This series by the team at Sentinel examines the rationale and benefits of building a culture of privacy in your organization by highlighting five organizational drivers that, in combination, can result in lasting change. In this fifth article, we’ll provide a look at how putting your customers at the center of your privacy decisions can help you reach your organizational goals, plus some ideas on how to do it.

When we talk about creating a culture of privacy, what does it mean? In simple words, you may think of this as going beyond compliance and really meeting your customers' expectations. Undoubtedly, a strong and loyal customer base is an invaluable asset for every business. In today's world, it is extremely important for businesses not only to create a positive experience for their customers by maximizing their products and services, but also to build trusted relationships that create customer stickiness and lasting loyalty. If your customers trust you, one would not hesitate to say, half of the battle to create and maintain loyalty is won.

Managing customer expectations 

Today, customer expectations and preferences are changing at a much faster pace than ever — certainly a lot faster than lawmakers can keep up with — and at times they can be unpredictable. With the widespread adoption of e-commerce and data privacy making headlines around the world, consumers are better informed and expect a better experience out of the products and services they use.

Because of this, customer feedback and expectations should be treated as leading indicators for the effectiveness of a privacy program. We should look at customer complaints as critical feedback on our data-handling practices and an opportunity to self-reflect and see if there are areas that could be more transparent, better explained or otherwise improved. Having strategies in place to respond and adapt to this feedback is essential to effectively managing and meeting changing customer expectations.

When a customer provides their data to a company, it comes with some basic expectations, many of which you’ll find included in comprehensive data protection legislation, but can also be looked at from a different customer-centric perspective. Some of these include:

• Use my data responsibly and only for the reasons I gave it to you: Use the data only for the purpose it is collected. Companies should be clear in their user-privacy notice or just-in-time notice about how they will use customer data, but these uses also shouldn’t come as a surprise to the customer.
• Protect my data: Store the information securely. It’s important not only to have security controls in place to protect it at rest, but also to restrict access to only those people who need to process it in line with the purpose it was collected. 
• Don't unnecessarily share my data: Disclose data with third parties only as per the customer's expectations to provide the service to the user for which the user provided the information. Additionally, the business needs to have proper contracts with all third parties ensuring they handle data shared with them in line with the promise made to the user. 
• You don't need it, so why keep it? Delete the data once it's no longer needed for the purpose it was collected for. You can’t lose or expose data that you don’t have, so get rid of it — for the sake of your customers and your business!

But customers expect more … and isn’t that reasonable?

Often, customer expectations go over and beyond the legal obligations of any company and are significantly more dynamic and varied. Being responsive to customer feedback regarding data-handling practices is equally as important for business success as complying with legal obligations. Treating these with equal importance serves as a strong foundation for building brand trust, customer loyalty and competitive advantage. Some of the expectations that a "reasonable" customer is likely to have include: 

• Listen to me: Having appropriate communication channels, seamless channel transitions, reasonable response time and follow-ups go a long way to demonstrate that you care.
• Connect me to a specialist: Having trained customer service personnel on privacy not only helps with resolving customer queries, educating customers and avoiding escalations, but also increasing customer satisfaction.
• Treat me as equal: Not all jurisdictions grant privacy rights to individuals. But by respecting their requests, even though you may not have a legal obligation to do so, and treating them as equals, you can win their loyalty.
• Be transparent with me: Providing clear and precise information on data collection and processing activities to your customers not only demonstrates business integrity but also breeds customer trust.
• Give me easy ways to exercise my rights and requests: Considering the ease, convenience and expectations of the users while designing products, services and experiences to exercise privacy rights and submit requests, cultivates greater customer confidence in the company values.
• Give me the right impression: Ensuring the impression a user gets based on the user experience design of your product or service is in line with back-end reality is key to building customer loyalty. Creating the impression you’re doing the right thing is meaningless if you’re not doing the right thing. Make sure your practices align with your front-end promises.

Managing the customer relationship is very similar to managing our personal relationships

Honesty, communication and trust are the three major pillars of any relationship. It is a natural human tendency to share information with others who demonstrate that they are trustworthy. It’s also important to realize that “relationship” is a verb — a doing word. It’s more than updating a privacy notice annually and manning a complaint hotline. There are many ways that you can initiate and maintain an open dialogue about data-handling practices

How you apply this in business is not as complicated as it might sound. Providing transparency in user experience interfaces, giving users control of their personal data, providing them with information in easy to understand language, and giving them convenient options all play a major role in winning customer trust and earning customer loyalty.

To give these ideas a shape, business’s privacy teams should work with the engineering team, product/service developers and user experience designers to:  

• Embed privacy controls in the design phase of developing a new product, service and user experience journey in line with privacy-by-design and -default approaches.
• Develop user-friendly interfaces to give users control of their data. Having a preference center and providing users the choice to opt out is a great example of building customer trust by respecting their choice on what data they want to share and for what purposes.
• Maintain appropriate customer complaint/communication intake channels, where trained personnel have clear processes to respond to questions about data to demonstrate "we care and act."

The brighter side

Once you have developed strong and trusted relationships with your customers, earned customer loyalty and established your company as a responsible guardian of their data, don’t be surprised to see a positive change in the data-sharing attitudes of your customers. The more that individuals trust you and feel that they have control over what you do with their data, the more data they are likely to share and the more unique value you can provide to differentiate yourself from the competition.

Do not forget to keep on investing time and effort in maintaining customer confidence as you would do in your personal relationships. Both are fragile and need to be handled carefully. Breaching your customers’ trust puts your company at risk of seeing them walk out of the relationship, taking their data with them.

Today, data is considered a business’s most valuable asset. With great data power comes great responsibility, and the business should always be ready to take up both. 

Photo by La-Rel Easter on Unsplash