Seeking the post-GDPR data nirvana: how can retailers find a beneficial solution?

It is now officially less than six months until the implementation of the biggest shake-up of data legislation in history. The General Data Protection Regulation (GDPR), which comes into full force on 25th May 2018, is being welcomed with open arms by many parties who have grown tired of the way in which data has, at times, been mismanaged and used for purposes where the intention was never anticipated. Of course, change is always a challenge however when considering the data landscape objectively, a change is definitely needed. As with most sectors, the retail industry is approaching GDPR with some trepidation, with a degree of concern about what the future will look like with less customer data to guide marketing processes.

Consumers will realise that data sharing works both ways. Customers stand to lose out on tailored deals if they choose to cut themselves off from retailers. Retailers must earn customer trust and convince them of the benefits of a data-value exchange. Consumers welcome well timed, appropriate and targeted communications. In the new data era, the balance will change, and the consumer will be in control. It will be the businesses that persuade their customers and potential customers to share information that will succeed.

How will GDPR affect the retail industry?

Under the terms of the GDPR, customers will have significantly increased control over how their information is used and who has access to it. Retailers will have to obtain consent from customers to use their data for anything outside the specific reason it is collected. The intended use has to be clear and unambiguous. This will apply to most communications including marketing emails and targeted personal advertising. Retailers are also obliged to keep their database up-to-date and accurate and will have no excuse for aged data. Should customers decide they no longer want their data processed, they now reserve the ‘right to erasure’ aka the ‘right to be forgotten’. This may be frightening for some retailers, but good practice will improve effectiveness and the playing field will be levelled.

Exceptions to the rule

As with any legislation as complicated as GDPR, there will be circumstances where the rules of the regulation are less straightforward. For example, obtaining active ‘consent’ from a customer may not be needed in circumstances where businesses have a legitimate interest in contacting customers. Nearly everybody has a contract of some kind, whether it’s for a phone, broadband or household energy. In this instance, businesses would not need to obtain active consent to contact customers about their contract, but they would need permission if they were to market to them. This exception therefore is more ambiguous in the retail sector. For example, when does a customer cease to be an active customer and only a prospect? This is one where clarification will possibly need to wait for case law.

Act now

While it may seem like a major undertaking, retailers have no choice but to take the necessary steps towards compliance, as failure to comply could cripple a business, both reputationally and financially. Non-compliance fines can be up to €20 million or four per cent of annual global turnover, so whilst some larger retailers may be able to bounce back if they are found to be in breach of the regulation, it could be game over for smaller businesses who don’t have the financial resources to pay up. Scaremongering aside, by starting to prepare for GDPR now, retailers still have time to get ready and will be saving themselves a stressful last-minute panic come May. Compliance won’t happen overnight, so think ahead.

Post-GDPR: a data nirvana for retail customers?

Now that customers will be potentially controlling how retailers are communicating with them, the thought of zero contact from marketers may seem like a customer’s dream. However, customers will soon realise that this data nirvana is not as beneficial as it sounds. There are clear benefits to sharing information with companies. Think of a world without loyalty cards, airmiles, or emails from your favourite retailer, giving you tailored offers on your favourite products!

Data as a currency

Earlier this year, street artist Ben Eine teamed up with cyber security firm Kaspersky Lab to launch ‘The Data Dollar Store’, a pop up shop with an unusual approach to currency. Instead of parting with cash to purchase a product, shoppers had to share personal data such as text messages, emails and photos from their phone. The artist wanted to make people think about the data they share. In reality, retailers and consumers have been benefiting from exchanging personal data since the beginning of time. Data can be used as a currency in itself; it is valuable and therefore retailers should respect it by obtaining consent from customers, and once in possession of this data, manage it responsibly.

Trust in the retail sector

With the introduction of GDPR next May, the data-sharing process will become more transparent, and it is retailers’ responsibility to explain to customers what they do with their data, and how customers stand to benefit too. GDPR, despite the headache it will inevitably cause, will build trust, and will place customers and retailers on a more equal footing. Communication channels will be more open and transparent, building a stronger foundation for better working relationships between retailers and customers moving forwards.

by Jon Cano-Lopez, CEO, REaD Group