Prepare for GDPR: Privacy, consent, and the value exchange

By Ian Woolley, Chief Revenue Officer at Ensighten

With the new General Data Protection Regulation around the corner, with just under 3 months to go, businesses of all sizes should be aware of the significant changes to data collection – and the opportunities it brings.

Research into marketers’ attitudes indicates that three quarters of UK marketers view GDPR as offering opportunity, as when it comes to customer engagement and interaction, they believe GDPR will make them modernise their approach, and ultimately, improve their customers’ experience.

Businesses who are looking to take steps towards becoming GDPR compliant, or are already there, can consider the following factors around how they can use GDPR as a strategic opportunity.

The change in the value exchange and website presence

GDPR states that organisations must get explicit consent from consumers before they can market to them – doing away with digital marketing wastage, one could say. However, it also enforces a legal requirement on companies to ensure processes and parameters for data use are clearly communicated at the very start. This involves being privy to which third parties are piggybacking on your website and using your customer’s data in an uncontrolled way. This is an issue that marketers should be in control of now, both to improve their customer’s experience and get ready for the GDPR deadline on 25th May. Full information from the ICO can be found here.

With the new regulation, everything about data collection changes, including the first contact with a customer on the website. Research shows that confusion still fogs who is accountable for GDPR compliance within businesses, with 46 per cent of UK marketers believing that their company is not responsible for data collection across all digital properties.

For brands with websites, one of the main challenges is gaining visibility of which third parties are ‘tag piggybacking’ on their web pages. A major concern is that what lies beneath a website is often a complex web of unauthorised, and even unknown, JavaScript tags. Due to this, website architecture should be a key area of focus when it comes to compliance, as these tags can piggyback off one another and cause compliance nightmares. Each collects visitor data and shares it with the technology providers for every digital element of the page.

Future opportunities with consent

Even though two thirds of UK marketers (66%) see GDPR as a strategic opportunity… Currently 42 per cent of marketers know that their brand website is not yet compliant.

Marketers who take the relevant steps towards changing the technology of their website will not only become compliant ready for the GDPR deadline, but will improve the overall user experience with less overall disruption. These changes, ahead of time, also ensure that customers aren’t confused by a sudden new look and set of consent options in May. The sooner these communications begin, with changes being signposted and explained, the sooner trust is created between brands and customers. Going back to the point on who is accountable for compliance, while this is a marketing and customer care department challenge, the technology platform is central to websites functioning efficiently, effectively, and most importantly: Compliantly.

As brands hold great responsibility in protecting their customers’ personal information, it comes down to the technology platform to create the brand trust consumers will become increasingly aware of as they understand their GDPR rights. Additionally, it falls to the technology team to manage the process of visitor audit trails and have these details to hand upon regulatory request from the ICO.

All sites will require a consent manager so visitors can have control and power over their own data – giving them the ability to directly view, change and withdraw consent for various data uses at any time. These will need to be connected to all the different technologies and third-party suppliers that manage the various web operations a site requires – which is fundamental to modern business success in 2018.

The GDPR silver bullet

GDPR compliance, and one that offers a better value exchange for all concerned and hinges around personalised 1:1 privacy consent for all web visitors. The most useful solution may be for most organisations to deliver customer consent overlays directly onto web pages to give visitors a positive experience with respect to consent communications – and simplified control over data collection by various marketing technologies. Given the global reach of the web, being able to easily customise privacy choices to match all local languages will be a crucial element that may play a big impact in the way customers respond to their new rights.