Google Trends highlights that in the last year, searches for GDPR (General Data Protection Regulation) have gone from 0 to 100 on their scale of interest over time. It’s fair to say it’s a hot topic right now. When you log onto Twitter or LinkedIn, you’re sure to read about it there. There are all sorts of articles online (such as this article) trying to help people understand the change in regulation and what they need to do to be ready. However, what isn’t being discussed so much is what GDPR means for customer loyalty. It might also be worthwhile to check out the legalities of GDPR and reading up on how to stay compliant over on a page published by Sidley Austin or similar sites you’re able to find on the matter.

The fact that it isn’t is a little bit strange.

After all, GDPR is all about customers taking control of their data. And a customer signing up to a loyalty program is one of the most common ways for them to hand over their data to the merchant. Indeed, one of the major concerns for business owners is that from May 2018 when the regulation comes into force, they will have to get the customer’s permission (again) if they want to use their data in any way that the customer has not already explicitly approved. The implications of this for loyalty programs are very broad, and the penalties for non-compliance can be staggering.

Brands are right to be a bit worried. It’s no coincidence that there are so many articles out there cautioning businesses to “get ready”. The threat of significant penalties for non-compliance are very real. Not to mention the work that will need to go into assessing the gap to readiness and trying to close it in the next 5 months.

But is GDPR all bad news for merchants and travel suppliers?

Well, no. We don’t actually think it is. We believe that for a while now there’s been a disconnect between customer expectations of loyalty programs and what most brands provide. In general, expectations have risen in recent years due to convenience and immediacy of the smartphone and social media. Often, businesses struggle to offer a customer experience that matches up to the seamless interactions that are increasingly expected.

GDPR, though, offers brands an opportunity to do just that. If you have to go back to customers anyway and ask their permission to use their data in a GDPR-compliant manner, why not see that as the ideal time to make a profound change to your loyalty strategy and engagement tactics?

We think that by offering customers more opportunities to be rewarded for their loyalty as part of a wider loyalty coalition with other brands, businesses would benefit from the trust that would engender from the customer to the brand. And from May 2018, trusting a brand will mean trusting them to use data in only authorized ways. Post-GDPR, customers will really be the owners of their data. We think they’ll continue to be happy to share it with those brands that are offering genuine customer welfare. If you rely on third party suppliers, and you would like to make sure your data is protected, you may want to seek out third-party risk management software that could better protect your data from any possible breaches that might occur.

So, (very briefly) what exactly changes with GDPR?

GDPR is the next iteration of the 1995 Directive on Data Protection. The new regulation is based on common sense and helping protect legitimate personal privacy concerns, which have become more prevalent among consumers in recent years.

The biggest change is around permissions. GDPR clarifies the customer’s ownership over their own data and if companies want to use it, they’ll need the customer’s permission for every type of use.

This is particularly important for customer loyalty programs as it concerns every way the company wants to analyze the data, how they might want to communicate to the customer in the future, which data may be stored, etc. There are also implications for how long data can be/should be stored; and, there is a special category for Sensitive Personal Data (sexual orientation, religion, health records, political views, etc.). GDPR also affects non-digital information such as forms.

What GDPR means for customer loyalty - woman at her computer

What GDPR means for customer loyalty

If we turn our attention to what GDPR means for customer loyalty, we have to look at several facets. Firstly, there needs to be an assessment of the current level of compliance, followed by the development of action plans to resolve gaps between the current state and the required state for both systems and business practices. It’s likely that companies will have to retrofit or replace existing systems that lack necessary functionality. They’ll then have to develop a communications plan to explain changes to customers and to seek their approval. Getting the customer �s approval may require incentives – such as loyalty point bonuses.

The issue of permissions means customers will have to opt-in again in order for brands to use their data. For this reason, some commentators are now writing about the majority of customer data being obsolete come 25th of May next year.

Indeed, we would expect the rosters of loyalty program members to be cut by 30% to 50% as customers ignore requests to opt back in. Some members just won’t respond to the communications from brands.

Another worry around GDPR is the potential penalties for non-compliance. Companies will be exposed to much larger fines. These will realistically (in the short-term) probably only apply to those companies that are blatantly disregarding the regulation, but penalties could be as high as €20m per infringement or 4% of worldwide annual turnover – whichever is higher.

Why we think GDPR represents an opportunity

After explaining what GDPR means for customer loyalty in terms of permissions, potential penalties and adapting existing systems, you might be surprised to learn that we actually think the regulation represents an opportunity for brands.

That we do, is largely indicative of the current state of loyalty programs. For most merchants or travel suppliers, there are currently around 20% – 30% of customers that are frequent enough to participate in a typical loyalty program. The issue (or opportunity) is the other (roughly) 75%. For them, reaching rewards that engage them on an emotional level is difficult as they might not spend enough with a brand to earn sufficient points. They also encounter barriers and friction – that is at odds with the seamless, integrated customer experience that is now expected.

It’s for this reason that we predict that many customers might not bother responding to brand communications asking their permission to use their data again in a GDPR-compliant manner. After all, why would you go to the hassle of doing so if you didn’t feel like the brand really cared about you achieving your goals or rewarding you for your loyalty?

The opportunity is seeing GDPR as the perfect excuse to make a change. It’s much easier to make a change to your loyalty strategy if you already have to devise a communications strategy to reach out to existing customers and potentially retrofit your database.

Informing customers that they will soon be able to earn more popular loyalty currencies from the brand or have the opportunity to exchange currencies could be a very significant incentive to opt-in again.

What the change could look like

So what do we think a more engaging loyalty program could look like?

At Currency Alliance we’re convinced that in the coming years loyalty marketers will have to deliver greater liquidity and make it much easier for members to earn, redeem and exchange loyalty points.

We think that the best way to achieve this is by reducing barriers and complexity, and by creating more value by embracing collaboration across different companies.

A loyalty ecosystem like this could solve a variety of issues that customers currently have with loyalty programs. Increased liquidity would offer the customer more choice and a much more seamless experience in collecting points across a number of partners, which is much more closely aligned with what the modern consumer expects.

Another expectation these days is personalization. Yet brands often struggle to offer a personalized customer experience. The benefits of a wider loyalty network is that top-level customer data could be shared across partners with data from beyond your store, allowing for more personalized engagement.

Then there’s the freedom that such a system would offer the customer. Post-GDPR, sharing data with brands will be about trust. But this trust has to be reciprocal. If you show the customer that you’re happy to reward their loyalty beyond your store, perhaps for a more emotional, aspirational item or experience, then the customer will view your brand more favorably.

Furthermore, customers will be able to share their data with those brands that offer them the greatest value. They can then potentially share more personal information about their motivations than ever before, with obvious benefits for both the brand and the customer.

What GDPR means for customer loyalty - woman taking a picture of her coffee

GDPR will give your loyalty program a kick

GDPR will undoubtedly give your loyalty program a kick. It’s up to you whether this kick is a boost in engagement or a new burden to manage.

Brands have long talked about putting the customer first, but it doesn’t always work that way in practice. GDPR really does put the customer first by giving them the power to control how their data is used, and by whom. In the coming years customers are likely to become more aware of how their data is being used and are likely to only allow it to be used by those brands with whom they have a degree of trust.

What’s more, as we’ve mentioned, if a customer truly feels valued and respected by a brand, they could potentially share more valuable data than ever before, so long as they believe they’ll be rewarded in return.

At Currency Alliance we believe that trust and respect are pre-requisites on the journey toward customer loyalty. And what better way to begin that journey than by giving your customers the freedom and flexibility to be rewarded for their loyalty in a way that best suits them, and by providing them with more personalized offers.

The Currency Alliance platform is designed to facilitate transactions with any loyalty currency across any network of partners – the byproduct of which includes richer profiles about customers based on everywhere they shop – presuming we obtain the data in a fully-GDPR-compliant way. Talk to us about how this platform can help you to transform your loyalty program.