With just a a month to go before the GDPR regulations kick in, now is a great time to get in touch with your customers and remind them what you are doing with their information and how it is stored.
Customers are far more aware than ever before of how their personal information is being used thanks to the current Facebook investigation. A reminder about security and your own business ethos on the handling of personal data never hurts, but what sort of things should you include?
Why you have their data
The first thing to include is why you have their data.
This doesn’t need to be a long essay but a quick reminder stating that you hold their information because they signed up for an account on your website, or they purchased goods or services from you.
Add on to this that you will only keep their personal information for as long as needed. If they only buy a product from you once then you should only be keeping that data for the process of that transaction (including lee way to account for any possible refunds or product warranties).
If they purchase an ongoing service then you are allowed to keep the data for longer but take this time to reassure customers however that they will not be signed up to any marketing unless they have specifically opted in to it.
Customers rights
Secondly, acknowledge your customer's rights.
It is a good idea to put in a link to your privacy policy and to remind customers that they have the right to see what data you hold on them. On top of this ensure that you highlight within your privacy policy that customers can make any changes they require and even exercise their 'right to be forgotten'.
Transparency on how customers can get in touch with you to view their data and request it to be removed is key. This process should be simple and straightforward, but don’t forget to verify its actually them before you go giving out information!
There is no need to fill the message with legal jargon - many customers will not fully understand it or will just gloss over it and may miss something important. Keep the language on brand but available to everyone. If someone fails to understand their rights it could come back to bite you and with heavy GDPR fines it is not worth any potential confusion.
Email newsletters
If you run an email newsletter, the above still applies. Send out a message reminding users how they signed up in the first place and again state what you will do with their information. E.g. you won’t share it with 3rd parties, and offer them the chance to unsubscribe.
Don’t be afraid if large numbers of your mailing list do unsubscribe though, it isn’t all about the numbers! If you find many people unsubscribing then you know that who stays on the list actually want to be there and wants to hear about your company. You will simply be focussing your efforts and resources which is always good news.
Another bonus is that on some email platforms this may take you to the next price band down so it could save you money as well!
Sending out a reminder like this reassures your customers that you care about them and take the security of their information seriously. Be open and honest with your customers and they will appreciate it.
For tips on how to make your website GDPR compliant tips check out our blog post.
Published: 25th Apr 2018