Insurance brands will have to delete two thirds of the records they hold on past customers, losing a vital sales pipeline, under new data protection laws which take effect in 365 days, new research from Consumer Intelligence and fast.MAP indicates.
Companies must obtain explicit permission from customers to store their information under GDPR, which becomes law on 25th May 2018, or risk a fine of 4% of global turnover or £16.5m.
As well as changing how new customers opt in to allow insurance companies to store their personal information, companies must also get permission to keep information about any previous customers on file. If they don’t get active consent by the 25 May deadline, they will be required to delete millions of records on 26 May 2018.
However, a survey of over 1,000 drivers conducted by Consumer Intelligence and fast.MAP* revealed that only 32% would give permission for their insurer to keep their information after they leave for “legitimate purposes”, the criteria set by the rules.
With several high-profile brands successfully offering past customers incentives to return after a year or more with a rival company, there is a financial imperative to increase this figure, Consumer Intelligence warns.
Consumer Intelligence’s research also found that consumers who believed their insurance brand rewarded loyalty were more likely to say they had agreed to receive marketing messages. This suggests that giving customers a reason to opt in will substantially increase the proportion who give permission for the insurance company to keep their details on file.
Chief executive Ian Hughes said that too many GDPR committees in insurance firms are comprised exclusively of compliance, risk and IT experts, without involvement from marketing or customer-centric teams.
“You need them to opt in, and that means giving them a reason to want to stay connected. If you simply write to them and say ‘is it ok to keep your data for legitimate purposes?’ only a third will say yes,” he said. “For the many brands that rely on targeting past customers to maintain their policy numbers, that would be disastrous.”
Amongst the 32% who said they would let their insurer keep information after they leave there was a huge variance with 40% customers of the top-ranking brand saying they would give permission, compared with 19% of the lowest ranking brand.
On average, 64% of consumers believe their insurer keeps their data safely, another component of GDPR rules.
However only 28% said they believed they had already agreed to receive marketing messages.
Consumer’s Intelligence’s three things to do today to prepare for GDPR:
- Start testing your GDPR compliant opt-in messages right away. Test which wording works best and keep improving it. Now is the time to learn what’s right for your brand.
- Start asking permission to stay in touch with lapsed customers. Brands that leave it until the last minute will compete with a raft of others in various industries and it will be harder to convince those customers that you value the relationship.
- Include someone who can see the world through the eyes of the customer in GDPR planning. Secure data storage is fundamental, but navigating what GDPR means for brand perception and your sales pipeline should not be a by-product of compliance.
*Survey conducted with 1,796 consumers between 12th May and 23rd May 2017