General Data Protection Regulation (GDPR) intends to strengthen data protection for EU residents and becomes enforceable across Europe on May 25, 2018.
The GDPR is in response to a trend of rising consumer data awareness: individuals are becoming increasingly concerned about the privacy of their personal information, and are demanding more transparency and value in return from the brands that are collecting their data.
How Will GDPR Impact Brands?
Recent studies found that most companies are not fully prepared for the regulation1. Non-compliance will come at a high cost, with penalties of up to 4% of global revenue. However, legal compliance alone is not sufficient in preparing a brand for GDPR.
The GDPR requires that companies fundamentally change how they gather customer information. Data will no longer be a by-product that a business uses to run analytics. It will be a tangible asset owned by the customer that a brand needs explicit consent to “borrow.”
This article aims to provide insight into how a brand should rethink customer experience, while the rest of the business (e.g., legal, data operations) prepares for less-consumer facing components of GDPR.
3 Ways to Prepare Your Brand for the GDPR
Before you panic about compliance and data-gathering practices, there are a few things you should do to ease this transition:
1. Overcome Silos & Create a Customer View of Opt-In Along the Journey
To create a truly consumer-centric approach to opt-in, businesses need to overcome silos and shift from managing opt-in opportunities by channel, to managing data capture holistically across the customer journey. This requires uncovering and connecting every interaction where a prospect or customer is providing or generating personally identifiable data.
2. Define a Value Exchange that Delivers Benefits, Transparency & Control
Businesses must expand their focus on data collection beyond powering their own analytics, and consider the benefits they can provide to the consumer in return. These can be experiential (e.g., more personal service, faster checkout) or material (e.g., discounts, exclusive offers). Moreover, brands must be seen as careful stewards of customer data, not only providing benefits and usage transparency, but also giving consumers control over how it is used (e.g., a data dashboard that visualizes data insights on a customer and giving the ability modify data permissions).
3. Develop Innovative, Data-Driven Experiences
GDPR is surfacing the concept of a “data economy” where consumers will be able to compare the value exchange for their data from company to company. And now that customers have the right to ask a business to transmit all personal data to a competitor, rich customer profiles alone will no longer represent a competitive advantage. Instead, companies must act better on that data, creating highly personalized experiences, products and services that will reinforce loyalty to their brand.
The Future of Customer Data
While general counsels focus on legal compliance, marketers and data officers must join together to define consumer-centric value exchanges and seamless opt-in experiences. GDPR is the first step of many that will elevate the value of customer data, becoming a quasi-currency brands compete for.
1 Results of Symantec’s State of European Data Privacy Survey, which was conducted through interviews with 900 business and IT decision makers across the UK, France and Germany, shows 91% of respondents have concerns about their ability to become compliant.