Business IQ

Customer data: How to manage it securely

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Whether your business is the local gym or a high-end online retailer, storing your customers’ data securely should be a key consideration. Gaining and retaining customer trust is especially important in the current climate, where a slip-up could mean that once-loyal customers will choose to spend elsewhere.

Medical record appears on laptop

Collecting and warehousing vast quantities of personal data about customers requires care and precision. Once you have taken the first step of collecting customer data, you must ensure you are using it in the right way – and let your customers know that it will be used appropriately and safely in your business’ hands.  

Here, we look at three considerations to help ensure you meet data-security expectations.

Types of data you can gather

Businesses should only gather information if it’s needed for legitimate functions or activities. With this in mind, you may want to reasses whether it’s worthwhile collecting personal information about customers at all. For many businesses it is, but you should consider what purpose it serves and exactly what you’ll do with it. For example, a medical clinic collecting patient data for a person’s medical history is vital – a retailer collecting their customers’ home address may not be, especially if this is used for unexpected marketing.

It’s also important to consider how you will collect customer data. “If you haven’t collected the information directly from the individual - or you have but they wouldn’t reasonably expect that you’d use it to market products and services - you need to get their consent where it’s practicable to do so and you need to include the opt-out mechanism in the communication,” says Alison Baker, Partner of leading independent Australian law firm Hall & Wilcox. “You also need to include a prominent statement that makes it clear that they don’t have to receive the marketing material,” she adds.

The Australian Privacy Princples (APP) guidelines is a must-read resource for any business that collects data. This is a great starting place if you are unsure about what data is deemed necessary to collect – and what you can legally do with it.

Are you meeting expectations online?

Expert advice & practical tips to help turn customers into loyal advocates.

Access free reportAre you meeting expectations online?

Store your data securely

There are several ways to manage data storage. You can choose to engage third-party providers to store data and information on your business’ behalf. However, it’s important to know precisely where that data is at all times and whether it complies with the privacy principles.

“It might just be that a cloud provider stores back-up data for them rather than keeping it on one of their systems they outsource it and put it in a cloud and the operator of the cloud is located overseas,” says Baker. “If that data contains personal information then they’ve made a disclosure to the overseas recipient,” adds Alison.

You might want to consider adopting a cloud solution for your business, which can help to prevent loss of data if a security breach occurs. There are several options available and, because every business has unique needs, there are steps you can take to assess which cloud solution is right for you.

Show customers their data is secure

At the point of collection, customers want – and have the right – to know what you will do with their data. You should let them know that their data is safe and advise exactly how you will meet this promise. Provide succinct details when communicating your data protocols with customers – instead of burying this in a long privacy statement. Customers are time poor and certainly appreciate simple, clear information.

Collecting customer data is an essential piece of the puzzle for any small or medium-sized business using direct marketing to engage their customers. It is your business’ ethical and legal obligation to follow government guidelines and keep up-to-date data-security practices – and maintaining this standard may be one of the reasons customers choose your business over another.

Get expert help with your cyber-security

Discover Telstra Business Cyber Security Services.

Find out moreGet expert help with your cyber-security

Virginia Martin founder of Búl
Customer Experience
Customer Experience
Keep customers happy and maintain your work-life balance: Virginia Martin, founder of Búl

Customers might be making enquiries about your business around the clock, but you don’t need to trade your well-earned downtime to be helpful and responsive. Virginia Martin, f...

Woman shopping online
Customer Experience
Customer Experience
5 things customers expect from your business online

Do you know which online features customers think are important when dealing with businesses online? Research shows that you may be underestimating these five things.

Man using tablet in stockroom
Business IQ
Business IQ
The fundamentals of online security planning

Protecting your business online requires more than set-and-forget antivirus software. In an increasingly digital world, planning and strategy are key for keeping your business ...

Man using tablet in stockroom
Productivity
Productivity
Your 5-step guide to digitising your business

Kickstart your business’s digital transformation with our quick guide. Discover the five essential steps that can help your business thrive online in 2021 and beyond.