Get in Touch
0203 884 1100

How GDPR will Affect Major Retailers in 2018 by TechTIQ


On the 25th of May 2018, the new General Data Protection Regulation (GDPR) standards  begin to be enforced.

What this means is that any organisation, including retail businesses such as grocery vendors. They can be punished under EU law if they fail to comply with the new legislative requirements of GDPR.

This short article takes a look at 5 core operational changes that grocery retailers  need to make to become compliant with GDPR.

Operate a Proactive Approach to Cybersecurity

GDPR calls for several core technologies to be deployed in order to operate a proactive approach to cybersecurity.

The most disruptive of these technologies from an adoption viewpoint is the requirement that all data kept encrypted at all times.

Previously, encrypting data during transfer across public facing networks has been sufficient to comply with Data Protection legislation. When GDPR comes into effect, data encrypted when it  captured, transferred, processed and stored.

Cyber Security

From an operational point of view, a business must begin to proactively identify and evaluate risks to data security and implement business processes to mitigate these risks.

Furthermore, there is a requirement for all actions performed on datasets, such as analysis, reporting etc., to be managed by a data controller. Who takes responsibility to ensure that the data  kept secure at all times.

Make Consumer Data Available

With GDPR consumers have an increased level of protection when it comes to how a company captured and used their private data.

Under General Data Protection Regulation (GDPR) every individual has the right to request to see a copy of all data a company has on them.

This data must be provided to the individual promptly and in a format suitable for accessing using basic technologies such as a web browser or text editor.

Additionally, every individual now a “right forgotten” meaning that upon request. The business must delete all data that it stored associated with the person.

Manage Internal Data

In a similar way to consumer data made available to consumers and the right to forget. Employees of a company will have new rights under GDRP with regard to the data the company stores about them.

Every employee has the following rights under GDPR:

  • Informed of how their private data used.
  • Have access to all data pertaining to them on request.
  • To have any mistakes in data stored about them corrected.
  • The right to prevent their personal data processed as per their wish.
  • The right to take their personal data with them when they leave the company.
  • For grocery vendors, this means that key business systems such as vehicle scheduling, HR management, payroll etc. must now conform with the above employee rights.

Revise Data Collection Methods

GDPR will have some serious effects on the way that a grocery business collect information about its customers.

This will affect many of proven ways that retailers have used private data in the past to maximise sales and generate revenue.

Browser cookies, the use of third-party consumer data. Any way that digital information used to track consumer actions such as loyalty schemes and referrals, are all affected by GDPR.

The single change under GDPR which had this effect,  the new requirement for all private data to be anonymised. What this means that all data that stored must traceable back to a specific person.

In other words, it is now illegal to capture and store a person’s contact details along with transactional data such as website tracking data.

Modify Marketing Communications

Grocery retailers, especially those that operate some form of e-commerce platform. Or use any form of digital marketing,  going to need to rethink their marketing approach to become compliant with GDPR.

Under GDPR two key requirements entirely change the face of digital marketing:

  • Data only captured for a specific relevant purpose. This means that capturing additional consumer data at the point of sale in order to remarket to them at a later stage now illegal.
  • Tby the grocery retailer must gave consent for all data captured to consumers. Meaning that no data  captured without telling the consumer. how it used? And the consumer gave their consent.


 In Conclusion

GDPR, a massive change to the way that every organisation will need to operate.  Grocery retailers who rely on digital channels for marketing. And sales need to make some extensive revisions to their business processes as well as changes to core technologies to become compliant.

This short article really only scratched the surface of the implications of GDPR for grocery retailers. The full GDPR guidelines take up several volumes.

Please follow and like us:
Emma piterson- TechTIQ Solutions

Emma Piterson is an author at TechTIQ Solutions, where she applies marketing into strategies to grow clients’ businesses, in particular, to ensure that digital and traditional play well together, Emma can separate real solutions from wastes of time. Connect Emma on LinkedIn and Google+


Your e-mail address will not be published. Required fields are marked *

Social media & sharing icons powered by UltimatelySocial