View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Policy
April 19, 2018

Managing the Customer Journey in the GDPR Age

How will GDPR impact customers, as well as businesses?

By April Slattery

The GDPR is not only changing the way organisations think about data; it is changing how consumers think about data as well. Data is no longer just an asset gathered by organisations from customers and end users; it is now also an asset for customers.

The GDPR brings with it the concept of the data subject (the customer) and data subject rights, and with that the right to access, to be forgotten, to data portability, to privacy by design and the obligation to notify breaches. What these new rights mean is not entirely clear to organisations just yet but one thing is definitely clear – customers and end users now have more power to control how their data is used and what it is used for. This is uncharted territory for many (if not all) organisations, and the threat of hefty fines for non-compliance means organisations cannot afford to make any mistakes.

A new Journey in a More Complicated Landscape

For contact centres in particular, GDPR poses many interesting challenges. The Right to be forgotten, for example, presents an existential problem for the way many contact centres are set up. For example, contact centers often operate multiple data recording and CRM systems simultaneously. These systems are designed to remember and integrate as much customer data as possible – the exact opposite of erasure. The GDPR therefore calls for a design overhaul of these systems, hence the horrified IT manager.

The Right to Be Forgotten is not only a technical challenge, it is also a problem as it can clash with other evidence keeping requirements. Our customers often ask: “What can I do if the same interaction that was deleted must also be used as evidence?” So the challenge is twofold: it’s about finding the right interactions and deleting the right amount of information to ensure compliance.

A New Relationship with the Customer

Under GDPR, the customer will have more control than ever over how their data is gathered, stored and processed. At any given time, the customer can ask for any information an organisation is holding that concerns them. They can also ask that the data be erased. “Privacy by design” and mandatory breach notification (within 72 hours) will also become mandatory.

This new layer of transparency is bound to transform the customer journey and what the customer expects when they interact with any organisation. For example, when it comes to consent, the new regulation states that all people involved in a call must provide their consent to be recorded. And although the regulation is not entirely clear on if this must be explicit or implicit, failure to comply would still be considered a breach.

A New Age of Customer Trust

This new requirement for consent will increase trust between customers and the organisations they do business with. For organisations, the knowledge that your customers have given informed consent to use their data can be very empowering. It shows that the customer has taken a first positive step in engagement. Once you have the customer at your fingertips, this can be leveraged to nurture a more trusting relationship.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

The ambitious “right to data portability” also presents an opportunity for organisations to impress customers with their honesty and transparency. With customers now able to require an organisation to provide them a copy of personal data that they have previously provided, if you can provide it immediately, you will readily demonstrate efficiency and a positive customer experience.

Embrace ‘Privacy by Design’

Random compliance checks are not enough – The GDPR calls for ‘privacy by design,’ that is, privacy integrated into every facet of products and services. Moreover, the regulation also demands data minimisation, meaning that companies only collect necessary data. A first step to approaching this, is understanding exactly what personal data you are storing and where it comes from. By analysing your databases and speaking to a cross-section of your organisation, from customer facing employees through to managers and CIOs, you may be surprised at the amount of personal data being stored and used in your organisation. You may be relieved to get rid of some of it and create new policies regarding which data to store in the future.

For many organisations, the mere mention of GDPR causes anxiety and trepidation. But from my experience, GDPR also presents an incredible opportunity to redefine how we derive value from our interactions with customers. By putting the right processes in place, GDPR could actually present a new opportunity to enhance the customer journey and bring new levels of satisfaction to the relationship between customers and organisations.

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.