With GDPR coming into effect in May 2018, the General Data Protection Regulation is set to have profound implications on the way companies in the EU use online data. In particular, this will impact the number of online companies and comparison websites that offer loans, finance and insurance and how they use customer information. Below, we explain some of the main things that your online finance site can do to be GDPR compliant.
If you are asking for customer details, whether through a contact form or application, there needs to be a clear tick box at the end. The box must not be ticked already, as the user must manually opt-in.
Ultimately, it needs to be clear to the user what you are going to do with their information. A visitor on your website should not simply fill in their details and be unsure of the next step, they should have clear information on what to expect.
Prior to the GDPR launch date, website owners of all industries including schools and hospitals, were required to send an email to their database and ask if customers would like to continue receiving their email newsletters. No response to this email would mean that you are automatically unsubscribed which has been welcomed by most email users, but has resulted in a huge loss of database for a lot of companies.
Moving forward, all websites, including loan and insurance providers must have a clear opt-in for email marketing purposes and only send out newsletters to those that have opted-in. Whilst marketing to customers that hadn’t necessarily approved their details might have previously been overlooked, the GDPR now strongly enforces this or prosecutors can be fined.
Storing of Data
The EU reforms insists that all data held by finance companies should be held on servers in the EU. In addition, all data must be held in a secure environment and this can be reinforced through the purchasing of secure servers and adding an https protocol on the company website.
Capture Forms vs Comparison Tables
For online lead generators and broker sites, the role of capture forms runs increased risks with being GDPR complaint. A capture form is typically used to request a call-back or personal quote. To be GDPR compliant, there must be a clear tick box and the customer should have a clear understanding of what to expect once they fill in their details. A strong thank you page can reinforce what you are doing i.e ‘your enquiry will be now redirected to **this company**’ or ‘thank you for your details, you will not receive a phone call from our team.’
Using comparison tables is a very simple way to be GDPR complaint because you are not taking in any data. This is the method of several websites such as Money.co.uk, Finance.co.uk and All The Lenders who offer a clear table of payday loans. It follows the GDPR philosophy because the website is not taking in any data and the customer knows exactly where they are going to. Once the customer has clicked on the lender or insurer of their choice, it is down to the provider to fulfil all the requirements above to be a GDPR champion.