Interviews, insight & analysis on digital media & marketing

Two years later, how have businesses responded to GDPR?

By Jeff Nicholson, Global Head of CRM, Pegasystems

The EU’s General Data Protection Regulation (GDPR), which was introduced in May 2018, was designed to empower consumers in a new and intensely competitive data-centric business landscape. Now that the regulation has been in force for two years, many businesses may feel the GDPR hurdle is well behind them, when, in fact, the race may be far from over.

Personal data is by definition, personal. And as such, businesses need to demonstrate an ongoing commitment to the responsible use of customer data to win their customers’ trust for good.

In its first year, GDPR resulted in nearly 150,000 filed complaints, forcing organisations to respond with all new data processes, and new customer-centric strategies that employ that data in a trustful manner. Now, with COVID-19 introducing further complications, many businesses are reassessing the efficacy of their processes and tools in maintaining ongoing compliance with GDPR while simultaneously watching response times.

In 2020, Pega research showed that organisations are no longer willing to take their chances when it comes to delivering upon customer centricity. 92% of organisations plan to go far beyond adherence and have built customer centricity directly into their processes. But is it that simple? Now may be the perfect time for businesses to assess whether their systems have achieved what they set out to achieve.

By acting now, businesses can make their new customer centricity more meaningful, prepare for the uncertain future and feel confident that investment in technology will keep their organisations running smoothly.

So, what technologies can businesses look to for the best practices in customer-centricity?

Putting the customer first with user-centric strategies

Businesses can take their commitment to customer-centricity a step further by engaging customers on the most convenient channel. For example, delivering customer service (which most often uses one’s personal data) via social, mobile, online and offline channels depending on individual preferences can help businesses reduce friction by tailoring services to each customer’s needs.

Also, by offering customers greater control over what data they choose to provide and, when they do, acting on their preferences to improve the service they receive, brands can effectively centre their interactions around the customer to build relationships based on loyalty, which promise customer satisfaction and cultivate greater customer retention.

Making decisions with your AI strategy

When successfully implemented, your AI strategy can be configured to monitor and calculate the individual needs of each customer and enables businesses to suggest relevant goods and services, offer appropriate discounts and only contact the customer when it is appropriate according to the data they have provided. By demonstrating that their needs have been taken into account customers will be much more open to sharing their personal data continuously.

The key for many businesses, is one of transparency. When customers experience their data working for their benefit, each customer interaction can be leveraged as a trust building exercise by the company, but transparency is crucial if businesses want to show that their actions are responsible.

Transparent, or explainable AI, offers a clear end-to-end view of how it came to the decisions it made so large businesses with extensive client rosters can ensure they are managing the huge volumes of data they collect on their customers ethically.

The alternative, opaque AI, a black box approach which does not clarify its logic, could expose businesses to doubt over their responsible use of data which may result in irreparable reputational damage. And of course, for many businesses, a transparent approach will allow you to implement your legal strategy for compliance with data protection laws relating to AI decision making.

The Automation Advantage

Whatever the current volume of DSAR (data subject access requests) that businesses are observing, many believe that these volumes will continue to fluctuate over time – both higher and lower. And no business can predict the next “Cambridge Analytica” type event that might cause a massive influx of requests.

By automating your manual processes, business can best implement their legal strategy for DSARS and react to any volume that comes their way, while quickly responding to any concerns over how a customer’s data is being used. This is in addition to the dramatic savings that come from automating the expensive, and potentially error-prone manual workflows and processes. And the fast responses that address specific needs, act as a reminder of the company’s commitment to providing an excellent quality of service in as little time as possible.

If a company already holds critical customer data, automation can work hand-in-hand with data to ensure customer success regardless of which channel the interaction took place on. And with visible benefits, customers may be more inclined to provide ongoing permissions to that data.

Has GDPR worked?

The purpose of data as useful tool for businesses to connect with their customers more accurately and effectively is unlikely to change over the next few years, but customers’ attitudes towards sharing it is subject to shift. The GDPR was primarily introduced as a response to demands for protecting consumer data, but its aim was also to put policies in place that would allow companies to continue to safely use it. This is the ever important, mutual value exchange.

Although customers benefit from improved products and services as a result of sharing their data, it is up to organisations to demonstrate these benefits to them to make it clear how their information is being used. By consulting with legal and technical advisors, and with the right technology in place, businesses can surpass the parameters set by GDPR so customers are assured that their needs will be prioritised, and their data respected.

The challenge of meeting the GDPR guidelines may have got the ball rolling in 2018, but in 2020 businesses can see a future relationship based on trust, and which is more effective in delivering customer value, by always putting the customer first.