How CRM Can Help You Manage Data Privacy

24 Jan 2022

A Quick Overview of Data Privacy 

The idea of data privacy is always topical – you experience it every time you use a password to access an account or tick the box to accept cookies when viewing a website. 

Whilst you may consider data privacy in a digital/ online context, the concept has been in existence for much longer. Following the Second World War, the Council of Europe (COE) was created to piece together a fragmented Europe. This involved the promotion of ideas such as the rule of law, democracy and human rights. 

In 1981, the COE passed a treaty known as the “Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data”. This further cemented people’s rights when it came to data held about them. 

Data Protection Day

On 26th April 2006 the COE launched Data Protection Day, which would happen each year on the 28th January. The aim was to promote awareness of data protection and the right to data privacy. 

Why is it Important? 

To answer this, ask yourself the following. Do you know how your data is stored? More to the point, what would happen if your data were to be compromised? If your financial data is stored insecurely, it puts you at risk of fraud. What about your health data? Someone could easily exploit that data to your detriment, if it ends up in the wrong hands.

As you can see, you want assurances that data stored about you is absolutely rock solid. Measures need to be in place so that it cannot fall into the wrong hands, and should not be manipulated. It also needs to be up-to-date. If your data is no longer current – for example for credit check purposes – this could have a serious consequence for you.  

Data You Create

Historically, most online content – other than emails – was created and managed on behalf of individuals by companies, rather than being managed by the end user. However, the advent of social media has also dramatically accelerated the amount of data created by private individuals. An infinite number of posts, videos and images are being uploaded daily. It has become important to protect the privacy of personal data online, particularly regarding social media. Data protection legislation has since been expanded to include families, consumers and businesses. 

Who does it Affect? 

To put it simply, data protection affects everyone! At both individual and enterprise level. This means businesses of all sizes, from sole traders right up to government and international organisations. 

How does each Group Approach Data Privacy?

Each of those stakeholder groups mentioned above will need to think about what they need to do in terms of data protection. I’m going to consider how individuals and companies need to consider this. 

From an Individual Perspective

Can you think about each time you use an app and you get a pop-up that asks if you want it to know your location? Or if it can access your photos? If you want to get to the app quickly it is all too easy to simply click yes to all the questions. 

But if you stop for a second, there may be occasions where you think – actually no, I don’t need this app to know where I am. Then think about the number of apps you have downloaded over the years, used once and never again. They may all be collecting data about you for all that time. What about apps that ask to access your address book? All of a sudden, that feels a lot more serious right? 

As well as considering what you share, you should think about how/ where you are active. This starts with access to the various apps or accounts you have online. 

Passwords and Beyond

Rather than leaving everything in the hands of the businesses, there are a few points that individuals can manage themselves. Firstly, you need to use secure passwords. I mean, you probably don’t leave the front door of your home wide open do you? Think of poor passwords as the digital equivalent of that open door. Most app providers offer various security functions, whether it is fingerprint or facial recognition, or multi-factor authentication (MFA). 

MFA in particular is key in preventing automated data attacks as it makes the data that much tougher for outsiders to access. 

You need to think about where else that access is laid bare, should one of your accounts be compromised. Think about the number of apps that you log into using your Google or Facebook log-in for example. Often it is a question of compromise between what is most convenient, compared with what is most secure. 


GDPR: your data, your rules

We've always put data protection at the heart of OpenCRM. So with the introduction of GDPR, we've added new tools and features so you have the control you need to implement your policies and achieve compliance.

find out more

From a Business Perspective

For businesses: you need to be transparent about what you are collecting, and why. You can do this by working out a data protection policy internally, and then sharing it with your audiences, a bit like the policy published by OpenCRM

That provides your existing and prospecting customers reassurance that you take their data seriously, as well as potential business partners who may be looking to work with you.

Who are you Sharing Data with?

Online businesses rarely operate in isolation – that is to say they will sync with other apps. For example, your website may work with an eCommerce platform, a form submission tool and your accounting software. In those instances, you should be aware of the security policies practised by the businesses powering those apps too. 

GDPR – Opt-In rather than Opt-Out

In addition, the individual has a right to know what data is stored about them. Data must be relevant and not excessive. Just because data can be found/ mined does not mean you should store it. In fact, loading your CRM with irrelevant data could be a headache further down the line if you can’t see the wood for the trees.

Doing the above honestly, and with enough transparency, will help gain the trust of your customers, as well as ensuring you remain compliant with legislation. This is one of those areas where it is worth delivering more than the bare minimum – compliance should be the minimum.  Educating your clients gives them information they can apply to other situations so you are not just being compliant, but also providing an extra service.  

Going the Extra Mile

There are so many service providers you can choose from. This can be anything from choosing who supplies you with electricity to which delivery company brings your groceries.

Often price is less important that the level of service you provide. I’m sure you have your own anecdotes when it comes to using budget airlines, or using different parcel services, and so you adjust your levels of expectation accordingly. Cheap does not necessarily mean worse though – take a look at who was the most popular supermarket in the UK in the last quarter of 2021.

One tool many businesses use to help is by deploying Customer Success within their business. So if you have questions around data security and policies, either check internally within your own customer success team, or research your suppliers online. Here’s to happy and safe data management!