Duologi

Merchant Login

Duologi
  • Sectors
    • All
    • Retail
    • Home Improvement
    • Legal
    • Education
    • Healthcare
  • How it Works
  • Switching Finance Provider
  • New to Finance?
  • About Us
  • Retail Finance Blog
  • Get in Touch

Retail
Finance
Blog

  • Ideas for you
  • News
  • Case studies
https://duologi.com/wp-content/uploads/2019/06/GDPR-business_sept.jpg

What actually is GDPR

The General Data Protection Regulation (GDPR) came into effect in the UK on 25th May 2018. It’s an acronym that has been covered widely in the media and discussed at length in company boardrooms and it has a major impact on the retail sector – but making sense of GDPR can be complicated. What actually is the ruling and what does it mean for your business?

Monday June 24th, 2019

What actually is GDPR

…and how does it affect my business?

The General Data Protection Regulation (GDPR) came into effect in the UK on 25th May 2018. It’s an acronym that has been covered widely in the media and discussed at length in company boardrooms and it has a major impact on the retail sector – but making sense of GDPR can be complicated. What actually is the ruling and what does it mean for your business?

This is the first of two blogs guiding you through. The second blog looks at the impact that the regulation has on your customers.

What is GDPR?

Since the birth of the Internet, our society has become increasingly digital-by-default. We buy goods, book services and generally organise our lives online. Almost without exception, these activities involve us sharing our personal information, such as names, email addresses and phone numbers, sometimes without even thinking.

This data has been collected and processed by companies on a vast scale for many years. It’s used in a variety of ways – for example, to build customer loyalty, promote goods and services to a wider audience. Due to the advent of technology such as artificial intelligence, the ability to use customer data for commercial advantage has become increasingly sophisticated.

Existing data? regulation, introduced in 1995, has quickly become irrelevant and out-of-step with the modern digital age. It therefore had to be updated. GDPR aims to take ownership and control of personal data away from business and put it back into the hands of the consumer.

Of course, good companies were already being careful to safeguard their customer data – but GDPR has sought to formalise and prescribe a set of boundaries to ensure that all businesses are on the same page.

Essentially, all organisations in the UK, regardless of sector or size, are affected by GDPR.

What does it mean for me?

Fancy paying up to 4% of your annual revenues in fines? What about €20 million? If you fail to comply with GDPR, these could be very real penalties.

There is, of course, a certain amount of scaremongering going on. The Federation of Small Businesses, for example, has called on the Independent Commissioner’s Office (ICO) – the body in charge of GDPR enforcement – to use a ‘light touch manner’ when dealing with noncompliance in smaller firms. This will focus on ‘education and support, not punishment’.

Nevertheless, Europe-wide stories of hefty fines are starting to filter through, the Central Hospital of Barreiro Montijo, in Portugal, was fined €400,000 simply for allowing too many employees to access patient records.

Moreover, the GDPR landscape can seem bewildering even for the largest organisations. American retailer Pottery Barn had to make an apologetic announcement to customers in the weeks following the introduction of GDPR, saying that ‘due to technical challenges caused by new regulations in Europe’ it couldn’t accept orders from the EU. And in Austria, a privacy campaign group has filed a complaint to the Data Protection Authority accusing behemoths Amazon and Apple of ‘failing to provide basic information like how their data is bought and sold on request, putting it in breach of GDPR rules’.

But there are equally companies that are getting it right and thriving in the post-GDPR world. Let’s look at some key ways that GDPR impacts your business so you’re ready to join them.

Do you have a website?

A basic marketing website which doesn’t capture any personal data can carry on as before. But any kind of e-commerce site – or any non-sales site which nevertheless encourages customers to sign up for a mailing list or similar – needs to be very upfront about getting active consent for that data collection.

GDPR demands a much higher level of consent than previously. This consent must be freely-given, specific and informed. It has also introduced the notion of ‘unambiguous consent’.

In the past, a business could use an individual’s data for marketing purposes without having to explicitly ask whether they agreed to it. This has now changed. Individuals must now give clear and explicit consent to their information being used for this purpose.

A statement or clear, affirmative action – for example, ticking a box which clearly says “I agree to my data being stored and processed” – must take place for unambiguous consent to be given. If, having left the boxed unticked, the customer is contacted, the company in question is acting illegally.

At any time, customers can check what information a business has on file on them and ask for it to be deleted. This must be done so immediately.

Do you use CCTV?

Yes, CCTV imagery counts as personal data under GDPR. You need to be able to justify your use of CCTV, and since data subjects are entitled to understand how their data is being processed, it’s a good idea to install signage indicating where CCTV is in use and how the customer can find out more. GDPR also dictates that you can only process data for as long as its purpose actively requires you to do so, and you need to protect stored footage with measures such as encryption (for digital footage) and locked premises (for physical footage).

Do you have a customer database?

This is a bit of a trick question. Almost every retailer has one, for sending out marketing materials, delivering repeat orders or managing loyalty schemes, for instance – or a mixture of all three. Such databases are full of personal information, and as such GDPR demands that you get positive consent (i.e. opt-in rather than opt-out) to add someone, and then protect said database properly.

Things get a bit more complicated when you start profiling customers, as in through a loyalty scheme or their online behaviour. If your profiling is deemed to have a ‘legal effect’ on the customer then, again, you need their active consent to do so (unless the profiling is essential for you to deliver your contract). ‘Legal effects’ are not defined and will be led by the regulator, so you need to be careful here. If you are using loyalty card data to tailor (and potentially restrict) deals to particular customers, then it is probably worth getting legal advice.

Do your suppliers have access to customer data?

One of the more difficult-to-manage aspects of GDPR is the way it travels up your supplier and partner chains. If any of your suppliers handle your customer data on your behalf – think delivery and logistics firms, or marketing companies – then they count as data processors. You still need a written agreement with them, but GDPR has made its content more prescriptive, covering elements like the security measures they have in place and their process in the event of a breach. If you haven’t already reviewed your existing arrangements with suppliers, then that should be an urgent task.

Do you plan on doing business with the EU?

Yes, as we are still in the European Union, this European-wide law applies without exception. Moreover, GDPR applies to any business that processes, stores or sends data belonging to any EU resident, so it’s worth bearing this in mind if your business has scope outside of the UK in future.

Do you have an EPoS system?

If you collect customer data at the electronic point-of-sale, whether as part of a marketing exercise, for aftersales care or for offering finance options, then you have a duty to explain exactly what you’re collecting and why. You need positive consent – that is an opt-in rather than opt-out – and you need to establish a process to follow if an EPoS terminal containing data is stolen.

We can help with this.

So…what are the positives?

GDPR is not all doom and gloom. It actually presents a number of key opportunities.

Although subscriber lists and marketing databases may have significantly dropped, those customers who remain are likely to be far more engaged and open to receiving information from your business. So, whereas you may have previously sent email marketing to longer lists, the likelihood is that conversion rates will now increase.

It also means that you can now be more personalised in your messaging and promotions to subscribers – leading to a higher quality of customer.

The GDPR landscape can seem overwhelming, but by looking at the different areas of your retail business in a logical way, you can break down its requirements and take a truly customer-centric approach to protecting personal data – which is, after all, what it’s all about.

How Consumer Finance Works: Here's everything you need to know about offering consumer finance - Download eBook Now

Share this idea

Share on Facebook Share on Twitter Share on Linkedin Share by Email

More ideas for you

6 ways offering point-of-sale finance can boost your sales

6 Ways Offering Point-of-Sale Finance Can Boost Your Sales

Learn more ›
A chip and pin device

How can offering financing increase sales on consumer electronics?

Learn more ›
Boiler Financing

How to offer boiler finance to your customers

Learn more ›
Wrapped Christmas gifts

How to offer finance options to customers at Christmas

Learn more ›
A brunette woman making a payment on her laptop

How to offer financing easily and boost Black Friday sales

Learn more ›
Garden area with chairs on artificial grass

Everything you need to know about offering outdoor living finance

Learn more ›
H20 Hot Tub

Everything you need to know about offering hot tub finance

Learn more ›
A tradesman wearing a tool belt

The Dos and Don’ts of Offering Finance as a Tradesperson

Learn more ›
Decorating materials in a blank room

How to Offer Finance to Home Improvement Customers

Learn more ›
A newly installed kitchen

What is Home Improvement Finance?

Learn more ›
A newly installed orange kitchen

The Benefits of Offering Home Improvement Finance to your Customers

Learn more ›
A mother and daughter packing for a holiday

What is the Consumer Buying Process?

Learn more ›
Office Workers

4 Consumer Finance Benefits for Business Owners

Learn more ›
Women opening online order

How to Improve Customer Experience Online

Learn more ›
Retail finance duriong covid

Consumer Buying Behaviour During Covid

Learn more ›
A brunette woman making a payment on her laptop

How to Get Customers to Spend More

Learn more ›
A brunette woman making a payment on her laptop

7 Ways to Increase Repeat Sales

Learn more ›
A couple being shown destinations by a travel agent

How do I get financing for my customers

Learn more ›

How to Retain Customers Online

Learn more ›
Shop assistant offering finance using a tablet

Finance for Customers of Small Businesses

Learn more ›
A brunette woman making a payment on her laptop

Can You Pay Off Finance Early?

Learn more ›
A woman holding a credit card over one eye

What affects your credit score?

Learn more ›
Dog lying on artificial grass

8 Most Common Questions about Pet Finance

Learn more ›
A stylish well lit living room

New Year, New Decor: Finance for Home Improvement in 2021

Learn more ›
Wrapped Christmas gifts

Duologi’s Top 10 Money-Saving Tips for Christmas

Learn more ›
A woman holding a credit card over one eye

Black Friday during a pandemic

Learn more ›
Consumer using laptop

The Secrets Behind Running an Ecommerce Business

Learn more ›
A piggy bank next to a toy shopping trolley

How We Offer Customer Finance

Learn more ›
Women opening online order

10 Ways to Increase Average Order Value

Learn more ›
Someone entering a pin number on a payment terminal

The Facts About Customer Financing

Learn more ›
A couple shaking an estate agents hand

Why Offer Credit Facilities to Your Customers?

Learn more ›
A woman holding a credit card over one eye

How to Start Offering Finance to Your Customers

Learn more ›

Coping with change

Learn more ›

The Benefits Of Offering Dental Finance

Learn more ›
A piggy bank on top of a calculator

The Value Of Offering Payment Plans For UK Customers

Learn more ›
A man paying with his card on a laptop

Why Responsible Lending Matters

Learn more ›
Shop assistant offering finance using a tablet

How to Offer Customer Financing in Your Business

Learn more ›
Businesswoman in showroom

What is Retail Finance & How Does it Work for Businesses?

Learn more ›
Patient getting dental treatment

The Benefits Of Offering Patient Finance

Learn more ›
Patients in waiting room

5 Tips to Attract More Patients to Your Practice

Learn more ›
PDS2 graphic

What is PSD2 And What Does It Mean For Online Retailers?

PSD2 is the Revised Payment Services Directive issued by the European Commission for innovation, improvement and internet payment safety. The first payment services directive, PSD1, was adopted in 2007, to establish the same set of rules on electronic and non-cash payments across the European Economic Area. The revised directive was adopted in 2015, and became applicable in January 2018.

Learn more ›
Abandoned cart

Refer rates and basket abandonments: how do yours stack up?

Basket abandonment. It’s a headache for online retailers and top of the to-do list for many digital marketers

Learn more ›
Security

Online fraud and how to fight it

Online fraud and how to fight it Trust is the foundation of any relationship – and the one between business and customer is no different. The customer must trust that the business is selling what it says it is – and the business must trust that the customer is who they say they are.

Learn more ›
Legal Sector

CCLs: The lowdown

If you’re offering credit to your customers via point of sale (POS) finance, then they’re something you need to think about. CCLs are issued by the Financial Conduct Authority (FCA) and are a crucial element in your overall business compliance. They also help to highlight your proactive and customer-centric approach

Learn more ›
Consumer using laptop

Multi-channel retail: What do your customers expect?

Multi-channel is the new normal for retailers.

Learn more ›
Stick with me lights

How to keep your customers coming back

Building customer loyalty is a key challenge for any retailer. Whilst targeting new customers is important to broaden your target market and increase conversion rates, rewarding current customers is essential to enhance customer experience and customer satisfaction. This is to ensure the come back to you in the future and not to your competitors. The question is – how?

Learn more ›
Handshake

How to sell finance

So you’ve decided to offer point of sale (POS) finance solutions to your customers. Great!

Learn more ›
Man and 0

The myths and opportunities of 0% finance

The appeal of 0% finance offers to end users is clear – it’s free. It offers a quick and easy way for them to purchase the high-value goods or services they want, without a hefty upfront cost.

Learn more ›
Coins in jar

Acceptance rates vs subsidy rates

Thinking of introducing point of sale (POS) finance? You’re probably interested in how much it is going to cost.

Learn more ›

grow and
succeed

Time to talk about you

  • Home
  • About Us
  • Get in Touch
  • How Financing Works
  • Retail Finance Blog
  • Thinking of switching
  • New to Finance?
  • Jobs
  • Faqs
  • Resources
  • Complaints
  • Privacy Policy
  • Terms of services
  • Oaktree Capital
  • Financial Conduct Authority (FCA)
  • Get in touch
  • Call icon0345 521 1881
  • Mail icon sales@duologi.com

Connect with Linkedin


Duologi


Duologi is a trading name of Specialist Lending Ltd which is a limited company registered in the UK under number 10664999 at the registered address The Square, Basing View, Basingstoke, England, RG21 4EB. Authorised and regulated by the Financial Conduct Authority. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

© Copyright 2023 · All Rights Reserved

Site by duologi Websites

We have placed cookies on your device to support a better browsing experience for you. By proceeding to use this website, you consent to the use of such cookies. You can find out further information about the Cookies used and what they are used for here Information and Settings.