GDPR: transparency, trust, and a positive spiral

GDPR: transparency, trust, and a positive spiral

Can GDPR be a catalyst for a new customer dialogue? Yes, according to Clas Ohlson's CISO Urmas Aamisepp, one of the speakers at Cognizant Snapshot Breakfast, who views the new regulation as an opportunity to deepen customer relationships and to develop new offerings. How? By increasing customers’ trust, their willingness to share personal data will hopefully increase. And more data enable more accurate offers.

Who has the energy to consider GDPR as a business enabler, when you already have your hands full with compliancy matters? Well, the two different aspects might actually be compatible – and empower each other. Data is namely key when it comes to creating customer value.

With over 200 stores, and a web shop, across five countries, Clas Ohlson is a modern hardware retailer focusing on smart, affordable products. The company’s work with GDPR started a year ago, and its strategy, where transparency, trust and data are fundamental, has laid the foundation for new business opportunities. Where did they begin?

“We started off by establishing a cross-functional team to understand and interpret the regulation, and to create some basic instructions around it,” says Urmas Aamisepp, Chief Information Security Officer at Clas Ohlson.

The next thing was to determine what kind of personal data that was kept within the company. After identifying three tracks of data – customer data, HR data and personal information about shareholders – a series of workshops with the business owners were conducted. The purpose was to identify where data should be, how it was handled today, and how it ultimately should be handled tomorrow.

“By carefully outlining where data reside, we could set priorities right for the future,” says Urmas Aamisepp. “We also realized that we had collected some data that we didn’t even need, and decided to delete it.”

Naturally, some challenges have appeared along the way. The interpretation of the regulation, the existing consents included in the loyalty program with its 2.5 million members, and contracts with third parties are all examples where legal issues still need to be considered.

After the initial GDPR work, Urmas Aamisepp’s team now sees a good opportunity to build a new e-commerce solution. They also want to establish a new business intelligence platform and a compliance monitoring system, where control of assets and consents can be secured. Furthermore, they strongly believe that the GDPR work will help to increase sales.

“We need to market GDPR compliance with offers for consent to process data,” says Urmas Aamisepp. “The transparency and honesty will generate trust, which will make the customers more willing to share personal data. This will give us new customer insights, something that then help us to increase relevance in our offerings.”

Equipped with more data and customer consents, Clas Ohlson has also paved the way for new interesting possibilities: biometrics and customer terminals with facial recognition and personalized offers, Wi-Fi based heat maps where the customers’ patterns in the store can help to redesign stores and to pinpoint important customers, and countless opportunities around IoT and the gathering of data from equipment sensors.

Watch the video from Cognizant Snapshot Breakfast on GDPR.