We’ve had a while to get used to the idea of GDPR given it was a few years in the pipeline. But given the compliance deadline passed just a few months ago, many businesses are still feeling the impact of the regulation. No industry was immune to the compliance changes required, and the retail sector was no different.
In the lead-up to the new legislation, we saw businesses making changes to processes, attitudes and operations. The importance of being GDPR-ready has been recognised at the top of all major companies. There has been an increase in importance of the role of the Data Protection Officer (DPO) and the growing involvement of the board in privacy and security considerations.
Having said this, it hasn’t necessarily differed significantly to what retailers were doing pre-GDPR. Retailers were already managing large customer databases, typically requesting consent from customers and reducing security risks. It’s just that now the stakes are raised. Quite rightly, individual customers are now far more aware of their rights (and may even be put off shopping with a retailer that doesn’t respect those rights) and the consequences of a data breach are now much more severe.
Importantly though, this all needs to happen in the background, while still ensuring that the marketing department can still do the best job possible in reaching and engaging customers. As it stands, retailers are prioritising compliance for two key reasons: to generate revenue and to do that you need to communicate with (and market to) your customers; and to avoid security breaches or fines that could be imposed by failing to comply.
Retailers are still focused on growing and maintaining the pool of customers that are opted into marketing communications because there is huge value in being able to communicate and engage with your target audience. However, it’s not necessarily that easy and many retailers are finding this a challenge. Those that are more successful are invariably those that were better prepared, with more comprehensive privacy policies in place before GDPR.
When it comes to data security, large fines are now in place for the inadequate storing or processing of data or for a data breach. This has given rise to an increased focus on mitigating this risk and ensuring the right processes and procedures are in place.
What this all means for retailers is that they need to be more aware of the data they have, how they use it, why they process it, and how long they can keep that data for.
Increasingly, technology is playing a critical role in ensuring compliance. Since the regulations came into effect, many retailers have lost large numbers of customers they were once able to communicate with, because they didn’t consent to receiving their communications. This is why being able to communicate with customers at the point of sale, during a transaction, is now more important than ever.
Looking specifically at Ecrebo’s own technology, retailers are using our software to capitalise on some unique opportunities. Firstly, we work with retailers who use our software to enable customer GDPR opt-in to be captured during the transaction, either via a customer-facing display or via the cashier’s screen. Secondly, Ecrebo’s software is also able to generate paper or digital coupons and receipts, both of which can be used to share the benefits of opting-in to a retailer’s marketing programme for ongoing communications, driving up GDPR opt-in rates.
There’s no doubt that GDPR has changed the landscape, and it has been a much-needed raising of standards for the industry. Some retailers have lost large swathes of their data, for which they did not have appropriate permissions. Being able to communicate effectively under GDPR is not an impossible challenge. Using a combination of best practices and technology, retailers and their marketing teams can still engage with customers, grow their audiences and revenues, all while remaining compliant.
Contact us today to find out more.