Business IQ

Customer data: How to manage it securely

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Whether your business is the local gym or a high-end online retailer, storing your customers’ data securely should be a key consideration. Gaining and retaining customer trust is especially important in the current climate, where a slip-up could mean that once-loyal customers will choose to spend elsewhere.

Medical record appears on laptop

Collecting and warehousing vast quantities of personal data about customers requires care and precision. Once you have taken the first step of collecting customer data, you must ensure you are using it in the right way – and let your customers know that it will be used appropriately and safely in your business’ hands.  

Here, we look at three considerations to help ensure you meet data-security expectations.

Types of data you can gather

Businesses should only gather information if it’s needed for legitimate functions or activities. With this in mind, you may want to reasses whether it’s worthwhile collecting personal information about customers at all. For many businesses it is, but you should consider what purpose it serves and exactly what you’ll do with it. For example, a medical clinic collecting patient data for a person’s medical history is vital – a retailer collecting their customers’ home address may not be, especially if this is used for unexpected marketing.

It’s also important to consider how you will collect customer data. “If you haven’t collected the information directly from the individual - or you have but they wouldn’t reasonably expect that you’d use it to market products and services - you need to get their consent where it’s practicable to do so and you need to include the opt-out mechanism in the communication,” says Alison Baker, Partner of leading independent Australian law firm Hall & Wilcox. “You also need to include a prominent statement that makes it clear that they don’t have to receive the marketing material,” she adds.

The Australian Privacy Princples (APP) guidelines is a must-read resource for any business that collects data. This is a great starting place if you are unsure about what data is deemed necessary to collect – and what you can legally do with it.

Are you meeting expectations online?

Expert advice & practical tips to help turn customers into loyal advocates.

Access free reportAre you meeting expectations online?

Store your data securely

There are several ways to manage data storage. You can choose to engage third-party providers to store data and information on your business’ behalf. However, it’s important to know precisely where that data is at all times and whether it complies with the privacy principles.

“It might just be that a cloud provider stores back-up data for them rather than keeping it on one of their systems they outsource it and put it in a cloud and the operator of the cloud is located overseas,” says Baker. “If that data contains personal information then they’ve made a disclosure to the overseas recipient,” adds Alison.

You might want to consider adopting a cloud solution for your business, which can help to prevent loss of data if a security breach occurs. There are several options available and, because every business has unique needs, there are steps you can take to assess which cloud solution is right for you.

Show customers their data is secure

At the point of collection, customers want – and have the right – to know what you will do with their data. You should let them know that their data is safe and advise exactly how you will meet this promise. Provide succinct details when communicating your data protocols with customers – instead of burying this in a long privacy statement. Customers are time poor and certainly appreciate simple, clear information.

Collecting customer data is an essential piece of the puzzle for any small or medium-sized business using direct marketing to engage their customers. It is your business’ ethical and legal obligation to follow government guidelines and keep up-to-date data-security practices – and maintaining this standard may be one of the reasons customers choose your business over another.

Get expert help with your cyber-security

Discover Telstra Business Cyber Security Services.

Find out moreGet expert help with your cyber-security

Customer shopping online
Customer Experience
Customer Experience
5 ways to help prepare your business for online Christmas shopping

Despite COVID-19 restrictions easing, many people might still prefer to shop online instead of in-store this Christmas. Is your business ready to meet the demands of the holida...

Regional Australian landscape
Customer Experience
Customer Experience
Bridging the location gap: How regional businesses are thriving online

As society becomes more digitally connected, technology is helping to unleash the potential of many regional businesses.

Female worker stretching hands above head at workplace
Productivity
Productivity
Why you should choose mindfulness over multitasking

Every minute counts for small business owners, so working on three or four things at once might seem like the best way to get things done. But is multitasking actually holding ...

Business owner uses digital tablet on a farm
Business IQ
Business IQ
Federal Budget 2020: 5 key take-aways for small business

Telstra has teamed up with Small Business Australia to deliver a series of articles and resources to help Aussie small businesses survive and thrive in these challenging times....