Experienced marketers and merchandisers understand that every few years there is a ‘-geddon’ or ‘-ocalypse’ that monopolises the industry’s attention – sparking fear, changing priorities and, in some cases, altering the landscape forever. In this piece, James Norwood (pictured below), EVP strategy & CMO, Episerver, tells RetailTechNews how the most recent of these – GDPR – poses new challenges for retailers than faced in the '-geddons' of years past.

The nearest and dearest situation is that of the general data protection regulation (GDPR) from the European Union (EU), which modernises rules around data privacy. Simply put, GDPR gives EU-based consumers the ability to access and control the personal information an organisation has on them (regardless of where the company is located), choose to have their information removed, and/or allocate how that information is leveraged. While meeting these requirements can take a toll on brands’ resources, organisations will start to see the positive impact customer empowerment can have on engagement.  

The alternative is being fined up to 4% of a company’s global annual revenue or €20m (£17.5m) – whichever is greater – for non-compliance. While compliance is multifaceted and continuous, organisations should know that the reasoning behind GDPR’s passing is valid, since the way in which people interact with businesses has changed dramatically.

General data practices require more oversight

James Norwood, EVP Strategy & CMO, Episerver

Today, the notion of ‘cold calling’ is dead, thanks to data collection. Rather than sales professionals pursuing a lead blindly, for instance, they are often able to see a granular level of data on the decision-maker (e.g., name, email address, website visits, downloaded content), which helps them understand intent. Each of these data points, under GDPR, will need to be accessible by the person they belong to. If the person chooses to be ‘forgotten’, the organisation needs to delete all information about that lead. The same is true of retail.

Since shoppers often visit websites multiple times before they decide to purchase, a profile can be constructed of that person based on clicks, campaign engagements, past purchases, preferences, and more, to give technology systems clues as to what promotions or products to offer. The results of such personalised experiences often lead to better customer loyalty and increases in revenue and average order value.

Someone shopping for a snow jacket for their upcoming holiday is more likely to make a purchase if the jacket is presented alongside relevant and valuable content than if they have to navigate past flip-flops and sun visors every time they visit. Under GDPR, the person will need to be allowed to see all the information the retailer has on them (e.g., search history, social posts), why the data is being collected, and be given a choice of what they will share. This is where companies need to see the value of GDPR, versus the loss of information, and prove to customers why keeping their data with them helps enhance their experience.

Self-service data options empower customers

Rather than mourning the loss of customer data, marketers and merchandisers must consider they were only borrowing it. Customer information should be customers’ information to control. A few good examples of consumer-controlled data systems already exist and, with some additional investments, could aide in GDPR compliance.

Google offers a quick and easy way to delete search history. Although Google has resisted some ‘right to be forgotten’ requests, it provides a solid example of the functionality businesses should consider for self-service data requests.

Similarly, Facebook (despite its recent privacy troubles) has for many years provided users a way to download a copy of the data they hold, which includes every post, message, deletion, ad click, and activity completed on the network by that individual. Businesses need to figure out how to supply similar information to consumers and self-service options can reduce friction. Plus, a customer preference centre that allows them to easily download, check, and uncheck, their preferences can earn shoppers’ trust. The truth is, it was time anyway.

Engagement comes from meeting expectations

Consumers are starting to notice how their information is being used, but haven’t had access to it. Three out of four consumers now notice retargeted ads, which means companies need to be more strategic with this tactic. One way to improve the results of personalised marketing is to make it easier for consumers to grant permission to collect the data needed to provide these engaging experiences. Simply asking them by sending an email imploring them to stay opted in won’t work anymore. They need to know ‘why’; and the control needs to be with them in the new consent-based world.

In an experiential economy, GDPR will make brands question the ‘why’ behind their data collection, sell those reasonings to consumers, and then provide a standout experience that will justify their data collection/usage, or risk the shopper recouping their consent. Marketers will be accountable, be forced to improve experiences and, as a result, increase customer engagement. When customers are truly interested in a company and feel their data is in good hands, they’re more willing to make their data available. For example, according to global workwear brand Kansas, after switching to double opt-in (DOI) for email communication, it experienced a 68% open rate in regular communication, according to internal data. By making every customer feel that they always have control over their data, companies can benefit from engagement well above industry averages.

'Geddons’ of years past

While GDPR is one of the most stringent sets of privacy rules to be released, how companies were responding to the looming May 25 deadline was not unlike 1999’s Y2K or 2015’s ‘mobilegeddon’.

In 2015, Google set a date for businesses to get their sites mobile-friendly, or risk a negative impact to search engine rankings – and companies are better off because of it. Today, mobile traffic to websites is well above 50% and responsively designed websites – where content adapts automatically to device type and size – is the norm. In a few years’ time, the ‘datageddon’  that savvy brands are now preparing for will too be standard and positively impact marketing indefinitely.

The 1900s couldn’t last forever for Y2K; and pinch and zoom couldn’t last forever for people navigating websites from their mobile devices. For GDPR, the days of ruthless collection and fast and loose use of personal information has met its fate as well; but there are long-lasting benefits of making data privacy a priority to empower consumers and engage them on their terms.

The new mormal

GDPR is to marketing what Sarbanes-Oxley was to finance and what mobilegeddon was to small businesses – with all of the associated overhead in cost and administration – but it’s worthwhile, and it will benefit the companies that see it as an opportunity.

GDPR will not usher in the end of digital marketing; but it will help bring into focus something that marketers have put off for far too long – and that’s the need to deliver real value to those with actual intent. Being on the right side of history in the post-GDPR world means adopting a consent-based and customer-preference lead marketing strategy with less care for quantity and more for quality.This content was originally published in RetailTechNews.