With GDPR coming into effect in May 2018, the General Data Protection Regulation is going to have a profound impact on the way companies in the EU store and handle data.
For savvy websites that offer loans and insurance products, they need to adjust their marketing strategy and processes accordingly to be GDPR compliant and grow their business successfully. We discuss some of the main things that online finance companies can do to ‘tick the boxes.’
Prior to the GDPR launch date, website owners are required to send an email to their database and ask if customers would like to continue receiving their email newsletters. If users do not respond they will be automatically unsubscribed, which has been very well received by those looking to get rid of their pesky emails. The result however, is that many website owners will lose their databases pretty much overnight.
Moving forward, all websites, including loan and insurance providers, must have a clear opt-in for email marketing purposes and only send out newsletters to those that have accepted the terms. Whilst this has always been the case, the policing of this has always been pretty lenient.
Now, with GDPR coming in, those companies that continue to send marketing emails to people without opting in, can face much heavier fines than before. Previously fines were capped at 500,000 euros have increased to 20 million euros or equivalent to 4% of turnover.
Capture forms vs comparison tables
For online lead generators and broker sites, using data capture forms has increased risks from a GDPR perspective. A capture form is typically used to request a call-back or offer personal quote and usually requires a customer to fill in some basic details like name, email address and phone number.
To be GDPR compliant, there must be a clear tick box and the customer should have a clear understanding of what to expect once they fill in their details. A strong thank you page can reinforce what you are doing i.e ‘your enquiry will be now redirected to **this company**’ or ‘thank you for your details, you will now receive a phone call from our team.’
If your website uses comparison tables, this is a very simple way to be GDPR complaint because you are not taking in any data. This is the method of several websites such as Money.co.uk, Finance.co.uk and Payday Bad Credit.
It follows the GDPR philosophy because the website is not taking in any data and the customer knows exactly where they are going to. Once the customer has clicked on the lender or insurer of their choice, it is down to the provider to fulfil all the requirements above to be GDPR compliant.
If you are asking for customer details, whether through a contact form or application, there needs to be a clear tick box at the end. The box must not be ticked already, as the user must manually opt-in.
The purpose of the new regulation is that it needs to be clear to the user what you are going to do with their information. A visitor on your website should not simply fill in their details and be uncertain of the next step, they should have clear information on what to expect.
Storing of data
The EU reforms insists that all data held by finance companies should be held on servers in the EU. In addition, all data must be held in a secure environment and this can be reinforced through the purchasing of secure servers and adding an https protocol to the company website, if you have not already done so.