Consumer Data: Consumers tend to look down on the message of a brand with which they have never had a business relationship. In addition, one in 10 consumers worldwide uses tools to control their data, such as ad-block software, which prevents the tracking of online activities.
- 87% said they would not do business with brands if they had concerns about security practices.
- 71% would stop doing business with a brand if they discovered it was distributing their data without permission.
This shows that awareness about the collection and use of consumer data is increasing. And with regulations like LGPD, it should grow even more.
Insights Into GDPR Consumer Data Collection
We saw what the law says and what consumers think. But what does this mean in practice? Will you no longer be able to use data in data science initiatives such as big data analytics?
Data on consumer behavior are inputs for creating campaigns segmented by profile, habits, and regions aimed at individual needs. More than generating opportunities and demands, it is about increasing the relevance and pertinence of offers to create much more efficient and pleasant shopping journeys.
However, it is not all good intentions in an economy that monitors and analyzes data to capitalize on it. Unlimited data exploitation has serious consequences, from the benefit of only one party to the relationship to crimes ranging from fraud to discrimination.
According to the LGPD, the consumer cannot accept or resign to obtain the convenience of certain personalized services to have their data monitored and analyzed.
So the question is: if and how can retailers continue to use data to deliver value and personalization to their customers without infringing on the GDPR? More than privacy, what is at stake is transparency with the use of consumer data. Let’s bring some insights into how to do this.
We have seen above that ten legal bases, and two hypotheses govern the collection and processing of consumer data. Such grounds go against a standard – and criminal – practices such as:
- first, collect and then know what to do with the data;
- buy third-party lists;
- organize and share consumer data without authorization;
- unequal treatment of consumers, manipulative and discriminatory marketing, etc.
So, to avoid them, the company must identify what data it needs to serve the consumer and why it will keep or share it in maps or records by data types. For example, the information you use to issue an invoice can only be used for that purpose.
This mapping also needs to reach all data capture channels, especially when they are third parties, such as social networks. As it will be necessary to have the consumer’s consent, the capture event must be clear to the consumer at all stages so that it does not exceed the limits of the legislation.
Review And Rewrite Storage, Transfer, And Disposal Policies
As we have seen, the holder also has the right to request access to the data held by the company. But where and in what way does the organization store them? In what situations, how, and by whom is the data discarded? When transferred to operators, how are they used, stored, and protected by them?
In a question: why does the consumer data flow from capture to removal? Then, the data storage, transfer, and disposal policies must be revised and rewritten according to the different categories of data raised and mapped in the previous item.
Assign Data Operators
The company needs to protect all data captured and maintained from attacks and threats. And a good part of data security flaws is caused by human infractions.
To minimize them, more than creating security control mechanisms, limiting access to data to only those who need it will be necessary, establishing data operators who manage, supervise and ensure compliance. This also includes well-defined crisis management actions in case of breaches and other threats.
Transparent Communication With Consumers
Despite the rise in awareness, the same McKinsey survey cited above shows that many consumers still don’t know how to protect their data: only 14% encrypt their online communication, and 1/3 change their passwords regularly.
Therefore, it will be critical to establish transparent communication with consumers so that they know who and why their data is being collected and have the option to consent or not. This will no longer be in the fine print but will be given prominence and clarity.