Moving On From GDPR: Being Transparent And Using It To Your Advantage

    Tim Roe | Compliance and Deliverability Director

    Ok, so we know how marketers feel about the General Data Protection Regulation (GDPR) and the challenges it poses, but how do our customers feel about it? What impact does it have on them? How can you use this as an advantage for your business?

    If the DMA’s 2019 consumer email tracker report is anything to go by, it appears that the publicity that surrounds data privacy and the GDPR is having an impact on the attitudes of the public in a positive way for business.

    Your customer’s attitudes are changing

    41% of consumers surveyed said the new rules have made them feel more confident about how brands treat their data. On the flipside only 35% thought it hadn’t increased their confidence, according to the DMA report.

    Another interesting stat is the one that tracks how ‘often’ people wonder how brands have got their data. This has fallen from 43% to 33%, suggesting consumers are clearer about who has got hold of their data. The DMA report felt;

    The new laws around sign-up may well have had an impact here, both through improved transparency and allowing consumers to make a more deliberate decision. In the long-term, we’d expect this to benefit brands as customers more clearly understand the value exchange in signing up.”

    This new-found trust consumers have for brands, and the way their data is treated, won’t necessarily translate into sales, but it goes a long way in improving the trust in the brand-consumer relationship. Let’s be honest, more trust can only be a good thing!

    So, how do you achieve this transparency, how can you encourage your customers to be confident about the data they share with you and trust you to use it in a way that benefits them?

    The first thing to remember is that transparency is not a ‘nice to have’, it’s a legal requirement. This stems from the first principle of data protection:

    processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’).

    • When you collect the data – Imagine you are collecting data through the purchase process, that you intend to use for marketing purposes you should inform your customer clearly at the point of collection. You should make sure your message is clear on exactly how their data will be used, this type of transparency right from the start of your relationship will put you in good stead.  

    • How will you use the data - If you intend to undertake profiling, segmentation or targeting, make this obvious in your privacy notice and ensure that the notice is clearly sign posted from your data collection points. The ICO has lots more information on transparent privacy notices here. This type of processing only leads to a more targeted and personalised customer experience, so let your customer know this!

    • Explaining your customer’s right - Tell your customers what their rights are. In the case of processing data for marketing, one of the rights your customer has, is the right to object. Many of their rights can be detailed in your privacy policy, but the right to object to direct marketing gets some special treatment under GDPR. This right must be made clear to your customer when you collect their data and should be in a prominent position away from any other information. When all is said and done you will be left with a list of customers and prospects that are actually engaged with your brand. 

    Finally, let’s talk about consent


    The other legal basis to mention at this point would be consent. Consent would generally be used if the type of processing you were planning, is likely to be unexpected by your customer, for example this might happen if you are going to be sharing the data with a third party.

    Consent might also be needed for cookie tracking. The use of cookie tracking and profiling can sometimes be considered unexpected and intrusive and in this case, consent could be required.  As the Information Commissioner said at the DMA 2017 Data Protection Conference “if there is a chance your customer may be surprised by the processing you are undertaking, then you are likely to need consent”.

    For more blog goodness on how to move on from the GDPR read our CEO’s blog, full of useful tips and advice.