Written by Adrienne Kohler
Privacy Matters
Privacy laws and customer data best practice
Would you trust the organisation you work for with your personal details? If you can confidently say yes, that's great, but if you have even a moment of doubt then you and your team should review your privacy policies and procedures.

It's not easy. Business are operating in paradoxical times. Consumers increasingly expect services to be individualised while being reluctant to divulge personal information. You need to collect marketing data to drive your business objectives and connect with new customers.

So what's the solution? Quite simply - trust. You want your current and potential customers to trust that your business won't abuse the personal information they have given you and that it will be securely held. Moreover, consumers have a good reason to be nervous with numerous hacks of companies' systems, many of them large corporates, seeing sensitive data stolen and sold to the highest bidder or dumped online. It is also a legal requirement as Australia and New Zealand have strict privacy laws.

So how do you build this trust? By ensuring your teams fully understand how to collect, process and store personal information.

Often in large corporations one hand doesn't know what the other is doing. Information is combined centrally and if a CRM doesn't record what consumers have consented to you may be breaking the law if you use their personal information for other purposes.

The definition of personal information is broader than most people realise and includes any information, even anonymous, that has the potential to be linked back to an individual.

Perhaps the most glaring example of this is was when Target in the US analysed shopping data and send a mailer to a teenage girl based on her shopping habits. It was opened by her father, who was outraged that his daughter was being sent information about baby products only to discover she was, in fact, pregnant.
The legal stuff
New Zealand and Australia privacy laws operate under the same general principles:

  • You must tell people you are collecting their personal information
  • You must obtain their consent for it to be collected
  • You must tell them how it will be used and for what purpose
  • You must ensure that it is stored and deleted in a secure and safe manner
  • You must inform people if you are going to change the way the information is being used
  • You cannot use it for another purpose then the one they have consented to

In New Zealand, all companies have to abide by the Privacy act, but in Australia only businesses with an annual turnover of $3 million or more have to comply.
Collecting personal information
First up, keep it simple! Your business objective, such as building an email list or running a marketing campaign, will drive the amount of personal information you need to collect. Don't collect more than you need. The more you ask for, the more likely it is that people will refuse to give it UNLESS they clearly understand what it is for.
By entering your details you consent for your photo to be sent to you via email and SMS. You also consent for your photo to be displayed in an COMPANY live gallery. You also give permission for COMPANY to use your photo on any other social channels or marketing collateral. COMPANY will receive your email address and may contact you with relevant marketing communications. You can unsubscribe at any time. This App is running on the Interlike engine (interlikeapp.com), see Interlike Terms of Use here.
Remember you have to securely store this information, so make sure your data capture and storage systems are up to the task. The best way to lose customers and harm your business reputation is by having data hacked or stolen.

We cannot stress this enough – GOOD PRIVACY IS GOOD BUSINESS.
Privacy officer
In New Zealand, you must have a privacy officer if your company is collecting any personal information, but in Australia it's recommended but not compulsory.
You can find more information about what a privacy officer does here.

In both countries privacy policy must be:

  • tailored to reflect your business
  • updated regularly
  • clearly expressed in a way that is easy for consumers to understand, that is, not in legal jargon

Both the New Zealand and Australian privacy commissions have extensive guides for developing privacy policy. This MUST be in place before your organisation starts gathering personal information.

Great, you have your legal requirements sorted, and the marketing team is staging an event where they plan to collect the personal information of potential clients.

How are they going to do this?
The guiding principal is fair and informed consent. Information must be collected in a way that is fair – that they know it is being collected, that they are given options to opt in and out, and that they are fully informed about what you intend to use the information for.

When developing the wording for a consent form, don't make it too broad as it increases the chances that people will refuse. Ask for consent and clearly explain what the information will be used for.
What next?
Hopefully you have collected all the information you need and entered it into a secure CRM system. You must provide people with an easy way to access their information, update it or to 'opt-out' of receiving further communication.

If someone asks for access to their personal information, or asks for it to be deleted, do it promptly. Or even better - use a system that will update automatically.
Privacy cheat sheet. Check that you have:
  • Posted a link to an easily viewed and robust privacy policy?
  • Told people you are collecting their personal information?
  • Obtained their consent for it to be collected?
  • Told them how it will be used and for what purpose?
  • Planned how to store it securely?
  • Provided an easy access to update and unsubscribe options?
One place with all the official information related to privacy:

  • In New Zealand - Office of the Privacy Commissioner website
  • In Australia - Office of the Australian Information Commissioner website
Get in touch
We're here to help you and answer any questions you may have about using Interlike's unique brand growth, lead generation and retargeting tools. Call us on +64 9 3604026 or book a free discovery session here. Our success experts are always up for a good chat and a coffee.
Other stories you might like

Sign up to receive news, tips and insights to create meaningful conversations with your customers