The importance of customer data to retail brands cannot be overstated, especially when petabytes worth of personal information is gathered for brand marketing by retailers on a yearly basis.
The insight provided by such information can allow brands to give a more tailored experience in how customers engage with their store and help forge relationships built on loyalty. A big component of this relationship is trust – a trust based on brands protecting the data provided by customers in line with the laws set out by the likes of the European General Data Protection Regulation (GDPR).
However, highly publicised data breaches have affected millions of consumers. This has brought scrutiny towards the high street and more demanding consumer expectations for data security. To improve brand/consumer relations, retailers must be seen to take the first step and develop a data security strategy that encompasses security and privacy from its foundations.
Addressing the sceptics
Over the past two years, the emergence of significant high street brands suffering data breaches has put the spotlight on security and privacy of data. Nothing did more to damage consumer relations than the recent Facebook/Cambridge Analytica scandal, which saw the unlawful collection of information on over 87 million Facebook users.
A recent Janrain survey looking into consumer opinion during the aftermath found 57% of respondents more concerned about their data privacy and security. It was also found that consumers are generally less willing to provide retailers with personal data with 45% worried that brands will either misuse data or fail to protect the data from hackers, generally less willing to provide retailers with personal data.
This will certainly make life difficult for retailers going forward, more so because a recent survey of retail CMOs revealed that a 25% planned to leverage the information for market research and new products while nearly half (44%) stated the data would be used to provide customers with an enhanced shopping experience. If consumers are unwilling to share their data, the best-conceived marketing and business plans will suffer, stagnate and begin to crumble. So, how can this be avoided?
Trust is vital to the consumer and should not be underestimated by the retailer. This is not marketing spiel but facts – 88% of consumers say the extent of their willingness to share personal information is dependent on how much they trust a brand. It’s unfortunate, then, that some of the industries that rely most heavily on consumer data – including retail – suffer some of the lowest consumer trust rates. By demonstrating a commitment to security and privacy – with customer trust the end goal – retailers will reap the rewards. But the strategy must be engineered in this fashion.
What is the security strategy?
To achieve the desired level of trust, retailers need a clearly defined data security strategy that is built on purpose-specific, mutually agreed consent.
When requesting data from customers, there must be a defined purpose for its use. GDPR limits the collection and use of personal data not needed for shops to carry out their services. For example, it is understandable for a high street brand to want size details, mailing addresses for postage and phone numbers linked to the account for multi-factor authentication or password recovery. But the purpose for collecting and using this data needs to be consented to by your customers.
This may seem like a simple and basic thing to address but 71% of consumers find companies’ privacy rules difficult to understand. It is up to retailers to make sure their terms and conditions (T&C) are visible, clear and easily accessible across all platforms.
Of course, customer consent must be freely given. This means a mutual agreement or understanding is in place that the data shared with the store by the customer will be used to benefit both parties. However, the power to choose which data will be used or to be removed from such databases will ultimately be with the customer. Solutions are available to address this essential GDPR requirement, enabling the organisation to obtain informed consent from customers for the use of personally identifiable data.
When brands are transparent and clear regarding the data, they gather and its intended use, trust is built with their consumers. However, as new threats emerge, retailers need to stay ahead of the curve by keeping consumer data safe. Trust and security are entwined and, if an organisation fails to realise this, a black mark will be associated with the brand’s name.
By Mayur Upadhyaya, managing director at Janrain, the first choice of global enterprises for mission-critical customer identity and access management (CIAM) needs.