What, Who and Why?

Coming to a cinema near you, 25th May 2018, the General Data Protection Regulation (GDPR) is the EU’s new addition to its current Data Protection rules.

It has been designed to put people back in control of their data, creating a shift of power from the organisation to the individual (a consumer-controlled world of privacy), and is in keeping with the general move we’re seeing across society of PULL rather than PUSH.

GDPR defines two types of data managers: Controllers and Processors. The controller is responsible for defining how and why data is being collected, whereas the processor is responsible for how the data is being processed. For example, if you run a blog which has a popup asking people to subscribe to your mailing list, you are a data controller. The company that runs that mailing list, is the data processor. Both must abide by GDPR.

Now, you could be forgiven for not being worried about this as a UK or a non-EU business. However, it is crucial to understand it affects any person or organisation that will be managing data from people within the EU. A US company that has users within the EU must abide by these regulations in just the same way as an EU based company.

The penalties for failing to lawfully manage data could be significant, with potential fines of up to 4% of the annual revenue of the organisation in question, or £18 million – whichever is most.

An Opportunity not an Obstacle

It is easy to feel weighed down by these new regulations. On the surface they can seem like a spanner in the works. However, it is important to consider why these regulations have been put into place and recognise the opportunity they present. They are there to protect people’s personal data, and to hand back choice. To protect your customers, and offer them choice.

At Motivait, we are already seeing GDPR triggering many organisations in the Loyalty and Alumni sectors to rethink their Customer Engagement & Loyalty strategies. In the last few years many of these loyalty programmes have evolved from simple “Points and Rewards” to targeted data-driven schemes, becoming much more customer centric. GDPR shifts the paradigm further, putting the consumer firmly in the driving seat, managing precisely who can use their data and how.

This means now, more than ever, brands will need to demonstrate the value they deliver, earning the consent of their customers rather than just expecting it. We see the introduction of GDPR and the changes it will bring as a prime opportunity to reinforce customer’s trust in your brand by assuring them their data is valued, being handled safely and considerately.

At Motivait we build Customer Engagement & Loyalty programmes, so we completely understand the concerns many companies will be having over GDPR, just think of the amount of personal data we all manage on a day to day basis! As such, our platform complies with the strictest interpretations of GDPR, ensuring our clients are fully compliant and don’t have to worry about it.
Wouldn’t it be nice if you didn’t have to worry about that either?