How to Manage Customer Data Privacy in CRM Solutions

Customer Relationship Management software is increasingly being adopted by companies today. In a recent survey of 96 international firms by the Conference Board, fifty-two (52) percent reported of having implemented a CRM solution. The top reasons cited for this were to increase customer retention or loyalty (94%), to be decisive in response to competitive pressure (77%) and to differentiate themselves from their competition based on superior customer service (73%).
The ability to capture and capitalize on customer activities and experiences and in turn distributing customer information is a fundamental function of a CRM software. The question which arises based on this distribution is how the customers’ privacy is maintained and how much does the customer know or understand about the information being collected.

Where is customer information coming from?
The primary sources for information that is fed into the CRM software are customer service inquiries, customer surveys and sales force input. Of the firms interviewed by the Conference Board, over half reported that the data analyzed came from both internal and external sources. Sixty two (62) percent reported capturing data at the point of sale and then using this data to profile existing customers and prospect new customers.

What information is being collected?
While collected information may vary along business lines, the general profile collated includes:
  • Name – so communications can be personalized 
  • Contact details – address, telephone 
  • Profile – age, gender, household or business income 
  • Transaction history – what is the customer’s spending profile 
  • Communication history – has the customer ever contacted the firm and in what context – compliment or complaint 
  • Payment history – does the customer pay on time or fall in arrears
This information, while essential for the analysis of customers, needs to be considered within the confidentiality of the customer base.

Can privacy be maintained?
Consumer fears about privacy are a threat to any company’s CRM system. This is especially true for those firms engaged in any type of e-commerce. Of the firms interviewed by the Conference Board over half claimed to use “permission based marketing” where they have requested and received permission from the customer to contact and make product offers to them. Less than half reported communication of their privacy policy to their customers and less than one third had revised their privacy policies based on the new technology available.

It is critical to maintaining the customer relationship that the information collected is not misused. Privacy consultant, Jeff Tomes has outlined five basic privacy guidelines which should be incorporated into all company privacy policies as they relate to Customer Relationship Management:
  • Tell customers you are collecting information 
  • Tell customers what you will use the information for 
  • Give customers the ability to opt out of collection 
  • Allow customers to access their profiles upon request 
  • Alert customers from time-to-time of new threats and the best practices to tacke them 
  • Inform the customers of the risks involved 
  • Keep your data in the most secured infrastructure environment 
  • Sign strict NDAs with internal stakeholders on information sharing 
By following these guidelines there is an assurance to customers that their privacy is important to your company. Explain the information gathered is treated respectfully and that by gathering this information there will be the ability for the company to offer the customer greater value in return.

Privacy Laws and CRM
Companies must be aware of and comply with not only the privacy laws of the country in which they are located but of the countries in which they do business. Staying in compliance with a mass of privacy laws is difficult for even the most sophisticated and dedicated CRM based companies. It is essential, therefore, that a company research and understand the privacy laws of all countries it does business with or plans to do business in at a future date.

Interestingly, to facilitate growing concerns for the security of customer information, CRM systems enable administrators to control employee access to customer data through user and organizational level security settings that can specify I.P. addresses or locations for logging-in to the CRM software. Several CRM tools are also used to specify sharing rules for records, set visibility for files, customize page layouts and assign read/ write access to critical information. These precautions ensure an organization's existing customer data is secure and keeps growing without fears of misuse of critical information.