If you live in Europe, then you’ve probably received tons of emails in the past couple of weeks. Businesses in every sector are making efforts to get your consent so they can keep accessing your data, all so that they comply with the General Data Protection Regulation (GDPR) requirements. This is coming in the form of sending you their new privacy statements, asking to confirm your full name, job title, and email, and verifying your willingness to receive their communications and stay in touch.
It all started once upon a time, or more precisely a couple of years ago on April 26 when the EU Parliament finally approved the GDPR and set the enforcement date for May 25, 2018.
And now back in present-day Europe, already two weeks have passed since the official tipping point, that critical moment when the unstoppable effect of GDPR began.
The EU defines GDPR as “the most important change in data privacy regulation in 20 years.” The sheer scale of GDPR’s jurisdictional impact is massive. And the requirements will not only hit EU-based companies but also extra-EU firms that manage European customer data.
Even the two year implementation period wasn't enough: As of April this year, it was clear that most companies weren’t prepared to meet the GDPR due date, with this figure close to 50% in the US. With its six privacy principles, its individual rights, and its threat of heavy fines, GDPR is greatly disrupting the way companies manage client data.
To work through this time of change, your business should set up proper written policies and appoint data protection officers who safeguard marketing activities.
Once you’ve done this, you’ll have to start dealing with a massive and messy “spaghetti-like situation,” as we like to call it at Appway. This means managing lots of uncoordinated paper-based and manual work, lots of hiccups and bottlenecks, and lots of low-quality information and depowered decision-making activities.
This is when the secondary need will pop up: time to get organized.
To regain efficiency, your firm will have to refocus on its customers' journeys. If it hopes to recoup productivity, it will be crucial to streamline all paper-based interactions and communication between clients and companies triggered by GDPR. And financial institutions are already starting to do this by looking at potential GDPR-related customer scenarios.
Possible scenarios could be:
- Inquiries to access personal data
- Consent renewals
- Requests for erasure
- Acquiring consent during the onboarding process
Onboarding is the first touchpoint that a company has with a customer, and now that GDPR is in effect, it’s more important than ever that it’s done right from the very start. Just think about self-onboarding online—this type of great customer offering is only valuable if it’s compliant all the way through!
It will be key that your business finds flexible tools that have strong integration capabilities and are able to orchestrate the customer experience, touchpoints, and GDPR compliance (among other regulatory requirements).
It’s going to be essential to match client’s increased attention to their privacy with their evolving expectations of banks. Customers, and millennials above all, want respectable and trustworthy banks. Nothing less will be accepted.