GDPR in Travel: The Opportunity

8 February 2018


Words by Paul Stephen, CEO, Sagittarius  

With the regulation deadline fast approaching there is lots of discussion around what brands need to be doing next to cleanse their data and improve compliance. This has created a wave of panic within the travel industry and with the deadline just months away I thought this would be a good time to reflect on the opportunities it proposes:

  • More valuable data
  • Better data security
  • Enhance the customer experience
  • Build consumer trust
  • Beat the competitors
  • Achieve digital transformation

I’ve broken this down into 4 key areas I feel are the most important to brands.

#1 Customer Data

In theory, if a business can successfully implement GDPR then their data will be more valuable to the brand because:

  • It will be freely given
  • It will be from customers with a genuine interest in your product/service
  • It will be more valuable to you and the customer, therefore creating a better business-to-consumer relationship

Collection of Data

How brands collect and store this data is a vital step and it’s important to consider the key touch points in a typical customer journey when the consumer will leave a digital footprint of some kind:

#2 Improved Security

Brands will essentially use a variety of different technologies and tools across their business, which are either collecting, identifying or processing customer data. Under GDPR whilst you might not be in breach, as the Data Controller if you have used a Data Process that then has a breach they will try to pass liability back to the brand; as the controller brands should only be sharing data with sources they can guarantee are free from encumbrances.

Data Sharing

The more customers interact with a website the more data that business is collecting. Travel brands often share this data with other data processes such as email marketing platforms, booking engines, social media platforms, hotels, flight providers and so on for re-marketing purposes. Therefore, when you think about where this data might be being shared the flow of data rapidly expands.

#3 Single Customer View

A CRM or Single Customer View tool is a straightforward way of stepping towards GDPR compliance. For many years the idea of a ‘single customer view’ has had huge marketing and user experience benefits but now there is the added benefit of understanding what data you hold, where you hold it and how it has developed over time.

Now, this is something that can be used to better understand your niche, giving you the opportunity to develop your holiday ‘product’ to evolve with your audience’s needs and at a more granular level; personalise it even further.

#4 Trust & Experience

GDPR requires brands to be more transparent about their intentions for data and therefore a new level of consent has to be attained before contact can be initiated. For brands this reinforces the idea of having more valuable data and therefore the opportunity to build better more valuable relationships.

Trusted Privacy by Design

Privacy notices are a vital element of GDPR meaning that brands need to explain who they are, what they do and what they want to do with customer data as well as the ability to be more selective when managing their preferences. It’s also essential that businesses provide information about who this data will be shared with and how to withdraw the data.

Consent in Practice

Consent is one of the six reasons as to why brands can process someone’s data. GDPR tells brands that when they are asking for consent it needs to be on one of the following terms:

  • Unbundled: consent requests must be separate from other terms and conditions. Consent should not be a precondition of signing-up to a service unless it is necessary to do so.
  • Active Opt-in: no pre-ticked boxes.
  • Granular: give granular options separately for different types of processing
  • Named: name your organisation and any third parties who will be relying on the consent given.

Whilst GDPR compliance is a complicated issue that needs to be supported from the top down, in some cases the attitude to compliancy is going to be harder to achieve than the technical aspect.

If brands do embrace this regulation successfully there is a huge opportunity to build open and honest relationships that create lifetime customer value and brand advocates.