Warning: Rush to go digital carries GDPR risks

The rush to e-commerce in the wake of the pandemic has seen firms take risks with GDPR laws despite the threat of big fines, writes Rob Pryce of Dublin marketing software player Xtremepush.

With product and service provision now almost exclusively online, digital marketing is all the more significant.

Databases are being mined for customer insight. And, cleverly combining email, SMS and push notifications is helping challenged businesses hold on to current clients and find new ones online.

“Don’t bundle consent with something else. If customers give an email address for a receipt, don’t assume it’s okay to market to them”

Quality over quantity, relevance, incentive and simplicity is the goal of good digital engagement. But, GDPR and respect for consumer data is still paramount.

Although in place over two years, the recent rush to ecommerce has seen some firms take risks with GDPR laws, despite the threat of big fines.

Globally, an estimated 85,000 new online businesses sprang up between April and July this year.  In Ireland, figures from the IE domain registry show a 30pc increase in new .ie domains over the same period in 2019.

Data compliance

In the haste to go digital, the danger is that fundamental compliance errors are being made. Both digital newcomers and well-established brands are struggling with their data compliance framework.

The advice: check and double-check with your webmaster that you have the correct cookie consent banners on your website, and that you are collecting first-party consumer data openly and ethically.

And ensure your sales and marketing teams only reach out to individuals who have consented to contact, freely and knowingly. You can’t dupe them into it; no pre-ticked boxes! You need to prove consent, with a record of permissions.

Don’t bundle consent with something else. If customers give an email address for a receipt, don’t assume it’s okay to market to them. You cannot make consent mandatory, unless you have a legal requirement for it, and it must be easy for the consumer to withdraw too. If you can adhere to these GDPR principles, you will not only be safe from a compliance perspective; you will actually have more success.

Email marketing is widely used, but success comes back to one question: what kind of email list you want? 5,000 interested people, happy to hear from you, or 30,000 who don’t care about the brand?  Rather than view GDPR as a barrier, we work with clients to build relationships with their customers, based on transparency.

The right way to grow email subscriptions

So, how do you grow an email subscription list under GDPR?  Creative marketing that adds customer value has always been the way to go.  And, it is enhanced by being upfront and honest;

“We’ll only use your email address to send you offers and discounts we think you’ll like”.  

Keep in mind ‘incentive and simplicity’. What’s in it for the customer, and how can I make the process easier for them? Answer those questions and your email list will flourish.

Brands have most success by timing a permission request to coincide with a positive experience and/or an offer. Rather than asking every visitor, as soon as they land on the site, choose the right moment to engage.  And personalise it. 

Onsite pop-ups, for example, must be tailored to the recipient to be effective.  Rather than one generic permission request appearing to everyone, change the content to reflect the interests of the visitor.

So, if a visitor is browsing a store’s menswear range, the message and the ‘value-exchange’ offered would reflect that. You can segment your email list based on the specific interests of customers, so future campaigns have the same individual relevance. Personalisation adds value to the shopping experience and increases conversion rates.

To optimise email opt-in, make it simple to sign-up.  All you really need is an email address, not all the customer’s data. You may like their name, address, date-of-birth, interests and countless other attributes to round out a customer profile.  But, privacy concerns aside, it’s going to take so long to type, they won’t be bothered.

After a while, when there’s evidence of engagement (they regularly open emails and click-thru) then it’s worth trying to take the relationship to the next stage.  But, be upfront! “We see that you like what we do, so we’d love to make our content more personal to you.”

This level of rich, first-party data is essential for long term engagement and repeat sales.  But the onus is on brands to solicit it openly and use it fairly. Industry-wide changes mean anonymous, third-party data is being phased out. This will inevitably lead to fewer prospects at the top of the funnel. So, developing your relationship with existing customers is all the more important.

Prune for integrity

Another counter-intuitive move is to prune your email list to help it grow! A bloated list, with a high percentage of unresponsive emails doesn’t do you any favours.  It only clouds the integrity of campaign results.

If you send an email campaign to 1,000 people and have a 25pc open rate (250 people), you might conclude it wasn’t compelling. But how many of the 1,000 weren’t going to open it under any circumstances, no matter what the subject line was? So, don’t be afraid to cull addresses that haven’t engaged in the last 12 months.  It’s over, they’ve moved on.  You should too!

At Xtremepush ensuring clients stay GDPR compliant is part and parcel of the technological expertise. Our ISO certified engagement platform automatically manages marketing permissions across all channels, not just email. 

Robust cybersecurity frameworks and policies also keep clients’ and their customers’ data safe. Because, no matter how engaging or successful a marketing pitch is, it would need to be exceptional to take the sting of a €20m fine for breach of personal data privacy. 

Man in blue shirt with brown hair.

Rob Pryce is chief revenue officer at SaaS provider Xtremepush, a global customer engagement, personalisation and data platform headquartered in Dublin.