Home / Legal & Compliance

The Golden Quarter & GDPR – opportunities for marketers

By / Jane Dixon / In Best practice /

The Black Friday/Cyber Monday period is the starting pistol that signals that start of ‘the golden quarter’, when most retailers lock in their profits for the year. It’s also a time when having a good customer database – along with reaching the right consumer with the right offer at the right time – is critically lucrative for brands. However, the looming prospect of GDPR is set to make the gathering and use of customer data more complex. So what should marketers be doing now to ensure their golden quarter & GDPR plans go platinum in 2018?

The Golden Quarter kicked off at the beginning of October, with its biggest milestone firmly established as the Black Friday/Cyber Monday long weekend. Some £2.6 billion was expected to be spent in the UK just on Black Friday itself this year, up eight per cent on 2016, according to the Centre for Retail Research. Around £7 billion was expected to be spent across the whole weekend period, up from £5.8 billion the previous year.

However, this Golden Quarter is like no other for a particular reason. The looming introduction of the EU’s General Data Protection Regulation (GDPR) in May 2018 is already shaping how marketers, especially those in retail, are collecting, using, storing and re-certifying their data sources. In order to ensure day one and ongoing compliance, change is needed now, as actions at this stage will directly impact the amount of work needed at the last minute to make the GDPR grade.

Getting data compliant during and after the Golden Quarter

The primary short-term aim in this quarter is to maximise revenue. However, preparation and planning now will ensure long-term marketing benefits and a far less painful transition into the GDPR era, not to mention helping to avoid the EU’s punitive non-compliance fine structure:

Look at your existing data and think about how you are going to communicate with your key audience segments going forward; the channels you’ll use, how you will segment and target your audiences, and how you’ll personalise the messages and offers
In thinking about this, you should also look at the data points you have available to in order to drive your marketing efforts. Consider whether they are fit for purpose, as well as what permissions you have for using that data
Factor into your considerations how and what you will communicate around the use of personal data. Getting this right now, during a period when your current and new customers are paying particular attention to your messages, will give you a significant head start in ensuring compliance and re-certification of permission to use data for marketing purposes.

Not only does the GDPR lay out strict requirements for data security, retention, collection and disposal, it also has a very broad definition of what constitutes personal data and personal identifiable information (PII). That’s before we even consider the new and clarified rights that individuals now have across the EU regarding their information. These include Article 17 (the right to be forgotten) and Article 21 (the right to object).

As marketers, GDPR presents a genuine challenge to our business needs. We want to use data to create a better customer experience, as well as to promote and sell our wares effectively. However, we now need to do that in a way that does not compromise the new legal framework governing the collection and use of our existing data sources, as well as any new data we collect, going forward.

Golden Quarter & GDPR – best practice and consent

Ensuring your organisation has the right to hold and use PII in the GDPR age, starts with the issue of consent. While GDPR does not specifically ban opt-out boxes, that method of marketing communication is essentially the same as pre-ticked boxes, which are banned under the regulation. Therefore, best practice would be to move to a stance whereby customers and leads need to actively opt-in to marketing communications. This is also the advice offered by many country-level information regulators, including the UK’s Information Commissioner’s Office (ICO).

Therefore, any existing data collected using automatic opt-in or pre-filled boxes, needs to be revisited. Individuals need to be rechecked to ensure they are knowingly giving consent for the continued use of their data.

Look at the different data points you collect from individuals and determine what can be considered to be PII. Data such as IP addresses are considered PII, along with more obvious things such as names, addresses, credit card numbers, phone numbers and email addresses.

From here, you need to look at how you process this information, and the GDPR articles that will apply. For most retail marketers, the most relevant grounds will be contractual – Article 6 (in relation to the sale of goods or services), consent – Article 7 (opting in to marketing communications) and legitimate interests – Articles 6, 7 and 29 (the benefit inherent in processing PII for that company itself or perhaps for wider society).

Different grounds may be better aligned with different types of personal data. For example, legitimate interests with web tracking to drive personalisation, consent for marketing communications and contractual for transactional messaging. In evaluating the different legal basis for each data type, you’ll need to consider the rights of the individual. Also, consider how they might exercise their GDPR-enshrined right to withdraw consent or ask you to stop processing their data. Those considerations should then be documented in an updated privacy policy and made available at key customer touchpoints throughout the digital customer journey.

Capitalising on the Golden Quarter for data collection

Ensure that any new customers or prospects you engage with in the quarter give you marketing permission. Don’t auto-fill the box for them. This will ensure that any permissions gathered now still hold true after May 2018. Also log where that permission was acquired (for example, a website pop-up, initial registration or delivery/billing details page of the checkout process) to ensure it was collected alongside an opportunity to see the revised privacy policy. In the event of a compliance challenge, if you can cross reference the point of collection with the visibility of the link to the privacy policy that was published at the time, you’ll be on a strong footing to defend your actions.

The same applies for engaging with existing customers. Refreshing data and consent does not need to get in the way of making sales, especially if you integrate it into the checkout or sign-up process. For example, we are working with clients to develop post-purchase systems that not only enable up-selling and cross-selling, but also encourage existing customers to confirm their marketing preferences and details at the same time.

For those customers who don’t come back or respond during this quarter, retailers will need to consider a more aggressive programme of soliciting reconsent in early 2018.

Have an opinion on this article? Please join in the discussion: the GMA is a community of data driven marketers and YOUR opinion counts.

Username

Basic Information

First Name *

Last Name *

Company *

Job Title *

Country *

Account Information

Password

Confirm Password

E-mail Address

Confirm E-mail

Biographical Info

Share a little biographical information to fill out your profile. This may be shown publicly.

Terms and Conditions

Terms and conditions – website usage

Welcome to the Global Marketing Alliance (GMA). The GMA website is a product of the Global Marketing Alliance Ltd. If you continue to browse and use this website, you are agreeing to comply with the following terms and conditions of use, which together with our privacy policy, govern GMA’s dealings with you in relation to this website. If you disagree with any part of these terms and conditions, please do not use our website.

GMA may amend these Terms and Conditions at any time by posting the amended Terms and Conditions on the GMA site.

The term GMA or ‘us’ or ‘we’ refers to the owner of the website whose registered office is at 7a Queen Street, Godalming, Surrey, GU7 1BA, UK. The term ‘you’ refers to the user or viewer of our website or to those who become members of GMA.

The use of this website is subject to the following terms of use:

The content of the pages of this website is for your general information and use only. It is subject to change without notice.
The information provided and the opinions expressed in this website represent the views of the authors and contributors.
Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. We are not liable for any inaccuracies or errors.
Your use of any information or materials on this website is entirely at your own risk, it is your responsibility to check that the information available meets your requirements.
This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
Information on this site may be contributed by our members or other contributors (including in blogs). We do not control the information they provide and are not responsible for the views expressed
If you believe that your intellectual property rights have been infringed on this site please notify us. We accept no liability for infringements as a result of user generated content but we will take reasonable action to remove such content where possible.
Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
Every effort is made to keep the website up and running smoothly. However, we take no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
We reserve the right to refuse, suspend or cancel your access to the site at any time and without notice.
If you are acting as an employee, you warrant that you are authorised to enter into legally binding contracts on behalf of your employer. You further warrant that your employer agrees to be bound by these Terms and Conditions.
Purchases of training products or delegate places at events advertised on this site are subject to the terms and conditions of the providers.
Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Northern Ireland, Scotland and Wales.

Copyright notice

Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:

you may print extracts for your personal and non-commercial use only
you may refer to and quote from the content for review or reference purposes within the limits of “fair dealing”, but only if you acknowledge the website as the source of the material
You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.

I agree to the Terms and Conditions

Full Name LEAVE THIS BLANK

I agree to the Terms and Conditions

Author: Jane Dixon

Senior director at SmartFocus | www.smartfocus.com

The Golden Quarter & GDPR – opportunities for marketers

Getting data compliant during and after the Golden Quarter

Golden Quarter & GDPR – best practice and consent