The General Data Protection Regulation or GDPR privacy legislation that comes into force on May 25 has left companies unclear about how to offer the personalised products that customers demand in an era of tighter control of personal data.
José Alberto Rodriguez Ruiz, director of cloud technology and data protection officer at Cornerstone OnDemand, a provider of cloud-based human resources systems, believes that once they dig into the details most companies will find it is quite a clear and highly operational text, based on best practice.
“Codes of conduct will be followed by certifications that should streamline the implementation of privacy obligations, the same way [IT security standard] ISO 27001 has streamlined security,” he says. “Thanks to GDPR, organisations are becoming more aware of the requirements that have been there for decades, and learning about new ones.”
Many experts believe that tighter privacy requirements could improve customer experience
Beyond GDPR, many experts believe that tighter privacy requirements could improve customer experience, as organisations will only be able to use relevant and up-to-date information to personalise the customer experience.
Egil Bergenlind, former data protection officer at payments firm iZettle and chief executive officer of data protection specialists DPOrganizer, says: “It will also require them to explain how individualisation is made possible, and sell the value of it, creating a better customer relationships based on transparency and trust.”
Post-Brexit, the UK’s commitment to GDPR means UK companies will remain strong and connected in the European Union market. However some countries outside of Europe are planning data protection regulation even more rigorous than GDPR, which has important implications for the digital economy, which is becoming an increasingly important part of the UK’s global competitiveness.
China, for example, is implementing new data regulations around the collection, storage and sharing of personal data and user consent, which could potentially be more far-reaching than GDPR.
Companies will need to carefully plan ahead to make sure they are future-proofed to stay ahead of the game, says Sachiko Scheuing, European privacy officer at marketing tech firm Acxiom and co-chair of FEDMA, the Federation of European Direct and Interactive Marketing Associations.
Experience has shown that individuals are more than happy to surrender their data, so long as they are confident that it is going to be used in an intelligent way
“The ‘north star’ for businesses should always be what’s in the best interests of their customers, ahead of the best interests of the business,” she says. “While some 61 per cent of people are happy with the amount of data they share with businesses, recent Direct Marketing Association research in the UK also found that three quarters of consumers consider their data privacy a ‘concern’.
“This concern has to be acknowledged by businesses, and embraced as a positive step within customer management, rather than a hassle to be dealt with.”
With all new privacy regulations in place, will companies still have the data they need to provide the personalisation people have come to crave?
“Absolutely,” adds Mr Bergelind. “And we will also have better informed customers as a result. The intention of the rules is not to prevent use of data, rather to create more transparency. Experience has shown that individuals are more than happy to surrender their data, so long as they are confident that it is going to be used in an intelligent way that will ultimately make their lives easier.”
And their customer experience that much richer.