GDPR and merchant loyalty cards

Research shows that every Czech carries an average of 6 loyalty cards in their wallet. How will GDPR deal with this?


The General Data Protection Regulation (GDPR), which will come into force on 25 May 2018, will affect all individuals, businesses and online services handling the personal and sensitive data of their clients and employees. GDPR will also significantly affect merchants offering loyalty cards, as these are the ones that have huge databases full of personal data.

Research shows that every Czech carries an average of around 6 loyalty cards in their wallet, with 1.6 percent of "discount hunters" carrying even more than 20. Only five percent of people have none.

Loyalty programs are used by dozens of merchants. Companies will have to re-inform clients about the data they collect on them. In addition, they will have to re-apply for permission to continue working with the data. Asking customers for permission is already necessary today, but the new regulation will make data protection much more stringent and stringent. The GDPR places greater demands on consent for data processing. The customer must give consent freely and it must be unambiguous to the customer. You must verify that you are obtaining consent to process personal data in accordance with the GDPR, it must be specific, informed, unambiguous and unconditional.

Most marketers are still finding their feet on GDPR. Even the giants with several million loyalty program members are unclear. GDPR is in the process of familiarization and early preparations. Preparations and analysis are underway in many companies. However, time is running out and there is no time to wait as the process of preparing and implementing the measures is challenging.

The whole issue of GDPR is challenging. Not only do companies have to re-apply for consent, but loyalty card providers will have to appoint a data protection officer, which carries additional financial costs. However, the GDPR issue is so complicated and requires a professional approach and knowledge of the legal environment, so there is no choice but to invest in a new position.

Will marketers lose clients?
Given that many customers carry loyalty cards in their wallet but do not use them, it is quite possible that for these inactive ones, merchants will not get approval to work with the data again. Loyalty card holders may choose not to give consent again or may not pursue the matter at all and ignore the request. According to the statistics, the most interesting group of clients for merchants will be those with incomes above CZK 30,000 per month, as this group owns more than seven loyalty cards, five of which are actively used. A large part of this mobile group of clients is likely to stay. It is questionable whether it is even important to keep the personal data of clients who do not use loyalty programs, and perhaps it is this attrition that can have detoxifying effects on your database.

The truth is that most merchants are not yet compliant with the new requirements and will therefore have to work hard to avoid unnecessary hardship. If they do not comply with the terms of the new data protection regulation, they face hefty penalties of up to €20 million or four per cent of annual turnover, whichever is higher.

Find a partner as soon as possible to help you prepare and implement GDPR requirements seamlessly. At Railsformers, we address this issue and offer not only assistance with preparation, but also the services of Data Protection Officers. Contact us.

Source: https://ekonomika.idnes.cz