Permissions tab.
Expand the Guest Manager section.
In the Guests row, select the Mask Guest Contact checkbox.
Click Save.
Note
To unmask guest contact information for a role, clear the Mask Guest Contact checkbox and save.
Mask guest contact information on Zenoti Mobile
The Mask Guest Contact Info permission in the Zenoti Mobile section controls whether employees can view full guest contact information on the Zenoti Mobile app. When enabled, phone numbers and email addresses appear in a masked format in the guest search, the Booking Wizard, the Calendar view, and the Guest Profile on Zenoti Mobile.
To enable masking on Zenoti Mobile
At the organization level, click Configuration.
Navigate to Security > Security Roles.
Select the security role to configure.
Click the Permissions tab.
Expand the Zenoti Mobile section.
In the Other Mobile Settings row, select the Mask Guest Contact Info checkbox.
Click Save.
Note
To unmask guest contact information for a role in Zenoti Mobile, clear the Mask Guest Contact Info checkbox, then save.
Mask guest contact information in Zenoti Connect
The Mask Contact info permission in the Zenoti Connect section controls whether employees can view full guest contact information within the Zenoti Connect interface. A separate Mask Links permission is available to restrict link visibility in conversation messages.
The Mask Contact info setting under Zenoti Connect applies only to businesses using Zenoti Connect on the web application.
To enable masking in Zenoti Connect
At the organization level, click Configuration.
Navigate to Security > Security Roles.
Select the security role to configure.
Click the Permissions tab.
Expand the Zenoti Connect section.
In the Guest row, select the Mask Contact info checkbox.
Optionally, in the Messages row, select the Mask Links checkbox to restrict link visibility in messages for this role.
Click Save.
Note
To unmask guest contact information for a role in Zenoti Connect, clear the Mask Contact Info checkbox and save.
Visibility when masking is enabled
When masking is active for a security role, employees assigned to that role see contact details in the following format:
Information | Masked display |
Phone number | XXX-XXX-1234 (only the last four digits are visible) |
Email address | xxxxxxxx@gmail.com (only the domain is visible) |
The masked format appears wherever guest contact information is displayed for that role, including appointment details, guest profiles, and booking screens.
Permissions reference
The following table lists the masking-related permissions and where each applies.
Permission | Description |
Mask Guest Contact (Guest Manager section) | When selected, guest phone numbers and email addresses appear in a masked format in the Zenoti web application. Affects the Appointment Book, guest profiles, and booking screens. |
Mask Guest Contact Info (Zenoti Mobile section) | When selected, guest phone numbers and email addresses appear in a masked format on the Zenoti Mobile app. Affects guest search, Booking Wizard, Calendar view, and Guest Profile on mobile. |
Mask Contact info (Zenoti Connect section) | When selected, guest phone numbers and email addresses appear in a masked format in the Zenoti Connect interface. Applies only to businesses using Zenoti Connect on web. |
Mask Links (Zenoti Connect section) | When selected, links in conversation messages are masked for employees assigned this role. This permission is in the Messages row within the Zenoti Connect section. |
Considerations
Masking settings are configured separately for each area: the web application, Zenoti Mobile, and Zenoti Connect. Enabling masking in one area does not automatically apply it to the others.
If an employee is assigned more than one security role, the masking permission applies only when the Mask Guest Contact checkbox is selected in all roles assigned to that employee. If any one of the assigned roles has masking disabled, the employee can view full guest contact details.
Guest phone numbers and email addresses are excluded from report exports. This behavior is not configurable.
If masking settings have been updated but the employee can still view full contact details, verify that the correct role was updated, that the employee is not assigned to another role where masking is not enabled, and that the employee is logged in with the correct profile.