In the coming days, the GDPR comes into effect in Europe. Worldwide it represents a significant recognition of the issues surrounding data security and its impact on the customer experience. On one hand, customers want to know that their data is secure. On the other hand, they want personalised services tailored to their individual needs and expectations.
To provide highly personalised service, brands must have a greater understanding of their customers’ needs, purchasing histories and preferences. In other words, they need to store and mine vast amounts of customer data. They need to analyse and act on that data so they can tailor the content and experiences they serve up to their customers.
Ryan Hollenbeck, Verint ‘s SVP global marketing and customer experience program executive commented in a recent article, “companies have a difficult balancing act to negotiate between security, transparency and a personalised experience. It’s something that organisations across all sectors have to get right or risk losing valuable customers.”
Data Privacy: Transparency, Trust and Context
Customers are sharing increasing volumes of personal data across numerous apps, devices and social media platforms. They do it so they can receive more personalised and convenient levels of services. Their willingness to share their information depends on:
- What information is collected
- How you collect that information
- What you do with that information
- How does it benefit them
Imagine if you told your customers, “Thanks for your business, oh, by the way, we’ll be sharing your data with undisclosed 3rd parties, where your data can be easily hacked”. They will flock to your competitors in droves.
Organisations need to be transparent in the way they manage customer data and have strong policies and procedures in place to ensure it’s secure. Helping customers understand the context for why the data is being collected and how it will be used will add to their acceptance.
Customers can view different data sources very differently. They generally have no concerns about data in a transactional database that tracks their buying history, preferred products or previous searches. It’s data they have willingly given to an organisation in the process of transacting with the company.
Highly technological data like IP addresses, connection data and so on can be viewed as too invasive. Data and insights harvested anonymously by machine learning algorithms, without any awareness of how their data is being collected, or why or by whom, is becoming an ever-increasing concern for consumers and the various regulatory bodies that protect them.
Implement a Data Protection Policy
The GDPR and the recent scandal with Facebook have emphasised the importance of developing and keeping up to date a ‘data protection policy’. An organisation’s data protection policy is typically applied to the storage, access, and protection of its own internal data. It can also include, however, a public statement about the brand’s commitment and approach to the collection and use of personal data provided by customers.
As well as helping to meet any compliance or regulatory issues, data protection policies offer other benefits. Greater transparency in the way personal data is collected and used will instill greater trust and confidence in customers when they decide to share their data. A data protection policy can form the cornerstone in building a culture of awareness responsibility in regards to data privacy and protection.