Each year, Furniture News asks some of the UK’s top retailers to share their views on some of the most significant industry developments, and how these might impact their future. In an excerpt from our annual Year in Review special (which features in the January issue of Furniture News), we ask the panel's members for their thoughts on the General Data Protection Regulations, better known as GDPR …

On 25th May 2018, new European data regulations came into force (the General Data Protection Regulations, or GDPR) which aim to better protect individuals’ privacy and ramp up punishments for data leaks and abuse.

How did our panel react to the demands for compliance in the lead-up to the deadline, and what has been the subsequent impact on their marketing activities?

Mike Murray (Land of Beds): Something clearly needed to be done, and we support the spirit of the new GDPR regulations – however, good data management has always been high on our agenda, so 25th May was a case of business as usual for us.

It proved to be a much costlier exercise for a lot of small operators who had been relying on cookie notices rather than properly securing their data. The threat of new seven-figure fines had a scaremongering effect, which some people used as an opportunity to make a lot of money – offering advice on interpreting and implementing the often-confusing guidelines.

As the deadline approached, it felt a bit like we were being chased by PPI companies – we had ‘GDPR experts’ approaching us every day!

Steve Pickering (Sussex Beds): GDPR did put data and privacy to the forefront of discussion, and in the thought processes in our and many other businesses, prompting examination of how to store and handle the data we hold, and accessibility. And the conclusion from these discussions were changes to how we collect, store and obtain permission to use customer data, which were implemented.

I wouldn’t say I personally have noticed a significant change in the amount of unwanted spam since implementation, and shortly after and since there continues to be reports of data breaches.

Of course, with all legislation, ethical, honest businesses will work to improve and meet obligations, whereas there will always be those who trade without care or regard, who will flaunt the rules. I hope these less scrupulous businesses are rightly pulled up, but actually doubt the regulatory departments have the resources or inclination as their main targets will be bigger fish.

Steve Adams (MattressOnline.co.uk): GDPR was a very time-consuming and expensive exercise for us – it was not explained very clearly, and many of the guidelines were open to interpretation. It required us to change our checkout flow and create internal processes to deal with GDPR requests – not just in our own systems, but with our suppliers, who we need to share our customers’ data with.

It remains an ongoing challenge – at the simplest level, it makes it harder for us to communicate with our customers. To me it feels genuine businesses have been tarnished with the same brush as less reputable, spam-driven entities.

Peter Harding (Fairway Furniture): The GDPR regulations were really only an extension of the existing data protection laws, and as such, if your company was suitably compliant with those, the changeover was minor. In our case, we had always sought authority to market to our customer base, so we simply updated our privacy policy and carried on as we had before.

I think in hindsight it was an issue which was given far more credence by the media than perhaps it should have been, and, since the changes, I don’t think the average consumer has seen any real change, aside from a plethora of cookie prompts and digital marketing verification emails.

The biggest challenge for us has been ensuring that those suppliers we use that handle – for whatever reason – our customer data do so fully in accordance with the GDPR regulations.

Ross Beveridge (Archers Sleepcentre): GDPR’s anticipated arrival seemed to have everyone scrambling in an effort to be compliant, and having had an audit there were few changes to our processes required, with the majority of our data hosted externally by compliant companies.

I do think there was a wave of overreaction from many companies, and there was even a week or two where I received more opt-in/opt-out emails than invitations to claim back my PPI! I am happy to say it has resulted in a long-overdue reduction in spam for me personally.

Email marketing should really only be sent to willing participants anyway. I know I deleted more than I read. Now, when we market to signed-up individuals, there should in theory be a better ROI.

Read more feedback from our panel in the January issue of Furniture News.