Why GDPR is an opportunity for retail
Driving change in the retail sector is never a straightforward process. The industry has long attempted to cope with a mixture of legacy systems and processes. At the same time, it has a desire to embrace the latest technologies and working practices to lower cost, refine operations and enhance the customer experience in a highly competitive environment.
With retail sales globally set to hit $27 trillion by 2020, there remains huge opportunity for businesses with the right tactical approach.
Nowhere is this truer than in e-commerce. Legacy retailers have moved into e-commerce in a variety of different ways and have managed the migration from physical to digital marketing with a similarly wide range of approaches, technology platforms, databases and marketing processes. For many, the upshot of this is that they have databases full of prospects, active and inactive customers being used for marketing that won’t pass the new round of regulatory scrutineering
The EU General Data Protection Regulation (GDPR) will be upon us in a matter of weeks. It comes after a substantial grace period to allow companies globally to understand and make adjustments to their data, processes and permissions. Despite this, time is almost up and market intelligence suggests many businesses, particularly retailers, won’t be ready.
In one swift movement, all EU member states will harmonise their rules relating to the capture, use, retention, security and destruction of personal identifiable information (PII). It is one of the biggest legal changes the EU has implemented this side of the millennium.
A lack of urgency
The retail industry recently gathered at the annual NRF show in New York. Given the proximity of the 2018 show to the instigation of GDPR, it was widely expected that global issues of GDPR compliance and last-minute preparation would dominate the agenda. Even more so when you consider the sheer volume of customer data being generated by retailers, its inherent value and the way that these companies are morphing into being data-driven organisations just as much as they are moving product and services.
In fact, the exact opposite happened. GDPR barely made a ripple at the show.
While this was a huge surprise, it was also illustrative of the great opportunity that many retailers are missing out on. The introduction of the GDPR will shape how marketers, especially those in retail, are collecting, using, storing and consenting their EU citizen data sources. With just weeks to go, the aim for those not already in an advanced state of GDPR data readiness must be to get existing data sources and existing data collection mechanisms clean and compliant.
The GDPR is comprised of 99 Articles that lay out strict requirements for different aspects of data security, retention, collection and disposal. It also has a very broad definition of what constitutes PII. The EU has never seen a change in information regulation as big as this, and despite no shortage of discussion, promotion, documentation and warnings, some in the retail sector have not yet applied the same sense of urgency to this as they would, say, to preparing for disruption to their supply chain. Both are just as impactful on the business.
Investing for the future
In the UK, we are seeing a variety of retailers invest in data to bolster their future marketing capabilities. Take for example the acquisition of Nectar by Sainsburys, a classic example of a retail becoming more data-driven. Following its rival Tesco, which has owned its own loyalty card scheme, and the substantial data insights from it, since inception, Sainsburys has made a £60 million investment in customer insights. By taking full ownership, it can make better use and have a deeper dive into the information collected through the use of the Nectar cards.
It means a more personalised, targeted experience for the customer, and a more effective route to market for the retailer. Moreover, it makes it easier for the retailer to be 100 per cent sure the data is accurate, compliant and aligned with the requirements of GDPR as well as everyday best practice.
And that is the crux of the issue – every retailer is affected by this, regardless of size or niche. Whether you are a small 10-person specialist or one of the UK’s biggest grocery chains, GDPR applies the same to both. Everyone is facing the same pressures to overhaul customer and personally identifiable data (PII), and everyone will experience the same disruptions of unsubscriptions, purging incorrect and redundant data and rebuilding a more accurate, compliant pool of data. GDPR is a great leveller, and as such it is the best opportunity that big and small retailers alike will have to get their house in order without losing ground to the competition.
Refreshing data and consent does not need to get in the way of making sales. Rather, it is an opportunity to reacquaint your business with your customer base and start fostering a new relationship based more on personalisation, trust and value of information. As a case in point, we are already helping clients address GDPR consent and data gathering, at the same time as engage customers with upsell and cross-sell opportunities that appeal to them – based on intelligent use of their data within the boundaries of GDPR acceptable use.
As retail marketers, GDPR presents a genuine challenge to our business operations, but at the same time it pushes all of us to create a better customer experience for the longer term. By implementing new processes and best practices, we can make data more valuable to the business, at the same time as protecting individuals’ data rights and expectations.