GDPR compliance and customer service

Understanding GDPR, privacy and customer service is important for any business or organization. We would like to share 10 tips on how you stay GDPR compliant with your use of customer service software in social media, email, and chat.

10 tips on how to be GDPR compliant with customer service:

  1. Follow information requirements on quality and language
  2. Provide more information
  3. A secure option to opt-out
  4. Consumers expect privacy
  5. Do you need a Data Protection Officer?
  6. Customers have the right to be forgotten
  7. Collect a specified consent
  8. Access to personal data
  9. Cater to data portability
  10. GDPR changes marketing and communication

This article might give you some useful insight into how you comply with GDPR and customer service ticketing.

What is GDPR?

GDPR (The General Data Protection Regulation) is a regulation in EU law on data protection, providing instructions for data processing of EU-citizens. It came into force on 25th May 2018. Privacy, social media, and customer service are linked closely together. You need to be GDPR compliant with your ticketing software. Here is a short guide on how you can comply with your email- and social media customer service.

1. Follow information requirements on quality and language

Any entity handling and storing of privacy data is required to inform the person registered on how they handle their personal data. The information provided must be updated, brief, clear, concise, easy to understand and accessible to your customers. This is particularly important when there is information targeting or involving children. Children need to be able to understand what is written or communicated.

2. Provide more information

In order to comply with the GDPR regulations, companies need to prepare for granting access to more information than before May 2018. It is required to provide information on what kind of privacy information that is being handled, the legal basis for the handling, to whom the information can be submitted and for how long the information in question is being stored. You may find more information about what is required online with your local Data Protection Authority

3. A secure option to opt-out

Customers are to have the right to opt-out from any automated profiling, including anything from CRM and direct marketing to dynamic pricing. Hence, making companies more transparent on how they make use of customer data, making sure that the value created is balanced, in favour of the customer or the company. Data processing should be in a balanced interest for both parties.

4. Consumers expect privacy

Consumers using online services expect secure handling of privacy, in accordance with best practices. Trusted services will gain a competitive edge towards competitors who fail to comply with GDPR. We believe that consumers value their own privacy and that they will engage with services that honor their privacy concerns. Read more on how Socialboards can help your company gaining a privacy competitive edge here.

5. Do you need a Data Protection Officer

Appointing a dedicated Data Protection Officer is mandatory for any entity engaging in the following activities:

  • Public authority or body (except for any court acting in its judicial capacity)
  • Entities with any surveillance activity
  • Entities processing privacy information to a larger extent, or as a core part of their operations

A more detailed checklist on Data Protection Officer is also found on the Information Commissioner’s Office here.

6. Customers have the right to be forgotten

When a customer has chosen to leave your customer database, the customer may ask that you delete all their data. The technical implications of deleting complex data from several databases will affect systems dependent on such data for CRM, pricing and other core functionality. Also, from a marketing perspective, re-segmentation of previous customers will no longer be an option.

7. Collect a specified consent

When distributing newsletters or SMS to contacts, it is mandatory to have consent from every single recipient, stating an accept to be approached. The consent must be specific, informed, freely given and unambiguous indication of the data. Customers and individuals must accept receiving email and newsletters before you can automate anything. This process is called opt-in and is to be voluntarily accepted by the customer, without being decoyed with any special perks or any prerequisite to gain access to something else. It shall be stated in clear terms what the individual person is giving their consent to and making it as simple to opt-out as to opt-in. That way the consent is earned and being nurtured.

8. Access to personal data

Individuals have the right to request and receive a full log overall information collected about them, and how it is being used. The GDPR provides the option for the customer to transfer this information to other systems or entities. Hence, all personal data stored in or by your organization should be easy to access and prepared for such an access request.

9. Increased data portability

Customers may request a copy of any personal data stored, in a readable format. While we are still awaiting regulatory guidance on volume and formats (ie. API to CSV-file), this could drive competition. Customers will be able to grant competitors access to their personal data and thereby create new value propositions surrounding their own persona.

10. GDPR changes marketing and communication

Customers digital behavior has been stored and used for commercial purposes in the interest of companies. Digital traces left everyday is personal data of value to any advertiser. GDPR legislation is a game-changer on this playing field. Companies now have to collect data in a more secure way, informing the customers and making them aware of the fact that personal data is collected, and the purpose for data being stored.

We hope that you have picked up a few good tips on GDPR and customer service, and hopefully gained a better understanding of how privacy affects your daily support. 

Socialboards would like to support you in complying with the GDPR, social media and customer service in the best possible way. Please contact us for a free trial of our customer service software today.

PS! Have you checked out how to gather all your email, social media-messages, Google reviews, Chat and LinkedIn in one unified inbox? You might want to look further into Inbox Everything today.

Disclaimer: Socialboards are passionate about world-class customer service. This guide provides a simple overview of GDPR, privacy and customer service. Any questions regarding your business, market or country might not be covered and would need further investigation by a GDPR professional. Please seek legal advice to assure that your setup is tailored to your specific needs. You might find this guide helpful in the process. Socialboards do not take any responsibility for the actions you take to comply with GDPR based on this article.