Business IQ

Customer data: How to manage it securely

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Whether your business is the local gym or a high-end online retailer, storing your customers’ data securely should be a key consideration. Gaining and retaining customer trust is especially important in the current climate, where a slip-up could mean that once-loyal customers will choose to spend elsewhere.

Medical record appears on laptop

Collecting and warehousing vast quantities of personal data about customers requires care and precision. Once you have taken the first step of collecting customer data, you must ensure you are using it in the right way – and let your customers know that it will be used appropriately and safely in your business’ hands.  

Here, we look at three considerations to help ensure you meet data-security expectations.

Types of data you can gather

Businesses should only gather information if it’s needed for legitimate functions or activities. With this in mind, you may want to reasses whether it’s worthwhile collecting personal information about customers at all. For many businesses it is, but you should consider what purpose it serves and exactly what you’ll do with it. For example, a medical clinic collecting patient data for a person’s medical history is vital – a retailer collecting their customers’ home address may not be, especially if this is used for unexpected marketing.

It’s also important to consider how you will collect customer data. “If you haven’t collected the information directly from the individual - or you have but they wouldn’t reasonably expect that you’d use it to market products and services - you need to get their consent where it’s practicable to do so and you need to include the opt-out mechanism in the communication,” says Alison Baker, Partner of leading independent Australian law firm Hall & Wilcox. “You also need to include a prominent statement that makes it clear that they don’t have to receive the marketing material,” she adds.

The Australian Privacy Princples (APP) guidelines is a must-read resource for any business that collects data. This is a great starting place if you are unsure about what data is deemed necessary to collect – and what you can legally do with it.

Are you meeting expectations online?

Expert advice & practical tips to help turn customers into loyal advocates.

Download free reportAre you meeting expectations online?

Store your data securely

There are several ways to manage data storage. You can choose to engage third-party providers to store data and information on your business’ behalf. However, it’s important to know precisely where that data is at all times and whether it complies with the privacy principles.

“It might just be that a cloud provider stores back-up data for them rather than keeping it on one of their systems they outsource it and put it in a cloud and the operator of the cloud is located overseas,” says Baker. “If that data contains personal information then they’ve made a disclosure to the overseas recipient,” adds Alison.

You might want to consider adopting a cloud solution for your business, which can help to prevent loss of data if a security breach occurs. There are several options available and, because every business has unique needs, there are steps you can take to assess which cloud solution is right for you.

Show customers their data is secure

At the point of collection, customers want – and have the right – to know what you will do with their data. You should let them know that their data is safe and advise exactly how you will meet this promise. Provide succinct details when communicating your data protocols with customers – instead of burying this in a long privacy statement. Customers are time poor and certainly appreciate simple, clear information.

Collecting customer data is an essential piece of the puzzle for any small or medium-sized business using direct marketing to engage their customers. It is your business’ ethical and legal obligation to follow government guidelines and keep up-to-date data-security practices – and maintaining this standard may be one of the reasons customers choose your business over another.

Get expert help with your cyber-security

Discover Telstra Business Cyber Security Services.

Find out moreGet expert help with your cyber-security

Man filming a video
3 businesses that are winning with video

Video technology has helped a lot of businesses deliver their services – and remain operational – throughout COVID-19. And for many, adopting this technology is not a Band-Aid ...

Man viewing furniture using augmented reality technology
Tech evolution: 3 ways to elevate your business

The pace at which technology is developing has made staying up-to-date more accessible, affordable and easier than ever. Adopting digital tools for your business could help str...

Man delivering packages
Conscious consumption: Even online, consumers choose local

Consumer behaviours and attitudes shifted in many ways as COVID-19 enveloped our reality. But one sentiment has become clear: consumers want to support local businesses, even w...

Woman practices yoga at home
Working from home: Habits for a healthy mind, body and business

Health and productivity are inextricably linked. So how can you ensure you’re setting yourself and your staff up for success while working from home?