By Scott Logie, MD, Insight at REaD Group
Working as I do in the data marketing sector, I am probably more sensitive to how my data is being used than most. As an industry we very proudly boast about how marketing used to be mass market and big creative idea led but it has evolved over the last 20 years to being content and data led. Indeed, we wear GDPR as a badge of honour that the use of personal data is now so high profile that new laws are needed to ensure that it is not misused or abused.
Also being from the industry I see, and also share, lots of case studies of how data is being used to create personal content, drive individual level communications or build real-time offers based on clicks, views and likes. But in reality, how much of this is smoke and mirrors? How much do consumers feel that they are receiving highly relevant communications and offers? How close are we really getting to one-to-one marketing?
There is a slide in a deck that I use a lot that states that the benefits to brands of getting the right balance on personalisation are very powerful with return on investment 30% higher for companies who use data and analytics to personalise their marketing and customer engagement (source: SAS and Forrester Research).
So there is a compelling business case yet, as a consumer, how often am I impressed by the marketing communications that I get? Honestly, not very often at all. What I get through the post is generally identical for me and my wife, often from the same company on the same day. My inbox is jam packed full of emails which are clearly sent out to everyone on a database but, hey, sometimes they have my name on them so it’s personalised, right? And on-line I’m pretty sure I see the same ads all the time and when I browse youtube or watch All4 I see the same ads as everyone else does.
We are creating a promise to build engaging, tailored, personalised content based on real-time data but we are not living up to that promise.
Other research I have seen has shown that only 25% of companies reckon their marketing could be described as personalised with around a third of marketing using some form of segmentation. Segmentation feels like a dirty word these days. It is often derided by many people. Why would you use segmentation when you can get to real personalised content by analysing clicks and likes? Why use a broad brush approach that classifies people into a number of groups when everyone can feel like an individual?
My response would be this – at least a segmentation can help to bridge the gap between mass marketing and one-to-one engagement. Call it practice. If we can tailor content, emails, adverts to a few segments then over time that can become automated and refined to get towards the personalisation utopia.
In many cases it isn’t even as if the segmentation doesn’t exist. I see a lot of instances, sadly, of segmentation work being done but the next step of tailoring comms and starting to move towards a more personalised customer experience just never happens. As a data analyst this makes me very sad indeed. Maybe we are not being forceful enough in showing the value of implementation, of helping achieve that 30% uplift in ROI.
The longest journey starts with a single step. My feeling is that many organisations are fearful of taking that first step. There is a lot of procrastination – it will take a lot of effort, it should be perfect when we go live, let’s test and see what level of difference it makes. Status Quo is the easy outcome, things are not too bad just now so let’s leave them as they are.
However, by not even trying to make a change we are letting the data down, we are wasting investment, we are letting the hard work by the analysts in creating the segmentation go to waste as well as the marketers who instigated the work.
But much much more importantly, we are letting our end customers down. The next time a decision is made, or more likely, not made, to defer the implementation of a more personalised approach think about this: Would my customers be impressed by the current emails I send them? Or the mail they get through the post from me? Or the ads they see on-line? Would they feel it was delivered just to them because I know them so well? If not then what’s the risk of taking that first step?
Want to know more about how to effectively engage with your customers? Contact us today
Direct Mail can be used under the basis of Legitimate Interest under GDPR (or put another way, does not require Consent).
Yes you can! We’ve had it from the only authority that counts in the UK – The Information Commissioners Office (ICO) – who recently provided some much needed clarity on the use of Legitimate Interest for marketing, confirming on their website that states “you can rely on legitimate interests for marketing activities if you can show how you use people’s data is proportionate, has a minimal privacy impact, and people would not be surprised or likely to object.” Great to have some clear guidance and a green light for responsible, consumer centric direct mailing.
Using Legitimate Interest in practice requires the application of a good dose of…common sense!
OK so the ICO call it a Legitimate Interest Assessment (LIA) – but essentially what they are looking for is the application of the main principles of the GDPR – openness, honesty and transparency – supported by evidence that you have carefully considered the impact on an individual and made an informed and fair judgement that your interests and the interests of the individual are balanced.
Executed well, Direct mail is proven to be an incredibly effective channel for response rates and engagement.
Put simply – it works! Great Direct Mail will deliver great results. It can grab more attention, engage and help to create closer relationships and generate more responses.
Recent research by Brand Science confirmed “when mail was included in the marketing mix, campaigns had 12% bigger ROI than those without mail.” Impressive!
Anecdotally, one of our clients recently reported a consistently high ROI and an average of 1000+ new customers/month from Direct Mail.
AND consumers like it! And we’ve got some stats to prove it….
Respondents to MarketReach research confirmed that mail is more believable (87%), makes them feel more valued (70%) and creates a better impression of a company (70%).
Choosing the right partner will make all the difference!
Choose a partner you can trust. At REaD Group we have been helping businesses of all shapes and sizes get great results from Direct Mail for more years than we care to remember – and with the advent of GDPR our services have become even more important and relevant to our clients (from optimising data selections and data quality to campaign reporting and analysis). We’re a safe pair of hands.
Sounds good, right? So what to do next?
Contact our knowledgeable and friendly team who can talk you through how we can best support your marketing strategy and help you thrive through GDPR and beyond.
By Andy Bridges, Data Quality and Governance Manager at REaD Group
The Gemalto Breach Level Index (BLI) recently published some rather concerning findings – more data records were leaked or stolen in the first half of 2017 than in the whole of 2016. An even greater cause for concern, and perhaps somewhat surprising, the report also revealed that the most common cause for data breaches was accidental loss and data being inadvertently left exposed.
While attacks by cyber criminals make for more compelling reading, more attention needs to be brought to internal threats such as accidental loss and other acts of negligence. If nothing else, the BSI report highlights that UK data security culture is in serious need of an overhaul. So how exactly can businesses better protect themselves?
However much we like to believe that information breaches are largely the result of strategically orchestrated attacks by criminal masterminds, the truth is generally far less dramatic. They are frequently the result of human error, such as misplacing hard drives, bad password management, careless file sharing or lack of vigilance to the increasingly prevalent phishing emails. All can be easily prevented.
More than anything, businesses must incorporate information security into office culture – protecting information is no longer the sole responsibility of IT and compliance departments; data security is a companywide responsibility.
As a first step, staff should be trained on a regular basis to ensure that everyone understands best practice in the workplace. The HR policy should also be altered to reflect the fact that responsibility doesn’t lie solely with IT to instigate better behaviour.
Additionally, employees should be on the lookout for potential threats to information security, such as leaving computer screens unlocked and leaving confidential paperwork unattended, and should be encouraged to self-police. Implementing a clean desk policy is a good first step towards safeguarding confidential information.
In order to better protect an information estate, companies need to understand what information they have. As well as ensuring that data is clean, viable and that all relevant permissions and consent are held for the data, companies must also ensure that the appropriate data protection and information security practices are in place. It states in Recital (100) of the GDPR that:
‘In order to enhance transparency and compliance with this Regulation, the establishment of certification mechanisms and data protection seals and marks should be encouraged, allowing data subjects to quickly assess the level of data protection of relevant products and services.’
It is not currently compulsory to report a data breach, but once GDPR comes into force next year, all companies must report a data breach to the Information Commissioner’s office within 72 hours. In addition to risking a hefty fine, companies will also stand to incur the longer-standing loss to their reputation.
With this in mind, it seems highly probable that we will see an increase in breach reports – most likely not due to an increase in breaches, but because companies will have much more incentive to be transparent and open about such occurrences.
Overall, GDPR presents a great opportunity for UK businesses to step up their data protection strategies and better protect themselves against data breaches. The new regulation stipulates that companies will have to be much more rigorous in their approach to collecting, storing and using customer data – which should correspondingly see a vast reduction in accidental loss. Inevitably, this increased transparency will result in a more trusting and loyal consumer.
It is now less than 6 months until GDPR is introduced, and the more earnest businesses are to prepare and implement the necessary data protection strategies, the sooner we will see a significant reduction in the number of data breaches.
By Scott Logie, MD, Insight at REaD Group
In the ongoing race to maximise compliance and pip GDPR to that ever-encroaching finish line, the whispers and concerns over its implications continue to reach fever-pitch.
Earlier this year, the Information Commissioner’s Office (ICO) made an example of the Exeter-based airline Flybe by enforcing a sizeable £70,000 fine. The airline incurred this by sending millions of marketing emails to customers who did not wish to receive them; the ICO have made it very clear that when it comes to consent infringements – they’re taking no prisoners. ICO head of enforcement, Steve Eckersley stated that Flybe “deliberately contacted people who have already opted out of emails from them” by asking if they wanted to update their preferences, which he stressed is still a form of marketing.
It is therefore hardly surprising that many travel companies have begun to feel apprehensive about their ability to communicate with their customers come the day of GDPR reckoning (May 2018). With fines such as the one sustained by Flybe becoming more prevalent, this only emphasizes the necessity for companies to obtain consent from consumers. Consent essentially entails an individual providing approval for the processing of their personal information. The bottom line is that travel companies, and indeed all businesses alike, will have to be far more transparent if they hope to avoid harsh sanctions from an unforgiving ICO.
Initial guidance provided by the ICO suggests that a pre-ticked opt-in box will no longer constitute legally attaining permission. In lieu of this, unequivocal and unambiguous consent must be attained through active opt-in protocols; the box must be empty to begin with. Moreover, comprehensive details of how this data will be used must be provided. Contrary to the current system, consent requests must under no circumstances be hidden in the Narnia of terms and conditions or be a precondition of subscribing.
Admittedly, marketing strategies may require a bit of adjustment, but in the long run these new regulations should be seen as a positive change for both customers and operators alike. While it may ultimately result in a shrinkage in the size of marketing databases, the overall quality and saturation of amenable and valued customers within them shall undoubtedly increase. Those who have willingly shared their personal information will prove more beneficial to marketers than those who have been duped into giving permission. Consumers are more than happy to part with their details as long as they perceive that they are receiving a tailored and personal service in exchange. With regard to Travel companies, details on a customer’s budget, lifestyle and favourite destination can be used to provide the kind of customer service that consumers have come to expect.
On the other hand, it seems likely that smaller companies and those that have already fallen under the ICO cosh may struggle somewhat more than household names to convince consumers to part with their personal data. Nonetheless, there are certain measures that all travel operators, irrespective of size or reputation, can implement to limit any negative effects of GDPR.
The most effective course of action might be to devise highly targeted marketing campaigns that demonstrate to consumers the benefit of consenting. Personal offers and relevant streams of contact can be instigated once Travel companies have segmented their customer database into smaller groups based on factors such as interests, favourite destination and budget. How soon should you do this? The sooner the better; GDPR waits for no man.
Once the swirling dust and initial shock of GDPR has settled, companies should find that they are left with a more succinct database consisting of receptive customers. Which, truth be told, is an infinitely better prospect than a larger spread of individuals who weren’t aware that they had consented in the first place. By conducting these highly targeted campaigns, travel operators can seize the opportunity to demonstrate the value exchange in sharing information and strengthen relationships with their existing customers before GDPR’s implementation. This may seem like an extreme alteration in approach, but travel companies should find that if they navigate these unchartered waters effectively – treasures and bounty await.