GDPR Effect: How Many Customers are Using Their Right to Be Forgotten?
Six months after GDPR took effect, how did it impact business? How many users used their right to be forgotten? And what these numbers actually mean? An Optimove research tells it all
A few months ago, while preparing for the new EU personal data protection regulations, GDPR, we stated that it holds a great opportunity for companies to improve their data protection and control, and put their new legitimate data to better use. At Optimove, we looked at GDPR not as an obstacle, but as an opportunity to improve. We believed from our own experience as customers – regulars on online shops, bank clients, travel agency users or slots players – that if personal information is put to good use, e.g.: contacting customers at the right time with the right message via the right channel, they will feel safe and comfortable sharing it.
Just a little over six months have passed since GDPR went into effect on May 25th 2018. So we wanted to use this landmark to check ourselves and see how customers really reacted. We focused on the data deletion right (the right to erasure), most commonly known as the right to be forgotten (art.17 GDPR) – the right every customer has to instruct a company to erase their personal data.
In the Low
We looked at data gathered from more than 250 million customers, both in the e-commerce and gaming verticals and from more than 150 European brands. We obviously checked EU customers, who are the ones impacted by GDPR. This is what we found:
- The overall number of customers asking for their right to be forgotten was extremely low. It’s about 1 in 285 customers in the eComm vertical, and 1 in 500 in the Gaming vertical.
- Customers from the Gaming vertical are less likely to activate their right to be forgotten, compared to the eCommerce vertical.
Most of the customers who asked to be erased from the data and forgotten by any given brand were customers with no monetary activity.
The graph below shows the distribution of customers who excluded themselves from companies’ records (in yellow), and those who did not act upon the right to be forgotten (in pink). We can see that 68% of all excluded customers have no real activity with their respective brand at all. It’s easy to say that customers with no monetary activity have higher chances to exclude themselves from a company’s database.
Money for Nothing?
We looked for customers who made the first transaction. From the graph below, we can see that most of the self-excluded customers are customers who contributed…well…less.
68% of the excluded customers are these who deposited or purchased less than €20 on average. Surprisingly, 1% of excluded customers made a transaction worth €100 or more. This can indicate a real missed opportunity – these are potential VIPs, and through better personalization, might have stayed and not churned.
The Excluded Persona
When we drilled down into the data, looking for–let’s face it–the fun parts of this research, we were a little disappointed to find out that there was no significant percentage difference between customers who used the right to be forgotten and customers who chose to not act upon it. The same was true when we sorted by age groups. From these two graphs below, we can learn that the distribution of customers who used their right to erasure is almost identical to those who didn’t act upon the new GDPR rules. Our initial thoughts that women would become more suspicious towards the use of their data, or that young people would use their right to be forgotten more because of their social involvement and awareness, were quickly overturned.
When we came to write the conclusion to this research, we felt a slight sense of letdown, looking at numbers and graphs that didn’t tell an exciting story at all. Yes, it seems like customers’ behavior like activity or monetary status can better explain customers’ probability to use the right to be forgotten, while gender and sex didn’t give much of a prediction of future likelihood to use Article 17.
But then we realized what we’ve been saying at Optimove from the beginning – way before GDPR was even approved. From our standpoint, protecting the customer has always been top priority. If a brand or a marketer misuses your data, using the right to be forgotten is your only option, and understandably so. But businesses that use data well will not be inundated by requests for erasure and will continue to provide high value to their customers. We were extremely pleased to see that Optimove’s clients enjoy a meaningful relationship with their customers, who choose to keep believing brands will put their personal data to good use.