Core changes under the GDPRDespite originating in the EU, the GDPR is seen by many as the first truly global set of privacy regulations, as it will affect any business in the world ? regardless of physical location ? that engages in communications with EU citizens. As of May 2018, businesses that obtain any Personally Identifiable Information (PII) from customers will need to explicitly request permission from the user before doing so, as well as explaining in clear, user-friendly language how they intend to use and store their personal details. Once consent has been granted by the user, a business can only use that data for the purpose and length of time agreed at the outset. Under the new rules, customers are entitled to receive a copy of their stored data; can request for their details to be updated or even deleted; and can choose to opt out of future marketing campaigns. To avoid the risk of any potential data leakage, all customer data should be removed from a company?s database as standard practice when it is no longer relevant to the functioning of the business. Businesses will also need to demonstrate “privacy by design” when implementing data handling procedures, which means all internal systems must be developed with privacy protection in mind from the outset. This will inevitably mean reassessing the suitability of current systems, and for some companies, working in collaboration with technology vendors or upgrading technology where necessary. However, investing in more sophisticated data management tools before the GDPR comes into effect will more than pay off in the long run, as businesses are able to demonstrate their compliance.
Why should businesses embrace the changes?The main aim of the GDPR ? through enforcing transparency throughout the customer journey and beyond ? is to ensure brands hand control back to customers. By gaining a full understanding of the implications of the new laws and making the right preparations, businesses can benefit from the following:
Regaining customer trust and loyaltyIn 2016, two-fifths (39 per cent) of customers were more worried about their privacy compared with the previous year. With fears reaching an all-time high, now is the time for brands to show due diligence when it comes to handling customer data and win renewed custom from those who may have been put off by the high-profile data breaches of 2016.
Attracting a new audienceWith a staggering nine in ten consumers (89 per cent) admitting they avoid companies that do not protect their privacy, businesses should embrace the arrival of the GDPR and seize the opportunity to align themselves as a secure, trustworthy company, appealing to the masses and thereby attracting a pool of new customers.
Offering improved customer serviceDemonstrating transparency when handling a customer?s sensitive information presents a win-win scenario for both the brand and the consumer. It significantly enhances the data value exchange, facilitating higher levels of customer service, which in turn encourages the customer to be more and open and honest, thus providing the business with a better understanding of their needs, and so on, enabling the relationship to become continually stronger. Although the GDPR may seem daunting at first, it will provide a much-needed boost in consumer confidence and should not been seen as a necessary evil, but as a turning point in improving brand-customer relations. Lindsay McEwan is VP and MD, EMEA, Tealium Image: Shutterstock
Share this story