On 25th May, the European General Data Protection Regulation (GDPR) will come into effect across the European Union. It is built around two core principles: one, giving people more control of their personal data, and two, simplifying regulations for international businesses that operate in the EU.
The weight of complying with such a huge regulation (50,000 words and 88 pages!) can bear heavy on small and medium-sized businesses. Googling the subject can be alarming: phrases like ‘killing off’ and ‘suffocating’ give off a certain Doomsday vibe. However, despite the little extra legwork required, you shouldn’t fear GDPR. In fact, framed in the right way, it can be an opportunity.
A timely report from IBM’s Institute for Business Value revealed that nearly 60 percent of organisations are embracing GDPR as an opportunity to improve privacy and data management. The report – which surveyed 1,500 business leaders responsible for GDPR compliance – also found that 84% of respondents believe following the new rules set out will be seen as a positive differentiator to the public.
In light of all this, we spoke with a few business owners and GDPR enthusiasts about how businesses can benefit from the new directive.
What does GDPR mean for small and medium-sized businesses?
Damian Mark Smyth, Rethinking Business: “At its most basic, GDPR is about trust, common sense and doing the right things in the right way.
It is less about regulation and more about reputation and deepening digital trust.
This means that it’s an opportunity and not an obstacle for small and medium-sized businesses.”
Den Golotyuk, Founder & DPO, IO Technologies: “I can say that GDPR is a good thing for companies of all sсales. GDPR appeared because we’re living in a world overbrimming with data. It’s getting harder to keep it safe, especially critical private data. Most companies deal with customers’ private data, and GDPR is here to help.
“I don’t think that GDPR is something bad for SMEs. After all, it’s much easier for a small company to be compliant than a big one. As GDPR is a requirement, it does mean that small and medium-sized businesses will have to make a one-time effort to upgrade their technologies and processes. It might take time, but businesses will get value for a lifetime. Will it require investment? Yes. Will it require effort? Sure. GDPR is complicated but complying will lead to clear and durable benefits.”
Why is it important for SMEs to comply?
Den Golotyuk: “The first fully GDPR compliant companies will get benefits from a customer perspective. They will hold greater credibility as long-term partners. It’s most important for businesses that operate with highly sensitive data. Being compliant means being reliable and secure for customers. That’s where the benefits are.”
Lindsay McEwan, VP and Managing Director EMEA, Tealium: “Businesses that demonstrate responsible data collection and governance could be at the forefront of a very competitive landscape. GDPR is not something that should be feared–especially if the steps as recommended by the ICO are followed–but should be seen as an opportunity to build relationships with customers based on trust and transparency.
Fines for non-compliance are too high and benefits of compliance are too great for the businesses to ignore the regulation.
If done right, companies can expect to see greater customer retention rates from more audience-driven marketing and higher brand satisfaction.”
Is there a business opportunity within GDPR?
Danny Bluestone, Founder & CEO, Cyber-Duck: “For many businesses, there’s a lot of worry about GDPR because they see it as a restrictive piece of legislation. At Cyber-Duck we believe it is, in fact, a chance to revolutionise business through user-centred design.
This is because GDPR is an inherently user-centric law. For instance, businesses may now find it more difficult to sign up and market to users due to opt-in and granular consent, but opportunities lie in overcoming this. Persuasive design, content and transparent practices can encourage users to want to receive your marketing material, and help your business to be seen as ethical.
GDPR is a chance to reassess practices in order to create better user experiences that will drive growth.
If we all look at it that way, it is surely a good thing.”
Julia Langkraehr, Founder, Bold Clarity: “GDPR is an opportunity to shift the focus from marketing to sales. People don’t buy from newsletters, they buy from people. GDPR is an opportunity for SMEs to focus on building relationships and their network, developing their relationship capital, and serving the needs of their prospects.”
Clare Griffin, Head of Operations, JournoLink: “GDPR should be seen as a business and customer opportunity. It can only be a good thing to ensure that we all manage data responsibly and give customers the comfort of knowing that their data is secure. GDPR does not have to be something that holds businesses back or indeed change how they work. If the processing of your data is done for legitimate business reasons and forms part of your day-to-day operations, then you will be allowed to continue to do so.”
Seizing the opportunity of GDPR
So, despite sounding like a intergalactic super-villain, GDPR can – and should – be seen as an opportunity. Particularly in light of recent data scandals, the Directive is an incentive for companies to start handling sensitive customer information in the most transparent and open way possible. Businesses can also use it as an opportunity to stand out for the competition: rethink web design and make privacy policies front and centre. From 25th May, the most transparent companies will be the most trusted companies.
For tips from Damian and RethinkingBusiness on how UK small businesses can use GDPR as an opportunity, download their free one-page guide ‘Turning the Mystical into the Magical for Entrepreneurs’, here .
Originally published May 18 2018 , updated February 24 2020
