On the 25th May 2018, the EU’s General Data Protection Regulation (GDPR) will come into force. With the UK’s data protection watchdog, the Information Commissioner’s Office (ICO), reporting year-on-year rises in the number of data breaches, coupled with high levels of public distrust for how online businesses protect and use their personal data, the GDPR is set to offer more rights to EU citizens over control of their data.
While largely welcomed by the public, some are concerned the expanded definition of “personal data” and the restrictions being placed on how organisations can use this information will impact the technology industry’s economic growth. Fortunately, while the regulation is mandatory to any organisation with identifying EU citizenry data (regardless of HQ or server location), compliancy will likely help boost business.
Protect against fines
First and foremost, the EU is ensuring acquiescence by imposing the largest fines ever seen with regards to data protection laws. Breaches of data, improper management, gathering or selling of personal data without subjects’ permission or failure to respond to data subjects’ requests appropriately can all result in a fine of €20 million or up to 4% of your organisation’s global revenue (whichever is more). By contrast, the outgoing Data Protection Directive (DPD), which the GDPR is set to replace, enabled ICO to fine violators of data protection laws in the UK up to a limit of £500,000.
Big data will continue to drive the market
Setting an upper limit that moves with a business’ earnings and closing loopholes, such as storing data in servers outside of the EU, creates a level playing field throughout the industry. The GDPR prevents big tech companies from buying their way out of trouble. Furthermore, by only limiting those organisations who attempt to cut corners with regards to data protection, the regulation works in favour of small and medium-sized enterprises (SMEs) who, by their nature, are more likely to develop a personal connection with their customers and clients (and so are more likely to get compliance to store and use personal data).
While the regulation will make gaining compliancy more difficult, none of the new rules will forbid the use of big data to promote marketing and sales. Provided you are honest about what data is collected from customers, encrypt and store it securely, and ensure customer compliance before using it, you will still be able to use personal data to drive their sales and marketing strategies.
An era of responsible data management
Consequently, organisations are being encouraged to play a more personal and responsible role when it comes to interacting with customers and clients. This can be as simple as making clients aware that your business is GDPR compliant. Equally, you are well within your rights to assure them of how you will use their data responsibly, how it will be protected and how, in the event you want to use it for other means, you will seek their permission and compliance. In other words, the GDPR promotes transparency in the tech industry.
While this requires effort on your part, it will largely be of net benefit. Currently, trust among the general public for big tech and the technology industry is at an all-time low when it comes to data protection. Two out of three Europeans believe online businesses are irresponsible with their personal data and one third have voiced their intent to exercise their rights to have their data removed or limited in the first month of GDPR.
GDPR compliance is an opportunity to connect with your customers and capitalise on the public’s demand for greater trust and responsibility.
Trust leads to loyalty
There is an added business incentive besides merely avoiding punishment or damage to your reputation. By cultivating trust with your customers, you not only improve your organisation’s reputation, thereby attracting more customers from your non-compliant competitors, but you will boost customer loyalty, to which there are numerous economic benefits:
- On average, 5% of an enterprise’s customer base accounts for 80% of its business;
- You are 60-70% more likely to sell to an existing customer, while new customers have only a 5-20% success rate;
- It costs your business five times as much to gain a new customer than retaining a current one;
- 63% of customer losses to competitors is down to poor treatment or failure to satisfy their needs.
Loyalty is big business and the GDPR represents an opportunity for organisations to recognise the public’s demand for greater respect of their rights. By embracing GDPR and offering a more personal service, technology organisations have a chance to reinvent their public image as trustworthy. This is your chance to not only avoid losing customers by satisfying their rights to greater privacy but to strengthen the size of your loyal customer base.