Bluechip_Logo

Public Relations Financial Services

Maximise your PR Partnership: 5 Tips for Successful Collaboration

Ah, the corporate dilemma – should we handle our public relations in-house or hire an agency? And... if we do hire an agency, how can we get the best results from that investment? ...

Public Relations Reputation Management Crisis Management

Introduction to Crisis Communication

In the rapidly evolving landscape of modern business, organisations face a multitude of challenges that can quickly escalate into full-blown crises. From product recalls and data b...

Insights.

 

GDPR – An Australian financial services marketer’s guide

Whether you’re a big bank, small fund manager, financial adviser or a fintech lending platform you can’t ignore the noise surrounding the General Data Protection Regulation (GDPR). But if you think that the GDPR is little more than EU regulations that won’t affect financial services businesses in Australia, I’m afraid you could be in for a surprise.

Here is one good reason to understand GDPR. Fines can range up to 4% of a firm’s annual global revenue, and the regulations are already in place but move from a directive to a regulation on 25 May 2018 with immediate enforceability.  

But why does a set of laws protecting the privacy of EU residents’ personal data have any impact on Aussie financial services businesses?

Let’s go back a step. 

What is it? 

The GDPR is a new set of laws aimed at enhancing the protection of EU residents’ personal data. It essentially replaces 27 previous laws to apply a one-size-fits-all approach the way businesses use customer data to ensure that they are transparent and secure.

Importantly the GDPR has far reaching implications as it applies not only to EU-based businesses, but also to any business that controls or processes data of EU residents. These EU residents now have more rights when it comes to how their data is used and stored.

Without getting too technical, there’s are some fundamental terms with which to familiarise yourself. 

To retain data you will need a ‘lawful basis of processing’. This essentially means that you have to have a legal reason for holding onto your customers’ data. This might be because your customer or client opted in and gave you ‘consent’, it might be because you hold a contract with your customer to provide a product or service or it may be because you can be sure they have a legitimate interest in the communication. As a business we all need to be able to track this for each and every individual customer because the onus of proof rests with your business. 

But it’s not as simple as securing consent and you live happily ever after with your customer's data. As a business you need to give your customer ‘notice’ of what they are opting into and you can’t use pre-checked boxes or include this as a condition on an unrelated form they have completed. Your business needs to spell out exactly how you will process and use the data.

Here’s an example. 

‘Our firm will contact you via marketing emails once every week’ or ‘We will call you to offer you services that we think you might find useful every six months’.     

You also need to tell your customer if you are using cookies to track them and they need to opt-in.

So you’ve got your consent, end of story, job done? Not exactly.

The GDPR also requires increased transparency around processing. Your customer needs to be able to withdraw their consent simply and easily.

They also have the right to ask to access their personal data at any stage, modify it if its incorrect and also, that you delete this data on their request. And this is not just opting the customer out of future correspondence. When you delete the data it is a virtual shredding of the customer’s contact from your database, including email tracking history, call records, form submissions and more. This is called the ‘right to be forgotten’.

Lastly the GDPR specifies a slew of data protection safeguards, ranging from encryption at rest and in transit to access controls to data pseudonymisation and anonymisation. Not sure what this means? Well it’s time to get technical with your people to find out!

So now we understand what GDPR is, should financial services marketers and broader business fear its introduction?

Not exactly, here’s some good news.

The introduction of GDPR should mean that when people are truly giving consent for you to use their data, they want a relationship and they trust you to use their data in a way that is to their advantage by supplying useful information. It also means noise and junk is being removed from the communication tools our customers use, giving you better cut through.

We already knew that being relevant, helpful and transparent wins us friends while being spammy, interruptive or aggressive will do your brand no favours. It’s time to check that those who do want to hear from you are getting what they want.   

When a customer asks what information you have about them and what they are have signed up for, you just need to make it easy to understand. Sounds perfectly reasonable and guaranteed, this transparency will breed trust.

Want to know what to do now? Our checklist has been developed to start you on your way to building quality relationships with your prospects, clients or investors.

New call-to-action
how to drive your fame agenda

Stay up
to date

Marketing insights you’ll want to read.

Sign up for our newsletter

Stay up
to date

Marketing insights you’ll want to read.

Sign up for our newsletter