Retaining customer records: your obligations under GDPR


Date: 22 January 2020

A small business owner manages customer records in a database on his laptop.

The size of the online community is growing on a daily basis. While this is excellent news for those who wish to enter into the field of ecommerce, the fact of the matter is that transparency is now more important than ever before.

Customers are now extremely wary about how businesses store and utilise their personal information. This is one of the main reasons why understanding GDPR legislation is important.

It’s critical to understand your responsibilities when it comes to data retention, so that you can ensure your business remains well within the bounds of the law.

How long are you allowed to store customer data?

Businesses often store user data in order to enact a marketing campaign or to analyse demographic trends. Although this is a sound marketing strategy, there are limitations which need to be noted.

Under the current GDPR rules, you are only allowed to keep this information for as long as it will take to be processed. In other words, you are obligated to delete information that is no longer needed.

Not only does this affect data obtained in surveys and customer feedback portals, but it is just as relevant to email storage. It is therefore wise to review any existing email caches in order to determine which addresses need to be deleted from the system. This can be done manually, or completed through the use of third-party automated software solutions.

The main takeaway is that you must make certain that your company is in full compliance, regardless of its size or the number of customers you deal with on a regular basis.

Respecting customer requests

We need to keep in mind that there is a big difference between lead generation and information retention. The process of generating leads represents a proactive and fluid situation.

If an individual is interested in what you have to offer, he or she will naturally provide you with certain information. This will enable you to stay in touch and better address their desires. Using Instagram to generate potential sales leads is a perfect example. You can obtain more info here. 

By the same token, any follower or customer has the right to ask for his or her data to be deleted from your system if they are no longer interested in what you are offering. Once again, the ability to confirm that details have been deleted on request is another means to establish a sense of transparency within your company.

Current GDPR regulations have been engineered to protect both businesses and customers, so it is important to fully appreciate your obligations. The good news is that adhering to these protocols is generally a rather straightforward process.

Not only will this display that your business cares about personal data protection, but customers will appreciate the fact that they are dealing with a trustworthy and compliant organisation.

Copyright 2020. Article was made possible by site supporter Larisa Wong SEO

What does the * mean?

If a link has a * this means it is an affiliate link. To find out more, see our FAQs.