How GDPR Can Help Startups Level The Data Playing Field

By Kaijia Gu

This article first appeared on The Grocer on 21 May 2018.

It’s been discussed by executives at retailers big and small and can elicit reactions of fear, frustration, boredom, and exasperation: GDPR. There’s a common misconception about the general data protection regulation that I hear time and again: that it is an expensive, regulatory burden that will hinder any business reliant on customer data, particularly for large companies.

However, those who are able to look beyond compliance and into the strategic opportunities that GDPR helps to unlock will emerge as winners. The opportunity is particularly appealing for small and agile food businesses.

For smaller companies, GDPR will likely help level the playing field. For example, with a customer’s consent, a small retailer can request all the data held on that individual from any and all of the big supermarkets where they previously shopped, which can include all the loyalty card data amassed over the years. With one simple click, a major source of competitive advantage could disappear for large retailers, and small businesses can use it to create new and innovative propositions.

With one simple click, a major source of competitive advantage could disappear for large retailers, while small businesses can use it to create new and innovative business models

While this provides exciting opportunities to small businesses, they will need to meet a number of criteria in order to take advantage of this change.

First, they must convince consumers that they are a trusted custodian of their data. Here, national supermarkets will have an advantage as they have established brands built over decades, so small businesses without a national reputation will have to be more proactive. For example, they could find a way to easily and clearly explain the data protection practices that they employ, highlight their role in the local community, or partner with existing trusted brands to improve their credentials.

Once GDPR is embedded, consumers will increasingly realise how much their data is worth, and will expect value from it. So, the second thing smaller companies should do is to create compelling value propositions that use customer data. These could be additional services, such as personalised recipe boxes, better experiences, such as better curated online shopping journey, or unique prices and discounts. Those who can entice consumers to share more data will be able to create more interesting and appealing offers, which then get more customers and more data. It’s a virtuous cycle.

It’s not just other supermarkets who may be required to share customer data when requested. Bank data on shopping habits, social media data on how someone interacts with online advertising, and data from consumers’ wearable devices will all become accessible with consent. This can again unlock great opportunities for small businesses to develop offers that break down the boundaries. For example, a small food retailer can ask to access consumer’s wearable device information to suggest recipes and deals based on their health and lifestyle.

While consumer education and awareness of their new rights under GDPR builds, companies should look at their next steps beyond compliance. Using GDPR and customers’ data, there is plenty of scope for small food businesses to create innovative and potentially disruptive business models. It’s time to seize the opportunity.