Close this search box.

GDPR: An opportunity for digital transformation

GDPR: An opportunity for digital transformation

GDPR: An opportunity for digital transformation

Chris Combemale, CEO, DMA Group shares his thoughts on the opportunities from GDPR.

The new European General Data Protection Regulation (GDPR) comes into effect in May 2018. Its implementation is taking place in the wider context of dramatic change that retailers are both embracing and having to come to terms with.

First, we have truly entered the fourth industrial revolution, powered by data, potent new technologies, augmented intelligence and machine learning. A new world of possibility is opening up to retailers. It’s one in which big data analytics can be deployed to tackle some of their greatest challenges. However, this also throws up huge challenges for both businesses and consumers, not to mention governments and citizens.

Second, Britain’s role in the world is changing, following the decision to leave the European Union last year, as the UK looks outward towards a global approach to free trade, with the free movement of data at its heart. Britain is the leading digital economy in the world and has great potential to be the global centre of innovation, skill sets and competencies that will drive economic growth globally.

Third, all of this is taking place while retailers are having to come to grips with the implementation of GDPR. Updates to the ePrivacy Regulation are on the horizon too. Many retailers have already invested heavily in their ability to collect, process and action insights from customer data. Indeed this data increasingly informs every aspect of business strategy.

Recent media stories and speculation have led to concerns that some businesses will have to simply delete significant portions of customer and business intelligence ahead of May 2018. For example, the recent headlines garnered by Wetherspoons when it announced it was going to shut down and delete its entire customer email database, citing concerns about the possible risk of data breaches.

However, this response to the new laws is drastic and overlooks the opportunity they offer to start a new relationship with customers, based on trust and transparency when it comes to their data. The GDPR is a watershed moment for retailers and other businesses to make data protection a core brand value.

In recent years, we’ve seen from our own consumer research that people expect companies to be a trusted custodian of their personal data and are increasingly looking at the way a company treats their personal data as a brand differentiator. In fact, 59% of respondents to our Customer Engagement 2017 study said that a brand using their personal data responsibly is important in their decision whether or not to use them.

In this light, GDPR should be viewed as a positive change and one that retailers must embrace by placing respect for privacy at the heart of their brand proposition. Brands should use the new rules as a catalyst to transform their businesses into human-centric ones, building trusted, authentic and transparent relationships with their customers. Transparency means telling your customer how you are going to use their data and what benefits they will get.


At its core, GDPR is clearly about data and the information that businesses have on their customers. It asks retailers to be accountable for their decisions on how they collect and use personal data. This means having a full understanding of the data the business has across the multiple systems it may currently be using. Yet this sort of single customer view is also something many in retail have been wanting for years.

Companies also need to be clear about why they need the data, what they are going to use it for, how they are going to keep it secure and the legal basis they are using to process the data. With customer data under GDPR encompassing a much wider variety of information than just contact details, it’s imperative that retailers have the right data management technologies in place to not only hold and protect the data, but also record information like how consent has been collected or the details of a legitimate interest assessment.

This level of accountability is not just something for the lawyers either, it should be driven at board level and filtered down throughout a business. Ensuring an organisation builds a culture of accountability, transparency and trust is the responsibility of the CEO down – as well as the data protection officer that will need to be appointed by any company that works with significant amounts of personal data.

Alongside the need for new tools to help track data, it’s also vitally important that people working within businesses are trained as to what their responsibilities are. All employees need to be aware of the obligations around data security and the need to consider a customer’s right to privacy when making business and marketing decisions.

Every retailer will need to make its own assessment and take privacy into account when developing plans for the coming year, ensuring that training around data privacy goes beyond those employees in the legal and compliance teams. It is everyone’s responsibility. Transparency means telling the customer what you are going to do with their data and the benefits they get in return, such as offers or news of relevant products and services. So your teams all need to understand this too, whether they’re in head office, in a call centre or on the high street.

It’s important that we continue to build consumer trust in the digital economy. The alternative is a scenario where customers don’t trust transacting via ecommerce or engaging with other digital channels because they don’t trust companies to keep their data secure. This would lead to the disappearance of foundational customer data and the collapse of the modern digital economy.

In the era of augmented intelligence and machine learning, the technology at the disposal of retailers today, as well as their customers, is more powerful than ever. With this power comes greater responsibility though. Brands are responsible for training both staff and technology to create great experiences for customers within the ethical framework underpinning the rules in the GDPR.

Being open, honest and transparent about what you are going to do with customers’ data is the only way to truly develop loyal and sustainable relationships. New products and services, such as Amazon Alexa and Google Home, are just the start of the data-driven opportunity. These have to be designed and developed to bear in mind the customers’ right to privacy and not take it for granted that they want to do all the things that will be possible.

Retailers must not see the GDPR as an obstacle to innovation, but rather an opportunity to build new processes and systems that will benefit both the customer and the business in the long term. Building new relationships with customers around their data, based on trust and transparency. Those retail businesses that grasp this opportunity with both hands will set themselves up to not just be complaint with the laws, but be ready to continue to innovate as the fourth industrial revolution continues to reshape how retailers engage and interact with customers.

The following guest article has been written for InternetRetailing by Chris Combemale, CEO of the DMA Group. The DMA is a UK trade association representing 1,000+ organisations from the one-to-one marketing industry – those companies that speak directly to their customers and those companies that help them achieve this.


Read More

Register for Newsletter

Group 4 Copy 3Created with Sketch.

Receive 3 newsletters per week

Group 3Created with Sketch.

Gain access to all Top500 research

Group 4Created with Sketch.

Personalise your experience on