The impact of the new data protection law for loyalty cards

The impact of the new data protection law for loyalty cards

The new data protection law comes into force in May and there are many changes that companies will have to adapt. A very important area today is the loyalty cards, used by a large number of commercial establishments and aims to collect as many customer data as possible, in order to draw up a marketing strategy. In today’s article, we will address the impact of the new data protection law for loyalty cards!

How do loyalty cards work?

Loyalty cards store valuable information about your shopping habits. In exchange for special discounts and giveaways, brands can get the most important information about you: what you buy, where you buy, how you pay and why you buy! The information that loyalty cards collect will influence everything: the position of the products on the tables, the trends, the promotions of the week, among many other things.

Loyalty cards and personal data

Membership in a loyalty card is very fast and basic personal data such as name, address, date of birth, sex, telephone contact and email are requested. From the moment the person accepts to create the card, all purchase details are recorded and included in a giant database containing information about all customers on the retail surface. Data processing is done mostly by external consultants who are dedicated to processing the millions of data they collect daily. Next, a profile is drawn which characterizes the detail of the persons holding the card.

The impact of RGPD on loyalty cards

If you had previously completed a form to join the loyalty card, with the new data protection law, the level of demand will be higher. If the marketing department of the brand wishes to send frequent communications to cardholders, it is necessary to specify very clearly the purpose of the communication and it is necessary to ensure that there is explicit and unambiguous consent from the consumer. Without this consent, as of May 25 personal e-mails cannot be used for marketing campaigns.

Companies must have citizens’ data in a format that allows easy portability. For example, if a citizen wants to transfer their data from supermarket A to supermarket B, supermarket A must be able to give that data to the citizen in an easy format to be transferred to another entity.

Another thing that changes with the new GDPR is the fact that consumers may require a complete copy of the company’s information about them, as well as the origin of that data. Retailers who have loyalty programs should be concerned with creating a form for this type of order, as there is a deadline for responding to the consumer’s request. If this deadline is not fulfilled, the company can be fined and it is to remember that the fines that this new regulation contemplates are quite heavy! The penalties of the new legislation can reach 20 million or even more: up to 4% of the company’s annual turnover worldwide, which in a large company can represent hundreds of millions of euros of loss!

About the author

Marketing administrator

Leave a Reply