GDPR a Year On: 5 Lessons Learned.

Joe O'Reilly
Author: Joe OReilly
IT & Security Manager

25 May 2018. It was a day etched in our brains – GDPR Day. A year has now passed, and there have been some surprising effects on how companies approach marketing, service and overall customer experience.

Here are 5 GDPR-related lessons we at Engage Hub have learned over the past 12 months.

1. Consumers are actively championing their rights under GDPR

Initially, GDPR was a bit annoying for consumers – their inboxes were inundated with opt-in requests. But thanks to the legislation, consumers have become aware of their rights, and have been exercising them. In the 5 weeks after 25 May 2018, the Information Commissioner’s Office recorded 6,281 complaints, more than twice as many as were reported over the same period last year.

The ICO also reported that approximately 50% of the complaints they received this year related to the way companies handled subject access requests. Under GDPR, individuals have a right to access personal data an organisation holds, and the take-up is a clear sign of wider consciousness about how personal data is being used.

2. Transparency has been a big benefit

Under GDPR, companies have to report data breaches within 72 hours. The ICO estimates that there were 36,000 reported data breaches in 2019 (pre-GDPR levels ranged from 18,000 to 20,000 per year).

Breach information is valuable for consumers because they’re better able to make informed choices and protect themselves. The flip side is that when customers do give their consent, it’s a greater sign of trust, which means they’re actually more engaged with your brand.

The transparency is also valuable for companies and product developers, who can learn from aggregated information and refine their approach accordingly.

3. Companies are being more thoughtful in their marketing

GDPR-driven clarity around consent, opt-ins and opt-outs have forced companies to market more intelligently.

According to email distribution platform Campaign Monitor, 60% of organisations saw less than a 10% change in their list size, and nearly 20% saw no change. In other words, GDPR hasn’t been the email marketing Armageddon the doomsayers predicted.

Instead, it’s become an opportunity to purge lists of unengaged addresses, which were affecting campaign effectiveness. As a result, overall list quality has gone up, which has had a positive effect on open and click-through rates. And companies are now better able to use analytics to continuously improve.

4. Technology is simplifying ongoing GDPR compliance

Yes, getting compliant for 25 May 2018 took time and effort. But companies that implemented the right technology and processes are finding that compliance generally takes care of itself.

The mechanisms for obtaining consent are built into campaigns, and strategies have adapted based on new types of customer segmentation. The software ensures data is stored appropriately and people are only contacted in accordance with their preferences.

GDPR has therefore created a new awareness within companies, but it’s not generally creating big process headaches day to day.

5. GDPR is driving the transition to a more customer-centric organisation

The lessons above point to the fact that companies are generally becoming more customer-centric. In marketing, service, operations, product development – there’s a greater focus on designing around what consumers want.

As a result, 51% of organisations are now ranking customer experience as a top objective, above net profit and revenue growth. The trends were there before GDPR, but the legislation has helped cement them.

Learn more about how organisations are transforming their customer experience post-GDPR.

Joe O'Reilly
About the author: Joe OReilly

Joe has 20 years' experience helping companies worldwide deploy technology that boosts profitability and efficiency, and is expert at ensuring it's configured to meet business needs. As Engage Hub's IT and Security Manager, he is GDPR certified and safeguarder-in-chief of valuable data assets - both for us and our customers.