GDPR Compliance and Your Data

With the GDPR deadline almost upon us we’ve probably all received a flurry of emails from companies asking us to opt back in to continue receiving their emails.

While that’s the visible face of GDPR for most of us, ongoing compliance with the new EU directives is much more to do with your company’s internal processes around storing, handling, accessing, sharing, and using the personal data you hold on your customers and prospects.

Without the right processes in place, and without the ability to identify and understand the data you hold, and allocate it to individual customers, compliance is going to be very difficult.

Here we take a look at how technology that enables companies to gain a so-called ‘single view’ of all their customer data can help companies maintain compliance far more time and cost-effectively.

Single Customer View

For any number of years now sales, marketing, customer service, and customer experience professionals have been trying to develop a ‘single customer view’ of their customers.

This essentially boils down to having a data structure in place where every piece of information about a given customer is accessible by everyone who needs it, when they need it. It means either all data must be pulled together into a central location, or all the bits and pieces of data gathered by different siloes and touchpoints have to be tagged and linked so that the while data set is interrogable.

From a technical point of view, it doesn’t really matter which of those two options you choose, or what technologies your databases are running. What’s important is that customer-facing or decision-making individuals in the organisation can, at the touch of a button, see everything your whole company knows about a given customer or prospect.

A company that can see this complete trail – of phone interactions, website visits, emails, purchases, social media comments, etc. – left by every customer and prospect is able to:

• Seamlessly manage interactions that cross multiple channels without asking the customer to update us or repeat information;
• Route customer enquiries to exactly the right team or person without delay;
• Proactively engage the customer to head off service issues before they become a problem;
• Personalise upsell, cross-sell, and renewals offers to meet a customer’s exact needs and circumstances;
• Understand the commonalities of our best customers so that we could find more like them;
• Identify customer segments, lifecycle stages, and purchasing patterns to inform everything from product development to marketing to pricing and payment options.

A Single View for GDPR Compliance

GDPR compliance is not just about being compliant on 25th May this year, or whenever you have an audit. Your organisation, and all your suppliers and subsidiaries, must maintain compliance at all times.

The key areas of compliance include:

• Identifying all the data you hold and relating it to the individuals it concerns,
• Understanding why you are holding that data and what you are using it for,
• Informing the individuals concerned – the data subjects – of what data you hold and why, and how you’re using it,
• Responding in a timely manner to requests from data subjects to access, modify, or remove their personal data.

When it comes to how your organisation manages its data, by far the easiest way to maintain GDPR compliance is to have all your personal customer data held in one place. If you don’t currently do that then it is something you need to consider.

Of course, for operational, logistical, legal, or technological reasons that might not be an option for some companies. What’s needed instead is a ‘virtual’ database which acts as a central repository of information even if all the actual data is held in different databases, in different places, and on different servers.

We call this a ‘living data inventory’ which is updated in real-time whenever any of your systems or databases updates or adds information about a customer.

Living Data Inventory

What we are really talking about is creating an indexed copy of all your data. For example, every record in every database which belongs to customer John Smith is tagged and linked so that, if Mr Smith were to ever make a GDPR-related request of the company, you can access all that data immediately.

This gets around the worry about integrating different databases and systems, as the inventory simply interrogates all those systems and links together all the data it receives as outputs to its queries.

What you now have is a portal for accessing all your data about any individual customer. To respond to GDPR requests from data subjects, your staff can now trawl through the data without having to log into multiple systems and search through multiple databases, each of which likely uses a different search method or method of cataloguing.

It also provides a powerful resource for maintaining information security and establishing what data is being processed, whose data it is, why it is being processed and by whom.

This central repository should be kept up to date by running the tagging and indexing routines on data as it is acquired and updated.

Beyond GDPR compliance, this same inventory can also form the basis of the single customer view that your sales, marketing, and other customer engagement staff can use to improve service and better target offers.

For more information on GDPR and Single Customer View download Infinity CCS’s new e-Guide here: http://www.infinityccs.com/gdpr-and-single-customer-view-guide/