TheMarketingblog

Warning about GDPR : Customer data could become a major issue

Jim Conning, Managing Director of Royal Mail Data Services (RMDS)

With the enforcement of the General Data Protection Regulation (GDPR) on 25 May 2018, poor-quality customer data could become a major issue for many businesses.

A problem for years in terms of customer engagement and marketing, data quality will now also become a legal concern.

Companies found to be using inaccurate customer or processing data without a legal basis, such as consent, could face fines of up to 4 per cent of global turnover or €20 million, whichever is greater.

However, rather than a problem, the enforcement of the GDPR should be seen as an opportunity for businesses to improve their customer engagement and marketing efforts by improving the quality of their data.

After all, how can companies build trusted relationships with their customers, and anticipate their needs, if they have no knowledge of major events in their lives, or haven’t even spelled their names correctly?

Yet for many companies, getting their customer data in order presents a major challenge. How have they got themselves in this position?

The Cost of Poor-Quality Data to the Business

It’s easily done. Data may be inaccurately recorded at several different points in the data-capture process: the point of data entry, database conversion or database consolidation.

Alternatively, it may be that information simply isn’t being kept up to date or validated correctly.

Our latest Insight Report – ‘The GDPR and its Implication on the Use of Customer data’ – cites our recent research into the use and management of customer data. The research shows that while 87 per cent of organisations use websites as their primary channels for customer data collection, only 44 per cent automatically validate it at the point of online entry. The research also indicates that the biggest contributors to poor-quality data are incomplete, out-of-date or duplicate records, with marketers complaining that this is one of the main reasons they are unable to do their jobs properly.

In short, many companies simply aren’t running effective data management programmes. This means that inaccurate information can clutter up their systems, while the cleansing of databases is either irregular or non-existent.

The research also reveals that over 60 per cent of companies either have no formal processes in place to cleanse data, only clean their data annually, or are unclear on how they keep their customer data clean and up to date.

Overall, less than one in five firms addresses the issue of data quality with daily or continuous data cleansing.

Ultimately, this isn’t just about good practice – it’s about the bottom line as well. One of the key findings from the research shows that the average cost of poor-quality customer data to UK organisations is now running at a staggering 5.9 per cent of annual revenue.

The Importance of Permission

However, such a figure could pale into insignificance compared to what flouting the rules of the GDPR might mean. There are various stipulations that organisations need to follow in order to be compliant. Data accuracy certainly needs to be addressed, with any incorrect customer data erased or rectified as soon as possible.

But it’s the ways in which the new regulation aims to put consumers in control of their own data that dramatically impacts how organisations hold this information – and what they can do with it. Unless certain exceptions apply, customers may not be subject to automatic decisions – for example, those made by profiling technologies such as CRM – and may request a copy of their data in an easily accessible format. They will also have the right to opt out of any type of direct marketing, while organisations will continue to require their opt-in consent for electronic marketing.

For those organisations that are not already efficiently managing their customer data, identifying and potentially deleting duplicate customer profiles across multiple databases presents a major technical and logistical challenge.

But perhaps the most far-reaching of the GDPR’s stipulations centres on the requirements for valid customer consent. Organisations need to demonstrate that, if they are relying on consent as the basis for processing, they have permission to use a customer’s data, and that the customer understands how their data is going to be used. For those companies that haven’t previously sought consent which meets the GDPR’s standards, the implementation of an extensive programme of repermissioning may be required. However, the RMDS research shows that nearly half of all firms (48 per cent) either have no plans to conduct a repermissioning exercise or do not know whether they will seek fresh permission from their customers.

Those companies already handling customer information correctly for postal marketing purposes may, following a review against the requirements of the GDPR, determine that they can continue to claim “legitimate interest” for data processing and avoid this step.

But again, this places the onus on maintaining data accuracy at all times – if customers aren’t being accurately communicated to, it’s difficult to claim compliance with the GDPR.

Using third-party customer data for marketing purposes presents a particular challenge under the GDPR. Organisations must assess any external data to ensure that it is GDPR-compliant. Evidence suggests that marketers are already becoming increasingly wary of using data sourced from third-party providers, with the RMDS research showing that nearly half (49 per cent) of organisations now rely solely on customer data they have captured themselves. This compares to just 39 per cent of organisations relying solely on their own data in 2014.

A Push for Improvement

While the GDPR represents the biggest shake-up in customer data for over a decade, it would be wrong for organisations to merely regard it as a regulatory headache. At the heart of the GDPR is a push to improve the accuracy of customer data, something which should be of vital interest to organisations everywhere.

As such, the GDPR must be seen as an opportunity to reinforce the strategic importance of building strong, sustainable relationships with customers.

Using Data to Personalise Communications

A New Era in Data Management

The GDPR should herald a new era of robust customer data management by acting as a spur for organisations to update their data-hygiene practices.

And by approaching the capture, storage and use of data with sufficient rigour to be compliant with the new regulation, organisations now have the opportunity to re-shape their customer engagement and customer data management strategies as a means to improve overall business performance.

 

 

 

by Jim Conning, Managing Director of Royal Mail Data Services (RMDS)