Forecasters say that, come May 25 next year, 75% of EU customer data will be unusable because it does not comply with the new data protection laws. But research by W8 Data shows a more positive vibe – the ‘GDPR opportunity’ will force companies to clean their data thoroughly, in line with the new regulations. It will affect amounts of data held by companies, but quality over quantity will forge better relationships with customers.
For the past two years, GDPR will have been turning up with alarming regularity in the ‘threat’ box of SWOT analyses across Europe (ie. Strengths, Weaknesses, Opportunities and Threats analysis). However, it needn’t be. With common sense and a healthy respect for the boundaries that will be put into place next year, GDPR actually presents a great opportunity for marketers: the opportunity to build lasting and strong relationships with customers. And, while the short-term forecast might be gloomy, weathering the storm will not as tough as many might have you believe.
We conducted a study (check-out our infographic, left) to determine the current state of play and, with little more than 200 days to go until GDPR comes into force, we found that up to three-quarters of customer data held in databases across Europe could be rendered obsolete.
This is the bad news (there is positive news later on, so keep reading!).
On the surface of it, on Thursday 24 May, 2018 organisations will be able to send their entire customer database an email or direct mailer with a relevant offer tailored for each individual customer. For a well-known UK retailer this would mean a mailshot to 16 million people. However, just 24 hours later, this campaign could shrink to a mere four million people, unless the brand has the right permissions in place. This will be the stark reality for many companies on Friday 25 May, 2018.
But it needn’t be.
Clear affirmative action required
The reality is that the introduction of the new data protection legislation means that the way consumer consent works is changing. Permissions must be opt-in with clear affirmative action required. Failure to opt-out will no longer be sufficient consent. This means that any customer who has not given explicit permission to receive marketing material can no longer be contacted. Moreover, the consent must be granular with separate options being provided to customers; for instance they must be given the chance to opt in to different media – such as:
- permission to receive direct mail
- permission to receive email
- permission to receive SMS
- permission to receive telephone calls
Permission must also be obtained to process a customer’s data. This has been a significant issue for charities, many of whom have recently been fined by the ICO for the so called ‘unfair’ processing of donors’ data, including the practices of wealth-screening and address-tracing following a home move.
Moving forward, best practice will be to provide customers with a preference centre so they can explicitly tell you what they are and aren’t happy with, when it comes to contact and profiling.
The negative: soaring fines and damaged reputations
To continue using existing customer data for marketing purposes, it has been specified that marketers must be satisfied that it meets the new standard and that they have a fully documented permission trail, including the data and source of the consent. Failure to comply could result in a hefty fine. There have been scores of articles about how hefty a fine, with some astronomic figures being bandied around – for instance, estimates by PCI Security Standards Council claims that for large organisations, GDPR could see regulatory fines soar to £70bn, more than a 130-fold increase, rising to an average of £11m per organisation. Regulatory fines for SMEs could see a 57-fold increase, rising to £52bn, averaging £13,000 per SME. It then makes sure to scaremonger a bit more by declaring fines to be just the tip of the iceberg: it’s also the reputational damage, business disruption and revenue loss that comes with the fine that could lead to the closure of many businesses. But the ICO has been very quick to point out that the office is not currently in the practice of dishing out unreasonably high fines, nor does it do so indiscriminately.
The positive: GDPR opportunity forges trust via better data hygiene
While the above might seem unnerving, the opportunity that GDPR presents outweighs the negatives. It sets the marker back to zero and enables organisations to forge strong relationships with their customers built on trust. And here is the positive news . . . our audit also showed that many businesses are not taking a ‘head-in-sand’ approach to GDPR, as many media stories imply. We discovered that, currently, a third of marketing campaigns are now focused around securing compliant consents, with customer acquisition, customer retention and brand-building all taking a back seat.
Clearly, many businesses are making an attempt to get their house in order before the May deadline.
We are also experiencing an upsurge in interest in data hygiene with many businesses looking to implement a regular data cleaning process – including suppression, deduplication and permission management. Last year, only 35 per cent of organisations were found to have such a regime in place, but by the time GDPR comes into force, we expect this to have grown by ten per cent.
Clearly, more and more businesses are taking a more responsible approach to their data; which is what GDPR set out to achieve.
The whole point of GDPR is for marketing to become more transparent. While every marketer in the land would prefer less stringent legislation, the fact of the matter is that it isn’t going to go away. Yes, it might result in less data initially, but the quality of the data will be better and, in the grand scheme of things, it won’t take long to rebuild a database of fully opted-in customers that genuinely want a relationship.
A win-win situation for customers and businesses alike.
Have an opinion on this article? Please join in the discussion: the GMA is a community of data driven marketers and YOUR opinion counts.
Leave your thoughts