If your business collects or stores any kind of information from your customers, you need to ensure that you are complying with the current rules and regulations of GDPR (the General Data Protection Regulations).
GDPR (General Data Protection Regulation) is a very large and complicated piece of legislation. I am not a lawyer. The information in this article is absolutely not legal advice and I cannot be held responsible for its accuracy. Details of where to get the appropriate legal information for both EU and UK can be found at the end of this article. However, the information in this short article will give you a heads up that you need to make sure that your business complies and that there is now BOTH an EU GDPR and a UK GDPR following the UK’s exit from Europe.
It is up to you to make sure that the information you hold on your customers is kept secure, accurate and up to date. When you collect someone’s personal data, you must tell them who you are and how you’ll use their information, including if it’s being shared with other organisations.
You must also tell them that they have the right to:
See any information you hold about them and correct it if it’s wrong
Request their data is deleted
Request their data is not used for certain purposes
If you control or process any kind of customer personal data, then your business is impacted by the GDPR rules and regulations. This is everything from the simple collecting of customers’ names and addresses, telephone numbers or IP addresses, to the m ore complex keeping of medical information, bank account details etc.
Two key principles
Data protection is just about protecting your customers from having their data fall into the wrong hands. The two key principles are that businesses must have appropriate, legal reasons for processing personal data, and a business can only collect personal information for a specific purpose…and it is only to be used for that purpose!
Most of us who have a small business hold some form of personal information about our customers. It might be just an email address, or name and postal address, so we all have to ensure we comply. There are very steep fines for those that don’t.
UK and EU Data protection
Up until their exit from the EU, the UK was subject to the EU GDPR rules and regulations as they were still affiliated to the EU, but the UK now has its own UK GDPR rules and regulations.
I am NOT an expert on all the legalities of the General Data Protection Regulations for UK or EU, so it is up to you as a small business to ensure that your business, website and all data you hold on your customers complies with the relevant regulations of your country.
As today (28 January 2021) is Data Protection Day, I thought I’d just bring this to your attention and give you the relevant links so you can do some research and take any advice that you might need from a proper legal representative for your country.
We all know that unsatisfied customers cost money. Research has shown that about 80% of customers will go to a different company after just one bad experience, especially if it’s about the service they receive. This is why it’s so important to measure customer satisfaction to find out exactly what your customers think of you, your company, your products or services, and the kind of customer service they receive.
It’s a fairly simple thing to do, but the first hurdle for any business, big or small, is actually admitting that you have a problem, or that there is room for improvement.
Measuring customer satisfaction simply boils down to collecting feedback from your customers, either via a survey or using customer data…preferably both!
Why should you measure customer satisfaction?
I’ve already mentioned one reason – customer dissatisfaction.
If a customer is not happy they will not buy from you again. They will find take their business elsewhere and you will see a rise in complaints.
If you were measuring satisfaction, you would identify any problems early enough to be able to do something about it, and save your customer before they defect to another company.
It’s much easier to retain your existing customers rather than go through all the marketing and hard work to acquire new ones.
If a customer buys from you regularly, they bring much more value to your business. A happy customer is more likely to remain loyal to you and your brand.
Measurement helps you keep your customers happy, so they’re more likely to stick with your business, buy more and recommend you to family and friends.
Negative comments can damage your brand
A bad customer experience will most likely be shared with family and friends. An unhappy customer is also likely to share their bad experience on social media sites. This can give your business a bad reputation.
Best-selling author and sought after celebrity speaker, Catherine DeVrye, is a world authority on customer service. She also won Australian Woman of the Year. She once said, “It takes years to win a customer and only seconds to lose one.” This one statement resonates with me more than any other I’ve read. I want my customers to be loyal, and loyalty, like trust, has to be earned – you can’t buy it.
I get my computer protection software from a big, well-known company and stay with them because it’s easy to deal with them. Their product is good and does what it says on the tin and they have a good reputation. But it has started to annoy me that this company spend thousands on expensive advertising campaigns, with rousing music, great copy and a fabulous enticing offer for new customers. But, hang on a minute, I’ve been a loyal customer for countless years and the amount I pay goes up substantially every year. Sometimes I think they take it for granted that I’ll just renew my subscription every year and pay whatever they say without any questions. Should I stay loyal to them when I get a new computer? They don’t make me feel valued as a customer. Apart from sending me emails about new and enhanced features that will ultimately cost me more, I don’t hear from them. There is no incentive for me to stay with them…would it really hurt for them to say, “you’ve been a great customer for more than 10 years – we’d like to reward your loyalty with XXXXXX” It doesn’t necessarily matter what I’m offered – it could be 10% off for a year. It could be that they offer me, as a valued customer, the new features to try out for free for the first year and no increase in my annual subscription. Now that would impress me. It doesn’t take much.
With this in mind, I’m so careful never to take my customers for granted or to forget about them. At the end of the day, they are my ‘bread and butter.’
Enhance that all important customer experience
By measuring what your customers think of your products or services, you are giving them the chance to have their say. This will help you improve your relationship with that customer and could produce ideas on how to improve the customer service you currently offer. Your customers could come up with the solution to a problem you’ve been having, especially if you ask the question, “How can we improve on the service you receive from us?”
If you’re measuring customer satisfaction on a regular basis, you will be able to see the spikes in either direction. The measurement might reveal that customers are very happy with the service they get…in which case you know that you’re heading in the right direction.
Once you are measuring what you do, the results will form the basis of your strategy – how are you going to improve so the scores are better the next time you do it?
So, when doing your marketing plan/strategy, always include a measurement section, which details solid measurable objectives and KPIs, (key performance indicators). If you’ve ever worked for a big company, you’ll have heard of KPIs as they form part of your annual performance review!
OK, I have talked about measuring customer satisfaction (CSAT), but how do you measure it?
CSAT is a key performance indicator (KPI) that tracks how satisfied your customers are with your products or services…or both.
It is measured by customer feedback surveys that you send out. Usually it is a question at the end of a survey which will say something like…
‘How would you rate your overall satisfaction of the (service or products) you have received?’
Your customers are asked to reply by ticking the box of one of five answers…
The results you get from all your customers can give you an average score…best done as percentages. For example if you surveyed 100 customers and 85 said they were satisfied or very satisfied, you would have an 85% total customer satisfaction rate, with 15% customer dissatisfaction.
The next step would then be to look at the 15 customers’ feedback, who rated you as giving dissatisfaction to try and identify why. This could be answered in other questions you’ve asked. If you can’t identify the reasons, it would be worth contacting those customers to find out what you can do to improve. This gives you a chance to turn the feedback around to positive for next time. The important thing is NOT to ignore it.
You can use a survey to ask very specific questions, such as ‘How do you rate the service you receive by telephone?’ or ‘How likely is it that you will recommend our business to your family and friends?’
The only downside of CSAT is that it only measures how your customers are feeling here and now, at the time they complete the survey. They might be having a bad day or have been trying to get hold of you and haven’t yet had a reply, which could provoke a negative answer.
Before you jump in and send out a survey, define what you want to achieve.
What do you want to measure?
How are you going to send it out? By post, email, telephone or via social networks?
How often do you want to send a survey – once you send one, you’ll need to send more in the future so you can compare results. Once a year is good as you don’t want to bombard your customers with questions.
What questions do you want to ask? It’s good to have a range of questions – some that have multiple choice answers and some that are free text. For example, you might want to ask ‘How can the service we provide be improved?’ This would need a text box so the response can be written by the customer and they can write as little or as much as they want to.
Questions need to be clear, concise and straight forward and be easy to understand.
Conduct an interview on the telephone
This is a more costly way to get feedback, but it definitely has its benefits. For example, if you are launching a new product and have several long-standing and loyal customers, it would be a good idea to get their opinion. This not only makes them feel very valued as a customer, but also that their opinion matters to you and that you listen to them.
Obviously you couldn’t really do this with a big survey to all your customers – you could have thousands – so it would not be cost effective nor a good use of your time.
There are loads of analytic tools out that that can help you with looking at engagement on your social media channels. These will, to a certain extent, give you details of your customers’ behaviour; how they interact with your brand; how often they buy from you and if they are a repeat buyer of a particular product.
The analytics will also tell you what kind of posts your customers like, what time of day they are online and what day of the week is most popular for your posts. This helps you decide what and when to post.
Regarding social media, it’s always useful to listen to your customers and reply promptly to any questions or comments on your posts.
Live Chat and Social Media
Most social media sites have the facility to have a ‘live’ chat with someone, so you could utilise this to talk to customers online. Messenger is another way to speak to them, but be careful not to bombard their inbox with meaningless messages.
The good thing about using social media channels for engagement and chat is that it is a free service!
You may also have live chat software and can use that to interact with your customers. Again, be aware not to be a nuisance!
Email is perfect for engaging with your customers and for collecting feedback. If you send out a regular newsletter via email, you could always embed a survey in that communication. Or, you could send an email to your subscribers just about your annual survey.
Texting is another great option for getting feedback. It’s cheap to send messages in bulk and gets a survey direct to your customers’ phone.
Customer Experience Factors
Whether you decide to send out a survey, text, message, telephone or email, there are some things you will always come across, which are absolutely crucial to the customer experience…
What you charge for a product or service will hugely impact whether a customer will be satisfied or dissatisfied, depending on the customer. If you charge for something you don’t or can’t deliver, they will go elsewhere and will be dissatisfied with the service they’ve received. I’m not saying make sure your prices are low, no indeed not! A product or service is worth what a customer is willing to pay for it. You don’t want to be really cheap as they will question the quality of the product or service you offer. But at the same time, you don’t want to be so expensive that you price yourself out of the market.
Offer easy access to support 24/7
Customers like to have access to your products/services and know that they can contact you 24/7. Don’t just have a phone number with office hours (9-5, Monday-Friday). If you have a website, you can put an email address. Even if you’re not immediately available, at least they can ask questions at the time they want to.
Offer messenger support on social media channels, so they can message you if it’s an emergency. Most of us are online every day, even at weekends and, although it can be a pain on your day off, if you do answer any urgent queries via messenger…or agree to call the customer, you will gain more loyalty and respect.
Educational content and training
If your products or services require the customer to learn something, make sure that there is support in place as everyone learns differently. It might be that you have a blog and post about how to use certain products or a certain service you offer.
Make sure that products or services that need training or support are covered. Include instructions with the product, give them a link to your YouTube channel where it is explained in detail, or give them a link to a Facebook group where you talk about your products or services in detail through discussions or forums.
Email all these support structures to your customers, as well as putting them in with products/services when they buy them. That way, they know they can save emails for use at a later date and don’t have to worry about losing paper copies of instructions.
Build a community on social media
Start your own social media group to support your customers with the products/services they buy from you. Communities serve several purposes…
Customers can talk and discuss your products/services with each other and give tips that they’ve found through experience
Customers can ask you questions
You can set up a regular forum, where you are there, ‘live’ to answer questions
You can advertise your new products or services
You can host networking events online
You can host training sessions, which can be ‘live’ or recorded with a link to the recording for your customers
Cancelling contracts or subscriptions
Make it easy for your customers to change, or cancel a contract or subscription they have with your business.
It needs to be clear and concise and easily accessible. This might seem a bit odd, as you want to keep your customers, right? But if something you sell is not the right fit for your customer, they need to know that they can easily get out of it. If you don’t do this, you could risk damage to your reputation and your brand if the customer bad-mouths you and your business.
Customer incentive scheme
You will have customers who absolutely love your products/services and who come back to you time and time again. What better way to reward them and show you value their custom, than you have a customer incentive scheme or loyalty programme. Incentives can come in all shapes and forms – it’s up to you what you choose to do.
If you run a coffee shop or café, you could give a card that gets stamped every time they buy a coffee. After buying 10 coffees and collecting 10 stamps on their card, they get a free coffee.
If you have a customer who has bought a website design from you, you could tell them that you’ll add a blog to their site for free.
These are just a couple of examples – the sky’s the limit really!
Whichever way you look at it, customer service and the experience they get when dealing with you and your business is crucial to your business’s success. So, be prepared and put in place measures that help you keep track of what your customers are buying and why. And of course, always ask for feedback! And you’ll be having your customers jumping for joy!
Disclaimer: GDPR (General Data Protection Regulation) is a very large and complicated piece of legislation. I’m not a lawyer. The information in this article is absolutely not legal advice and I cannot be held responsible for its accuracy. Details of where to get the legal information can be found at the end of this article. However, the information provided will give you a starter for ten and give the most up to date information I can find…as at January 2020.
GDPR (General Data Protection Regulation) came into force on 25 May 2018 for European businesses. As a small business, I read everything I could get my hands on to ensure that my business was compliant; 19 months on, there are still hundreds of businesses that don’t comply or who simply don’t know how to.
Although the UK is leaving Europe, if a business has any dealings with European countries, or has customers in European countries, they will still be subject to GDPR, so it’s vitally important to understand what you need to do to comply. I know that you’re probably glazing over now and may think it doesn’t affect you and who’s going to know if you comply or not, but small businesses are being investigated and questions are being asked, so it’s worth making the effort to ensure that you are covered…and it’s not too difficult to get your head around.
How do I know if my business is impacted by GDPR?
Basically, if you control or process any kind of customer personal data then your business is impacted. This could be as simple as keeping your customers’ names and addresses, telephone numbers, IP addresses. Obviously some businesses will keep a lot more, such as medical information, bank account details etc.
GDPR is just about protecting those individuals, (your customers) from having their data fall into the wrong hands. The two key principles are that businesses must have appropriate, legal reasons for processing personal data and a business can only collect personal information for a specific purpose and it is only to be used for that purpose.
The good news is that for businesses with fewer than 250 employees, you are not required to keep records of your processing activities, unless it is regular activity, concerns sensitive information or if the data could threaten someone’s rights.
Most of us who have a small business hold some form of personal information about our customers – it might just be an email address or name and postal address, so there are some things to do to be GDPR compliant. There are very steep fines for those who don’t.
How to comply
Your responsibility There are two words to describe the person who is collecting and processing data… Data Controller – the person who decides how and why personal data is collected. This is usually the business owner, as in my case. This person must ensure that the business is compliant, including transparency, data storage, data confidentiality and accuracy of data collected and stored. The Data Controller is also responsible for reporting to the Information Commissioner’s Office (ICO) if a data breach occurs or if data is lost or stolen from your business..or report to CNIL if you are in France. Data Processor. This person (in my case it’s me too as I don’t have any employees!), is responsible for processing personal data, which includes anyone who has access to your customers’ personal information and uses it – say, for creating and sending marketing emails or sending out your newsletters to your customers. The Data Processor is responsible for ensuring data is processed in line with GDPR requirements and they should record processing activities, as well as ensuring appropriate security of the data they handle.
You need to understand your data – Do a thorough check on all the data you keep on your customers (and employees if you have them) – both past and present.
– Decide how much data you really need. GDPR states you only need to hold data that is absolutely necessary, and for as short a time as possible. If you have old Excel spreadsheets with old customer data, you could be falling foul of the rules, so get rid of anything you no longer need.
-If you have data that is defined by GDPR as ‘special categories of personal data’, you must have explicit permission from that person to hold that data about them. This includes political affiliation, religious beliefs, sexual orientation, trade union membership, racial and ethnic origin. The reason you must have permission to keep this data is that if it got into the wrong hands, it could be misused to discriminate against an individual.
– You need explicit consent from anyone whose information (no matter how much or how little) you are going to store.
You must get clear and explicit consent from your customer that they are happy for you to obtain and store their personal information. It must be clearly explained what personal information you want to collect and why, and how it will be used. The individual must agree and if they don’t, you must not collect and store their data under any circumstances. This includes conditional data collection, such as where you offer a freebie on your website to get people to sign up to your newsletter and then use that data for marketing your products or services. You must be able to show that you have obtained consent for the data you hold. Not having a record of consent leaves you open to fines.
You must also provide an easy way for your customers to opt out of anything they’ve agreed to in the future. So, for example, if you send out a newsletter, there must be a box or email address shown that clearly states that the customer can unsubscribe to it at any time.
Old data If you already have a database of customers and their information, or you take over a business from someone else, including their customers, GDPR requires you to re-consent all of those customers. This means you must contact every single customer you have information on and ask their permission to continue to store and use their data.
If they do not consent – and this includes anyone who does not respond – you must delete their data.
The same applies to any old data you have on anyone – if you no longer need it, it must be deleted.
For us small businesses, you need to have a policy that states how long you will keep a customer’s data if they are not continuously engaging with your business. For example you could say that any data you hold will be deleted after 12 months, if that customer has not engaged with your business during that 12 month period.
It’s a good idea to set up regular data reviews to ensure data is not kept longer than necessary.
Data storage and security GDPR covers data, no matter where it is stored – be it on email, in customer databases, mobile phones, cloud-based service etc. As a small business, you need to create a data processing and storage policy. This should specify where customer data is secured, how it is protected, such as encrypting data and securing your website with SSL, and who has access to it (most likely your data processor to get email addresses, names etc) and for what purpose (could be to send out a newsletter for example).
If you transfer data from one person to another or share with third parties, you need a plan for how the data is moved (such as on a USB stick or laptop) as this is a huge risk – having data encrypted can help alleviate the risk, but my advice would be – don’t move it!
Large businesses need to appoint a Data Protection Officer, but for the purpose of this article, talking to small businesses like myself (less than 250 employees), we would be exempt from this.
If you do have employees, especially if they have access to customer data, they need to be trained on data handling and security.
Requests for access to data Any EU citizen can request access to all the data you hold on them – known as a Subject Access Request (SAR). This can be anything you hold, from name, address and email address, to any references made to them in email messages, websites, electronic notes etc. If you’re a small business, this won’t be too difficult, but for huge businesses, it would be very time consuming to go through hundreds of documents and data entries. That’s why it’s so important to know what you hold on your customers and where. If a customer makes a SAR, you have 30 days to comply, so good to have a plan in place.
Are your suppliers GDPR compliant? Small businesses often rely on contractors and suppliers. Even if your business is GDPR compliant, you must ensure suppliers and contractors are also GDPR compliant.
Please note: Small businesses are exempt unless you’re working with a larger business that has more than 250 employees, in which case you can fall foul of GDPR if the larger business is not compliant. The quickest way to find out is to ask suppliers to complete a GDPR compliance form detailing how they handle data, security and storage procedures…and what type of data they handle. You can send them a GDPR compliance checklist for small businesses for them to complete. Ensure contracts specifically refer to a supplier or contractor being GDPR compliant. Include the right to audit their business if needed, such as making an on-site visit to review their data processing arrangements.
Create data processing notices Data handling must be fair and transparent, so you need to create a document explaining how your business deals with data. Known as Fair Processing Notices (FPNs). It all sounds complicated but an FPN is just about giving people clear information about what you’re doing with their personal data.
You FPN should describe why you are processing their personal data, including that you have their consent via an opt-in or sign up to a newsletter for example.
If you are sending their personal data to a third party, such as another customer, employee, supplier, you need to state this on the FPN.
You also need to say how long you will be holding onto their data, known as the ‘retention period’.
Finally, you need to state that all your customers should be aware of the existence of their personal data rights – this should be pointed out to your customers.
For more detailed information on GDPR…
Click here if your business is in France (in English!)