Words by Paul Stephen, CEO, Sagittarius
With the regulation deadline fast approaching there is lots of discussion around what brands need to be doing next to cleanse their data and improve compliance. This has created a wave of panic within the travel industry and with the deadline just months away I thought this would be a good time to reflect on the opportunities it proposes:
I’ve broken this down into 4 key areas I feel are the most important to brands.
#1 Customer Data
In theory, if a business can successfully implement GDPR then their data will be more valuable to the brand because:
Collection of Data
How brands collect and store this data is a vital step and it’s important to consider the key touch points in a typical customer journey when the consumer will leave a digital footprint of some kind:
#2 Improved Security
Brands will essentially use a variety of different technologies and tools across their business, which are either collecting, identifying or processing customer data. Under GDPR whilst you might not be in breach, as the Data Controller if you have used a Data Process that then has a breach they will try to pass liability back to the brand; as the controller brands should only be sharing data with sources they can guarantee are free from encumbrances.
The more customers interact with a website the more data that business is collecting. Travel brands often share this data with other data processes such as email marketing platforms, booking engines, social media platforms, hotels, flight providers and so on for re-marketing purposes. Therefore, when you think about where this data might be being shared the flow of data rapidly expands.
#3 Single Customer View
A CRM or Single Customer View tool is a straightforward way of stepping towards GDPR compliance. For many years the idea of a ‘single customer view’ has had huge marketing and user experience benefits but now there is the added benefit of understanding what data you hold, where you hold it and how it has developed over time.
Now, this is something that can be used to better understand your niche, giving you the opportunity to develop your holiday ‘product’ to evolve with your audience’s needs and at a more granular level; personalise it even further.
#4 Trust & Experience
GDPR requires brands to be more transparent about their intentions for data and therefore a new level of consent has to be attained before contact can be initiated. For brands this reinforces the idea of having more valuable data and therefore the opportunity to build better more valuable relationships.
Trusted Privacy by Design
Privacy notices are a vital element of GDPR meaning that brands need to explain who they are, what they do and what they want to do with customer data as well as the ability to be more selective when managing their preferences. It’s also essential that businesses provide information about who this data will be shared with and how to withdraw the data.
Consent in Practice
Consent is one of the six reasons as to why brands can process someone’s data. GDPR tells brands that when they are asking for consent it needs to be on one of the following terms:
Whilst GDPR compliance is a complicated issue that needs to be supported from the top down, in some cases the attitude to compliancy is going to be harder to achieve than the technical aspect.
If brands do embrace this regulation successfully there is a huge opportunity to build open and honest relationships that create lifetime customer value and brand advocates.