1. Business Transformation

“The GDPR is a watershed moment for companies to make data protection a core brand value. People expect companies to be a trusted custodian of their personal data and are increasingly looking at the way a company treats their personal data as a brand differentiator. GDPR is a positive change and one businesses must embrace by placing respect for privacy at the heart of their brand proposition.”

2. Respecting privacy is central to the future of customer relationships

“We believe our community should use the GDPR as a catalyst to transform their businesses into human-centric ones, building trusted, authentic and transparent relationships with their customers. Transparency means telling your customer how you are going to use their data and what benefits they will get.”

3. Accountability is a core principle

“The GDPR asks companies to be accountable for their own decisions on how they collect and use personal data. Companies need to be clear about why they need the data, what they are going to use it for, how they are going to keep it secure and the legal basis they are using to process the data. 

4. Accountability applies to everyone in an organisation

“The company is responsible for what it does with its customers’ data and has to consider the customers’ right to privacy when developing new products, services or marketing campaigns. The notion of Privacy by Design and tools such as Privacy Impact Assessments should become standard business processes

5. Accountability goes right to the top

“Accountability should be driven at board level – it’s not just an issue for the lawyers. Ensuring an organisation builds a culture of accountability, transparency and trust is the responsibility of the CEO working closely with the data protection officer.

A data protection officer will be required by law for any company that works with significant amounts of personal data. They also have to be independent and report to the highest level within the organisation.

6. Training is vital

“It is important people working within companies are trained as to what their responsibilities are. Companies need to know and understand what data they collect and hold on customers through data audits. All employees need to be aware of the obligations around data security and the need to consider customer right to privacy when making business and marketing decisions.

7. Privacy should be baked in to every product from the beginning

“Each company needs to make its own assessment and take privacy into account when developing products and services. Incorporate ‘privacy by design’ principles and ensuring that training around data privacy goes beyond those employees in the legal and compliance teams. It is everyone’s responsibility.”

8. Customers expect to benefit when they share their data

“Transparency means telling the customer what you are going to do with their data and the benefits they get in return, such as offers or news of relevant products and services. We know from our research on consumer attitudes to privacy that customers like proposals that are tailored to their needs.

9. If trust is lost, all is lost

“It is necessary to build trust in the digital economy, because if we get to the point where consumers don’t trust transacting on e-commerce and other ways because they don’t trust companies to keep their data secure or think they are going to do things with it they don’t like then the whole data economy collapses and this is the foundation of the modern economy.”

10. Build a secure foundation for the future

“Being open, honest and transparent about what you are going to do with your customers data is good for loyal, sustainable customer relationships.

We are moving into an era that is going to be driven by augmented intelligence, when you are using appliances that can order things on your behalf such as Amazon Alexa, Apple’s Siri and so on. Meaning there are a huge number of new products and services that will be data-driven. When those services are designed and developed they need to bear in mind the customers’ right to privacy and not take it for granted that they want to do all the things that will be possible with the sharing of data, especially when it comes to data being shared from one company to another.”


Learn more

A DMA membership will grow your business. Our network of more than 1,000 UK companies connect at regular events nationwide.

DMA members benefit from free legal advice, political lobbying and best practice research into marketing creativity, technology, innovation and data.

We lead the marketing industry in preparing for the GDPR in May 2018, and our members grow their skills with the latest training portfolios from the IDM.

To find out more contact membership@dma.org.uk.

Website: www.dma.org.uk/gdpr