The General Data Protection Regulation (GDPR) law came into effect in the EU on May 25th 2018; a regulation that put consumers’ data protection to the forefront and made way for a much more concerned and ‘private’ customer. With this in mind, building strict GDPR compliance and knowledge in your business is a way to build trust with both existing and potential clients. Instead of seeing it as another stick in the wheels of hard-working entrepreneurs, it’s time to use the principle behind data protection as an opportunity to leap ahead of competitors.
Listen to the audio version of this blog, and subscribe to the Phorest Blog Podcast here:
Data Protection & Your Clients Under GDPR
If you’re not sure what GDPR entails, exactly, let us briefly explain.
For GDPR, your salon must prove it has a legal basis for collecting the client’s personal information i.e. you cannot collect personal information without reason or simply say it is for marketing.
Also, you must be able to:
- Identify exactly what personal information you are collecting
- Give a legal reason for taking that information
- Show that all of the processes you have for collecting data are GDPR compliant
Clients’ Rights
Not only that, but it also means that under a data protection law such as GDPR, clients of your salon have the following rights:
- The right to be informed: Clients must be informed before personal data is gathered. It must be opt-in, and the reasons for collecting personal data must be provided.
- The right of access: Clients have the right to request access to their personal data, and for information on how their data is used after it has been gathered.
- The right to rectification: Clients can have their personal data corrected if it’s incomplete, incorrect or out of date.
- The right to be forgotten: If clients are no longer customers or withdraw their consent to use their personal data, they retain the right to have their personal data deleted.
- The right to data portability: Clients have the right to request that you transfer their personal data to another business in a commonly used and readable format.
- The right to object to processing and direct marketing: Clients can request their personal data is not used for processing. Their personal data can remain in place but not used.
- The right to be noticed: Clients have the right to be informed of a breach of their data within 72 hours of its discovery.
Sounds arduous? This is the perfect example of why you need a GDPR-compliant salon software. If you are using pen and paper and maybe an online email tool, for example, it’s virtually impossible to ensure all your clients’ rights are respected. Also, how do you delete a client’s details from pen and paper if you have multiple entries in different diaries?
Using GDPR To Build Trust With Customers
What if we said you could turn it into an opportunity to build trust with both existing and potential clients?
Assuming you’ll have been preparing the switch to a GDPR compliant salon software solution, this is something you can leverage when speaking to your clients. And if you chose Phorest Salon Software, we can help you with GDPR by:
- Providing you with the industry’s first fully digital compliant consultation forms, meaning you opt-in all clients in a traceable way as per GDPR legislation
- inserting “unsubscribe” options on all marketing material to ensure you remain compliant
- Giving you filters and tools to create marketing campaigns using email, social media and SMS that are opted-in and won’t get you in trouble when clients request a copy of their consent
- Ensuring that all data stored on the system is fully encrypted – meaning you and the team are protecting your clients’ data from leaking
Reinforcing Trust With Existing Clients
Let’s start with this angle because it’s the easiest. Your existing customers already like you and already trust you. Just like in any relationship, it’s all about communication. Reassure your clients. Show them that you care about their privacy and personal information.
Realistically, it’s very likely that a massive percentage of your existing clients won’t ask any questions about GDPR. For the others who do, make sure you and your staff are educated about the legislation and compliant with it. Calmly answer your clients’ queries and reassure them by showing them you’re in control of the situation. The goal is to make them feel like they can go about their day without any concerns about the seriousness of your business in the whole matter.
Building Your Relationship With New Clients
Similar to your existing clients, most new clients will not be obsessing over how their personal information is gathered and protected, but it can certainly play in your favour to explain just how ‘safe’ it is to do business with you. Take something as simple as a patch test; tell them why you need to hold any medical or contact information about them, what you’ll be using their data for, and who will have access to it. The key with client data privacy is to be as transparent as you can; after all, that’s what builds trust in any relationship: honesty and care.
Given the amount of (sometimes very sensitive) information clients need to provide you with to ensure safe treatments and services, it’s likely they will be looking for the one place that makes them feel safe. I mean, the only other professional who’d have this much personal information about them would probably be their doctor! Assure them that you care about their data and are serious about being GDPR-compliant. By prioritising their safety and privacy, you’ll have an instant advantage over your local competitors, and win these new clients’ trust.
You know what they say… Communication is key!