Delivering 1:1 Digital Experiences in a Regulatory World

CXO THOUGHTS
Bergamo-Headshot Delivering 1:1 Digital Experiences in a Regulatory World
Sue Bergamo, CIO & CISO, Episerver

There’s increasing conflict between what today’s buyers expect and how they want to control the use of their personal data. Amid regulations aimed at how brands gather, store and use customer data, how can brands deliver a 1:1 digital experience that is expected of them while complying to regulatory obligations?

Data privacy is a hot topic and one that doesn’t always get top billing in various industry conferences, but consumers are paying attention. Episerver’s data indicates the majority of online shoppers say it’s a bigger priority for brands to respect their anonymity compared to 2019. With so many regulations appearing across the globe, businesses need to understand where customer data is processed, ensure that it is protected and remain transparent to the information that is collected and used.

The Price of Mistrust in Digital Experience

Being trusted with a consumer’s personal and financial information is a key component to delivering a standout customer-centric digital experience. Regulations like GDPR and many new U.S. state laws,will have a positive impact on increasing the trust factor for compliant retail brands.

As retailers, our world is filled with terms like data privacy, trust, opt-in, opt-out, GDPR, data portability and subject access request. When will it all end? The answer is never. In the U.S., several states are taking data privacy to the next step. California, Florida, Massachusetts and Texas, are all taking a lead in building their own privacy laws and Oregon and Washington will be next. There are several more U.S.states watching these new laws and others may also choose to follow suit or create yet another individual and specific law.

For GDPR, companies that are not compliant with the rules to process, mask, transport and delete European Union citizens’ data, can receive exorbitant fines, upward to 4% of a company’s revenue or up to 20Million Euros (whichever is higher). Any company that is not paying attention to global compliance regulations is taking a tremendous risk for their business. A critical part of my compliance program is to solve for the highest-level regulation, which so far is GDPR. The rest of the laws fall under the scope of the EU program. Compliance is not for the faint of heart, as each regulation seeks other compliance requirements and businesses need to monitor these regulatory laws to see which regulation has achieved a higher level of conditions.

GDPR has been in place since May 2018 and over the last year has had a few updates:

  • Expanded the guidance on international transfers
  • Expanded guidance on exemptions
  • Detailed guidance on encryption
  • Guide to data protection was updated
  • Update on right to be informed
  • Processing data under article 6(1)(B)
  • How to calculate the time for responding to requests
  • Unfounded and excessive requests update
  • Special category data update

Interesting B2B stats around compliance and digital experience include:

  • Trust was found to be the most important aspect of having a positive digital experience.
  • Eighty-four percentof businesses agree that increasing digital expectations of customers and partners is the top threat to their business according to Episerver.
  • In a digital world, businesses compete globally with or without an international strategy. Twenty-eight percent of B2B decision-makers believe expanding into new geographic markets is a top opportunity for their company. The new government-imposed restrictions make it more challenging for every business.
  • Online shoppers want a higher level of personalization within their customer experience. This equates to gathering more details about the consumer, their habits and shopping experiences. Ninety-three percent of shoppers see the handling of personal data, anonymity and privacy, as a leading role in their buying decisions.

Personalization With Privacy

It’s clear that privacy within a personalized shopping experience should be a pathway for your business – even a differentiator. As companies develop strategies to better understand customer behaviors and preferences; rather than only considering past purchases and browsing history, a wider view of the customer’s needs fulfill this difference and an increase in consumer trust will help boost sales over time.

Data privacy is key to winning over a customer’s trust and the collection of personal information further improves the digital experience. To deliver more tailored, personalized interactions while still respecting shoppers’ desires for security, brands and retailers need to inform shoppers about their privacy practices and strategies with greater transparency. Better education for consumers on how their personal information is used and stored, as well as who has access to it is paramount to build trust levels. Retailers who automatically opt-in customer stouse personal information without explicit permission, for example, will ultimately be caught by the European Union and other regulatory bodies.

These same retailers should elevate compliance, security and privacy within their organizations, to ensure that decisions are made to increase customer trust. Compliance doesn’t just start at the product level, yet it involves all levels of an organization and its employees who handle and process data.

Companies that are mindful of each customer’s privacy rights, and who consider their corporate-wide privacy strategies to focus on the customer-centric digital experience, will win in brand recognition and customer loyalty.