Can your
trust you?

Do they? Will they, once they realize how you are using their data? And is your organization ready to take the necessary next step and become a partner in managing their data?

In the digital economy, companies know more about their customers than ever before. Manufacturers, retailers and platform companies are already unlocking the value of data by configuring quicker, easier, more personalized experiences to win, retain and build trust with customers. Yet this value will not endure if companies fail to understand what consumers think about their data, how it is used and who they should trust to protect it.

The old model, under which consumers effectively outsourced the handling of their data to a company as part of a transaction by clicking a key, is being rendered obsolete by rising public expectations and rising regulatory requirements, through such initiatives as the European Union’s General Data Protection Regulation (GDPR). GDPR has reinforced the view that privacy is a basic human right, which is increasingly being echoed by regulators elsewhere.

In this changing landscape, companies need to look beyond such concepts as permissions and consent, and recognize data privacy is far more than a compliance-led, box-ticking exercise. Data is an asset that, mishandled, can become a liability that damages a brand and destroys trust. Companies that use GDPR as a step in a journey to create a privacy-conscious culture are well placed to develop a data privacy strategy that gives them a competitive edge.

Manufacturers and retailers can acquire a more nuanced understanding of what a customer is happy to share in exchange for greater value, realize what constitutes value for an individual — it could be personalization, special offers, faster service or greater convenience — and appreciate how the consumer would prefer to be contacted and interact with the business.


of Indian consumers say they’re

very anxious about unauthorized

tracking of their online habits by

companies, governments or criminals


of Brazilian consumers have high

levels of anxiety about hacking of

financial, medical or other personal

information online

Click to view video 1

Growing regulatory attention

Customer engagement is likely to become even more challenging as regulatory scrutiny of data privacy, security and consumer transparency intensifies in Europe where companies are still coming to grips with GDPR, the US where California has put similar regulations in place, China which has recently passed its own data privacy law, and in other countries where governments are looking to protect consumers and impose harsher penalties for violations.

Recent KPMG International research indicates trust is one of the factors that distinguishes success from failure. As the cornerstone of an organization’s license to operate, trust reduces uncertainty and builds resilience, influences reputation, drives customer satisfaction and loyalty, and inspires employees, who can only deliver a great customer experience if they have a great experience with their employer.

Purchasing behavior

This process should also deepen their understanding of what customers regard as appropriate use of the data and, even more importantly, what they would consider inappropriate. KPMG’s Crossing the line survey of 7,000 consumers in 24 countries found that this issue is already affecting purchasing behavior. Some 55 percent said they had decided against buying an item because of privacy concerns, 66 percent were uncomfortable with smartphone and tablet apps using their personal data, and 75 percent were unhappy with their online shopping data being sold to third parties.

“Organizations that deliver the protection customers expect, and use the data to provide individualized attention, demonstrating knowledge of the consumer’s preferences and past interactions, can create an experience that just feels ‘right’, and secure the opportunity to become trusted custodians of an individual’s data,” says Mark Thompson, global privacy lead at KPMG in the UK.

Defining and delivering the appropriate degree of personalization remains a challenge. Of the 1,300 CEOs around the world who participated in KPMG’s annual CEO outlook research, 26 percent say their organization falls below their customers’ expectations for a “personalized” experience, while only 23 percent felt they currently exceeded those expectations.

For both individuals and companies to benefit from data, a number of steps are critical.

I try not to think much about it. Because I know that in the world that you can’t avoid [it] unless you go to the middle of the jungle and disconnect completely, you’re not able to be completely sure of your privacy. And so I try not to think much of it. I think it is bad. I don’t feel very comfortable but I think it’s inevitable. And there’s not much you can do to avoid it.

Marcy, 68, São Paulo, Brazil

I’m afraid that we have no privacy. If we don’t trade our personal data with a company or others, we can’t get more benefits, especially [if] those benefits are very important to us. Because we want to download lots of apps and make our life more convenient. And in that situation, you have to expose your private, personal data to those companies.

Angel, 52, Shanghai, China

Click to view video 2

Make permission clear and understood

Embrace transparency. Be direct, straightforward and up-front about the data you collect so customers know exactly what they’re agreeing to. Limit the legalese, eliminate the lengthy, illegible boilerplate text and aim to be as clear as you would be if you were trying to explain your policy to a 5-year-old child. At the moment, 57 percent of people globally do not read, or only skim through, privacy policies when entering websites.

Be specific about how you protect consumers’ data

Do so clearly, in detail and often. KPMG’s Crossing the line survey found that for consumers in France, Malaysia and Spain, the most effective way of gaining trust was to assure them your organization has strong cybersecurity systems to prevent data leakage and hacking. Consumers need to know how you assess data security and privacy risks, the controls you have in place to ensure compliance with relevant laws and regulations, and how you would cope with data breaches.

Manage your customers’ expectations

The more clearly you explain what a consumer can expect, whether it’s personalized offerings, access to trusted partners or, especially, when, how and if you would sell their data, the less likely it is consumers will be unpleasantly surprised in a way that erodes trust.

Be clear and consistent with third parties

If your organization collects or acquires data through third-party sources, or shares any data with partners or third parties, apply the same levels of transparency and remain privacy conscious. Be up-front with customers about where and how you acquire or share data and personal information, and demand any partner, supplier or third party at least meet your minimum standards and transparency levels. Be clear on where your responsibilities for data acquired from or shared with third parties begin and end, and communicate what you will and won’t do with it. Most importantly, respect the consumer and commit to unsubscribing them easily and quickly at a single request.

Be open when things go wrong

In the event of a breach of data or falling short of publicized policies, be up-front about it immediately, explain how you’re working to fix it and ensure it doesn’t happen again.

Win–win approach

Recent KPMG research reaffirms brands that offer an excellent customer experience regard their customers as assets who should be protected, nurtured and invested in. This is more than a lofty ideal; these efforts pay off on both sides of the relationship. As consumers become more empowered and informed, the organizations that have invested time and money in making customer centricity a reality are growing revenue and profits.

And customer centricity is only truly possible when the customer is understood holistically through the full set of forces that drive their behavior and choices. Exploring each of the Five Mys — my motivation, my attention, my connection, my watch and my wallet — as well as the shifting sands of life stages and pivotal life events, is the starting point in developing, personalizing and maintaining critical relationships with customers who trust you.



of consumers say they trust the

government with health data


of consumers say they’re very

anxious about identity theft

I’m not worried as long as these technologies, they’ve made my life easier. They’ve made things easier for me. Just normal day-to-day life experiences or life ... It’s easier, so I don’t worry about technology. I actually benefit from technology.

Abdullah, 24, Ontario, Canada