On May 25 of this year, the mandatory implementation of eEuropean Regulation on the Protection of Personal Data – General Data Protection Regulation or GDPRWith it, the way businesses and organizations interact with the public changes forever.
Rewards programs [loyalty programs] are a part of a brand's marketing that is directly and to the greatest extent affected.
What is GDPR?
GDPR refers to the European General Data Protection Regulation, a legal framework that sets clear limits on the collection and processing of personal data of individuals who are from, live, work or reside within the European Union (including the United Kingdom).
The five GDPR rules that affect loyalty schemes
- Definition of Personal Data: Any information that makes it possible to uniquely identify a specific subject is considered personal data, even if it is not their name or telephone number.
- Management License: Even if your customers have already given their consent to receive promotional material from you in some way, the way they were asked now matters. If the method you used is not compatible with GDPR guidelines, you should ask them again.
- Partners: If you collaborate with other businesses and jointly manage your customers' personal data, you must request your customers' explicit permission to do so.
- Communication: You need to be clear about consent and exactly how you will manage the data you collect after it. Small print and long entries in unclear language are not allowed.
- Revocation / Right to be Forgotten: Your customers retain the right to withdraw their data from your loyalty database, as well as permission for you to manage it. You must provide them with this option in the same way they initially gave their consent, and you have one month from the opt-out statement to comply with their wish.
The immediate consequences for reward programs
You need to review your database and your customers’ consents. Maintaining healthy databases is key to the success of a GDPR-compliant rewards scheme. They are also the gateway to building and maintaining partnerships with the biggest and best businesses.
The best way to renew your customers' consent is with a reward. When you ask them to do something for you, reward their action.
If you are collaborating with other businesses to manage your loyalty program, you must thoroughly review their databases and procedures.
Transparency in the management strategy you follow, combined with evidence of the security of the digital space where you keep the personal data you collect, is the key that will open the doors of consumer consent.
How does GDPR affect consumer loyalty programs?
In a first stage, an assessment of the current level of compliance must be made, followed by the development of action plans to resolve the gaps between the current state and the desired state – for both systems and business practices.
It is likely that you will need to upgrade or replace existing systems that lack the necessary functionality and/or that you will need to develop a communication plan to explain any changes to customers while updating their approval. Re-obtaining customer approval may require incentives, such as bonus loyalty points.
A widely held view is that the majority of customer data collected to date will be outdated and unfit for retention on May 25th.
Indeed, a “haircut” of the order of 30% to 50% is expected on loyalty program boards, as customers tend to ignore requests for new opt-ins. Some members simply won’t respond.
Another – and perhaps the biggest – concern surrounding GDPR is the potential penalties for non-compliance. Companies will be exposed to very high fines. Realistically, these are likely to only affect organisations that flagrantly ignore the regulation, but only in the short term. Penalties could be as high as €20m per breach or 41% of global annual turnover – whichever is higher, making a severe GDPR fine potentially devastating for a business.
Loyalty Club Cards
Physical membership cards in various loyalty clubs have been part of the consumer's everyday life for years, leading to the monitoring of their purchasing behavior and successive connections and reconnection with different addresses and stores.
Ahead of mandatory compliance in May, club administrators will be faced with a host of issues surrounding the amount and type of information held in these schemes’ records. Now, the prospect of a paperless, fully digital scheme is more visible than ever on the promotional horizon.
Has the end come?
Finally, has the end of loyalty programs come? The truth is the opposite! The Regulation introduces us to a new, more efficient era (and) for loyalty schemes.
Simply put, in the post-GDPR era, it's all about the trust a business inspires in its clientele.
The new era
So, how is an attractive – and therefore functional – loyalty scheme formed in the post-GDPR era?
Probably with higher exchange value reward points – points that are easier to acquire, liquidate or exchange by the end customer. An important factor in improving the performance of a loyalty scheme is also the support of paperless, digitalized operation, the removal of the complexity of operating rules and any obstacles to data management by the end user, but also the added value that partnerships with cooperating companies from other sectors of the Market will give to your points.
Modern "multi-faceted" reward systems pave the way for more and more effortless consents. A personalized experience is now expected by consumers even in loyalty environments, despite the Market's difficulty in this direction.
English 
Greek