The retail sector is embracing digital transformation, with the connected retail market expected to reach more than USD 50 billion by 2022 (Grand View Research).

An increasing number of personal data are used for customer intelligence, as well as production and supply chains optimization. IoT (Internetf of Things) is driving such growth, as smaller and more efficient retail spaces become “fulfillment centers”, with a wide usage of sensors that create unique customer experiences.

Within this context, an adequate data governance is fundamental, not only to manage risks, but also as a market differentiator.

The new European General Data Protection Regulation (“GDPR”, which will be applicable from 25 May 201) provides for a new accountability approach, whereby retailers will have to demonstrate compliance, among other things, with obligations to carry out data protection impact assessments and to implement data protection by design and by default. This implies that retailers now have to integrate the data governance process with appropriate safeguards, considering also personal data minimization and portability (including data generated through the connected devices). CRMs will have to ensure that all personal data are adequately collected, based on the consents provided by the data subject or the exemptions set out in the GDPR. Data breaches will have to be reported to national authorities (and in certain circumstances individuals), within 72 hours from the incident. Given that sanctions under the GDPR can reach up to 4% of the global annual turnover, retailers should also consider coverage through data and cyber-insurance policies.

In addition to the above, it should also be taken into account the new proposal from the EU Commission for an e-Privacy Regulation, which among other things will change the applicable rules regarding cookies, web preferences and online tracking. Although we are still at a preliminary stage, anticipating its requirements through an e-Privacy readiness exercise would allow retailers to operate with ease of mind with regard to the near future of regulation in the EU.

The digital transformation and the new connected technology environment can be fully optimized through clear understanding and compliance with legal requirements and when properly addressed will allow retailers to fully reap the benefits, with greater visibility in the marketplace and smoother customer experience.

More will follow, and of course join us on!