Chris Stennett, Global Vice President, Business Value & Strategy at Sitecore explains why data security and privacy compliance are key for building consumer trust
Data privacy has changed the way businesses operate – it’s no longer the sole concern for legal teams, as it has now become an imperative across all aspects of the business. From HR and marketing to tech and IT, everyone must understand and pay attention to regulation and best practice around customer data.
Almost three years since GDPR was introduced, we’ve seen companies continue to suffer data breaches, and non-compliance in legislations leading to massive fines – in fact, European regulators imposed almost €160m worth of fines in 2020 – a huge increase on the previous year. As a result, consumers are now more aware – and often more skeptical – about how companies are using their data. Legislations such as GDPR, California Consumer Privacy Act (CCPA) and the 2020 passing of the California Privacy Rights Act (CPRA) have also made higher standards of data collection a legal requirement, with non-compliance no longer an option.
So, what are the most common data challenges that businesses face today in the area of compliancy and how does this impact trust?
They face three core issues in their attempt to meet data privacy and security requirements:
- Adopting a new mindset – Now that regulations such as GDPR and CCPA are established, brands must stop looking at data privacy merely from a compliance perspective and see it as an opportunity to demonstrate trustworthiness to consumers. The journey to compliance is a lengthy process that requires businesses to build and instill solid practices, systems, and processes. From here it becomes more of a branding challenge that allows companies to reassure customers that they value and respect their data and will not misuse it or leave it vulnerable to hackers. As the CPRA will supersede CCPA and become operative by 2023, brands must get a jump-start on understanding regulations to ensure a smooth, seamless, and trustful transition. The time is now.
- Maintaining pace with the regulatory landscape – While data protection laws have existed for a while, we have not yet seen clear international precedent on enforcement as regulations vary in different countries. To prevent fines, reputational damage and a negative impact on customer trust, brands should always err on the side of caution. Dedicating their attention to how they capture and process data within the evolving regulatory landscape is key.
- Making effective use of data – Determining what counts as personal data is a challenge many organisations face as it could change from one situation to another. Furthermore, although some businesses have been racing to collect as much data as possible, they’re often not sure why they’re collecting it, how they’re going to use it and where and how they’re storing it. This creates risk under data regulation.
Creating and developing brand trust
While 88% of customers are willing to pay more in order to have a good experience with a brand, the issue of trust shouldn’t be neglected. Customers are more inclined to trust brands that are listening to them; therefore, trust and communication are related priorities. As customers are becoming increasingly suspicious of how organisations are handling their personal data, demonstrating transparency, responsibility and accountability for that data will encourage deeper levels of trust in your brand. GDPR becomes a business lever that your organisation can pull to underline your commitment to the privacy of both customers and prospects, and that you take a differentiated stance from your competitors.
Customer trust and data privacy and transparency go hand-in-hand. This means that companies need to have processes in place that can document what information is being stored and make it available to both customers and the regulatory body that is overseeing them. Regulations such as GDPR exist to ensure that both businesses and customers are comfortable with data sharing and trust the idea of working within digital experiences.
This is also an opportunity for organisations to revisit their marketing and digital experience strategy to take advantage of the fact that their data is now more accurate, structured, current and reliable. They can become more effective and efficient as a business by only engaging with those customers and prospects who are likely to engage with their marketing activities, developing latent brand promoters, and avoiding the inadvertent development of brand detractors, maximising their reputation overall.
Brands could also benefit from reviewing the mechanics of how they deliver their omnichannel experiences. They need to ensure that customer data use is consistent, provides clear, channel specific preferences and customer consent is properly respected, and overall, the best joined-up cross-channel experience is being delivered within these constraints. Embracing data security and privacy may impact what you can do with some channels, but it may also open up opportunities in other channels that can ultimately provide a better experience for your prospective and existing customer base.
In the journey to becoming a brand that consumers trust, here are eight areas for brands to focus on:
- Build cross-functional teams across the business who value and work towards trust
- Only collect the data needed
- Collect data across the journey, not all up front
- Simplify the process of gathering consent to use customer data
- Demonstrate the value you add by collecting data from your customers and prospects
- Be transparent about how you’re using and protecting customer data
- Re-evaluate your marketing strategy in light of the quantity and quality of data you now have available
- Review the mechanics of how you deliver your omnichannel experiences
Putting practices in place that build trust in how data is handled has become more important than just ticking the compliance box. These eight guidelines are a great foundation for businesses that are currently working hard to build customer trust while ensuring data privacy and security. Only when organisations start to understand the interdependent relationship between data collection and use and customer trust will they truly achieve their ambitions to be a trustworthy valued brand.
Read the latest edition of PCR’s monthly magazine below: