Insurance provider HomeServe has seen an increase in marketing effectiveness since the introduction of the General Data Protection Regulation (GDPR) despite the fact it is now communicating with a smaller pool of consumers.
The business, which provides home emergency cover, uses a combination of legitimate interest and opt-in consent, depending on the type of marketing it is doing.
HomeServe’s core business model is based on “affinity partnerships”, so it works with water and energy companies that then introduce its products to their customers. It sends around 35 million pieces of direct marketing to these prospective customers each year and “relies very heavily on legitimate interest” to market to these people, said Richard Merrygold, group data protection officer at HomeServe.
However, as soon as a customer makes a purchase through a piece of direct marketing activity or if they go to its website, from then on it asks consumers to opt-in.
“We’re very explicit about that. We did a lot of testing and market research that actually showed while we were getting slightly decreased rates [of people opting-in], we now get 50% to 60% of people that buy something giving us opt-in consent where we used to get 80%, we’re actually getting a better return for our marketing activity,” he said, talking on a panel at a DMA event this morning (28 September).
HomeServe finds people are more receptive to and interested in what it is selling as a result, plus it is receiving fewer complaints and unsubscribe requests as people are expecting to receive communication from the brand.
We don’t communicate to people who don’t want to be communicated to.
Richard Merrygold, HomeServe
“The marketing guys have also calmed down; they’ve stopped shouting at me because they’ve realised they’re actually saving a bit of money and they’re more likely to talk to me,” he added.
There has been speculation that the legitimate interest rule could be restricted going forward if companies don’t use it properly. Merrygold said it’s incumbent on businesses to ensure they are acting with customers’ best interests in mind.
“For our business, when you’re out you’re out. There are no two ways about it. We don’t let anyone communicate to people who don’t want to be communicated to,” he said.
“It would be a great shame to restrict legitimate interest as far as direct marketing is concerned any further than it already is. It’s a self-regulatory issue so there could be some more improved guidance around it. We take a lot of time and care creating legitimate impact assessments for our partners to comfort them that what we’re doing we believe is fair.
Chris Combemale, the DMA’s CEO, reiterated that legitimate interest is “not a get out of jail free card”.
“It’s really important that legitimate impact assessments are done properly and honestly and the appropriate balancing tests are carried out to make sure it is appropriate and in-keeping with what you would expect,” he said.
“If companies are honest and do their legitimate impact assessments correctly then I don’t think there should be a need for that to be tightened up. But if companies start to use legitimate interest as a get out of jail free card and an exemption to the obligations of GDPR to the detriment of their customers then we would all expect the regulators and the legislators to look at tightening that over time.”
Consumer awareness of GDPR on the rise
Like HomeServe, rail ticket operator Trainline takes a mixed-model approach to GDPR using both opt-in and legitimate interest consent depending on the situation.
“We’re of the view that it depends on the customer’s interaction with us rather than actually just sticking to one legal basis,” said Rebecca Turner, head of compliance and privacy and data protection officer at Trainline, who was talking on the same panel.
“We’re very reliant on legitimate interest in terms of our transactional flow and through account registrations we have a consent methodology in place.”
She said public interest is particularly high at the moment and cited one customer who got in touch about the company’s use of legitimate interest at the check-out stage.
“He wrote to me and said ‘I thought this was supposed to be consent, I’m pretty sure I’m right’ and then wrote back to me very early the next morning and said ‘aha, I see you’re entirely correct and you’re using the soft option in a lovely way’. It was possibly one of the best emails I’ve ever had from a member of the public who had gone out, self-educated and formed their own opinion.”
A survey by the Information Commissioners’ Office (ICO) to understand how much the public trusts the way organisations store their data shows things have improved since last year. A third (34%) of people now say they have high trust and confidence, up from 21% in 2017. However, 37% still have low trust and confidence, only slightly down from 38% in 2017.
Steve Wood, deputy commissioner of policy at the ICO, described the increase in positive sentiment as “green shoots”, but said more must be done to improve people’s confidence.
A separate survey carried out by Marketing Week three months after GDPR came into force, shows 57% of people feel they have a better understanding of how companies use their personal data since the law was enforced.
However, just 27% believe their overall experience is better as a result of GDPR, with 8% suggesting things are actually worse. The majority of people surveyed (65%) feel the new law has made no difference at all to their user experience with brands.