Liquid Barcodes


What Must Convenience Retailers Do to Ensure their Customer Program is GDPR Compliant

Mads Moerk, CFO Liquid Barcodes


This article was originally published in Global Convenience Store Focus.

The EU’s new General Data Protection Regulation (GDPR) legislation on data protection and privacy comes into force in less than 7 months in May 2018 and has a wide range of consequences for all retailers, especially concerning the customer data they collect. In this special feature, as Liquid Barcodes CFO & DPO Mads Mørk explains, retailers collecting data will be ‘data controllers’ under GDPR. And this means increased responsibilities for our industry.

By Mads Mørk, CFO & DPO, Liquid Barcodes

What must convenience retailers do to ensure their customer program is GDPR compliant? If you are a CEO, there are 9 questions on GDPR you should ask your marketing, legal, and IT team.

What personal data do we possess?

Getting an overview of what personal data is in your possession is probably the best place to start your work on GDPR compliance. In GDPR terminology, personal data is defined as any information relating to an identified or identifiable natural person. This is a broad definition. Hence, a wide range of customer data should be considered personal data. Identification of a person can be indirect. The GDPR lists a range of data that can identify persons. Of special interest to retailers are location data. For example, if customers leave a trail at the POS, your transaction data should be treated as personal data because the data can reveal the location of customers at specific times.

Can we avoid collecting sensitive personal data?

Sensitive personal data is treated more strictly under GDPR than personal data. Sensitive data is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and data concerning health or sexuality. If you can avoid having such data in your possession, it will be easier to be GDPR compliant.

How do we use pseudonymization and encryption to increase data security?

The trend of collecting and storing ever more customer data poses a challenge in the context of GDPR. The GDPR requires you to have full control of access to and integrity of your data. Pseudonymization and encryption are tools to alleviate these problems. Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information. For example, replacing customers’ phone numbers on the above mentioned receipt data with a random user ID. Encryption renders data unreadable without the encryption key. We advise you to pseudonomize all customer data except for modules that handle direct communication with customers. For example, the part of your system sending SMS to customers needs phone numbers, but the module handling statistics most likely does not. Databases that contain data which can directly identify customers, for example member profile data with phone numbers, and databases with large amounts of data, such as an archive with pseudonymized data, should be encrypted.

What about our suppliers – are they on track with GDPR?

As data controller, you are responsible for data also in the possession of your suppliers, or Data processors in GDPR terminology. You need to list all suppliers in your privacy policy. You should review your data processor agreements. You must also approve your suppliers’ sub-suppliers before they can begin to process your data.

Do we have an efficient system for handling rights of data subjects?

The rights of Data subjects are more extensive under GDPR. The GDPR also requires you to answer requests from Data subjects within 1 month (extension possible in certain cases). Retailers should aim to give all necessary information to Data subjects through ‘My page’ solutions behind secure log in mechanisms.

Have we recorded active consents from all registered customers?

Consent is the primary legal basis for handling personal data for retailers. Under GDPR, consent must be active and consent texts must use clear and plain language. You must record consents so that you can prove that active consent has been given. Extra attention is placed on communication towards children (13-16 years, depending on member state). We advise to put age limits on signing up to avoid communicating towards children.

Be aware that activities involving automatic profiling of customers and geo location data require specific consents in addition to the main customer consent.

Does our privacy policy give the necessary flexibility in our marketing activities?

Since consent regulations have become stricter, it is more important than ever to ensure that your privacy policies cover the activities you are most likely to do. For example, make sure to collect consent to send marketing SMS and emails, with opt out option, even if you collect phone numbers or emails through your app.

Privacy policies will become an arena where you can demonstrate your seriousness in dealing with data protection and privacy, while using language in line with your brand image. Take that opportunity.

What is our process for handling data breach incidents?

Data breach is an incident leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. In case of data breach incidents, you may be required to inform your supervisory authority and your customers. There is a list of criteria specifying when you need to disclose data breach incidents.

However, your suppliers, the Data processors, should always inform you about data breach incidents.

How do we train our organisation on GDPR to ensure continuous compliance?

GDPR places great emphasis on data security and the legal basis for your communication towards customers. In practice, employees in many different departments, such as marketing and IT, will be responsible for implementing and complying with these regulations.

Therefore, it is vital that you establish training schemes to teach GDPR to the organisation. For example, the IT department must ensure that new development tasks are compliant with GDPR. Do we collect new information? Do we store data in a new way? The marketing team must know when to tread carefully when discussing new campaign ideas. Is this activity covered by our existing privacy policy? Do we need automatic profiling or geo location consent?

Disclaimer: this article is not meant as legal advice. You must seek advice from your legal advisors to ensure complete compliance with GDPR as this can vary from company to company.

Find here more information about GDPR and privacy protection.

Blog post

Lessons in Loyalty: Customer Connection Cycle

The Liquid Barcodes Customer Connection Cycle Explains Six Key Components to Operating a Successful Loyalty Program

Blog post

Lessons in Loyalty: Easy, Empowering, and Engaging 

Invite higher sales with a loyalty program that is easy, empowering, and engaging.

Blog post

Lessons in Loyalty: Clear, Compelling and Consistant Programming

Engage customers with a compelling loyalty program that is clear, compelling, and consistent.

Blog post

Liquid Barcodes: Elevating Retail Experiences

Liquid Barcodes is a proud partner to global retailers using revolutionary technology to increase sales and grow customer engagement.

Blog post

Unlock Customer Loyalty: Choosing the Right Rewards Program for Your Business Goals

Loyalty reward programs attract new customers, keep them coming back, and increase sales, and can be tailored to meet specific goals.

Blog post

Increasing Customer Engagement With Loyalty Programs

From basic discounts, points, and perks, to more advanced strategies like subscriptions and mobile payments, loyalty programs allow retailers to compete in today’s fast-paced retail landscape.

Blog post

Liquid Barcodes Connects at 2023 NACS Show

Liquid Barcodes exhibits at the 2023 NACS Show showcasing its app-based loyalty, subscription, and payment solutions.

Blog post

The Refreshing Perks of Beverage Subscription Programs 

Beverage subscription programs offer convenience retailers the benefits of enhanced customer loyalty, a predictable revenue stream, customer data, and a competitive edge.

Blog post

FastLane Sees Success with Monthly Subscription Car and Truck Wash Program

FastLane becomes the newest retailer to join the subscription economy by offering monthly subscriptions for car and truck washing.

Blog post

Beverage Subscriptions Improve Foodservice Sales

Implementing a beverage subscription program will boost customer spending on foodservice items.  Consumers visit convenience stores to do three main things: get gas, use the restroom and buy a drink. As prepared food becomes the norm in convenience stores, give your customers an offer they can’t resist with a beverage subscription program.

Blog post

An Introduction to Subscription Programs

Subscription programs ensure recurring revenue by recruiting customers and enhancing the overall foodservice offer Subscription is a big buzzword referring to any recurring or prepaid program that is delivered or available on a regular basis. 

Blog post

Circle K Norway Wins NACS Convenience Retail Technology Award 

Circle K Norway wins the prestigious NACS award for technology innovations, including car wash subscription program powered by Liquid Barcodes. NACS awarded Circle K Norway’s leaders with the NACS Convenience Retail Technology Award at this week’s NACS Convenience Summit Europe in Dublin.

Blog post

Maxol Wins Customers and Awards With Loyalty App

Irish retailer Maxol celebrates a year of success with their award-winning loyalty app. Maxol’s loyalty app has been rewarded for excellence with the prestigious “2023 Loyalty Launch of the Year ” award at this year’s Irish Loyalty & CX Awards.

Blog post

Sunshine Gasoline Leads Industry in Technology Adoption

Florida retailer Sunshine Gasoline leads the U.S. convenience industry with app solutions for customer convenience and loyalty.

Blog post

What Is C-StorePay?

Liquid Barcodes’ proprietary C-StorePay makes paying for fuel, in-store merchandise, and subscription programs convenient for customers, reduces credit card fees for retailers, and integrates easily into existing loyalty programs Announced in October 2022, the revolutionary Liquid Barcodes C-StorePay product rose to the top of retailers’ 2022 wish lists at the NACS Show, even achieving a […]

Blog post

Save Thousands in Credit Card Fees With ACH

Visa and Mastercard announced an increase in interchange fees earlier in the year and retailers are taking action and sending a message by migrating their customers to new solutions, including mobile app-based ACH payments, and in the process increasing profits by not only reducing credit card fees but also boosting loyalty via innovative app-based incentive […]

Liquid Barcodes

Put a rocket under your loyalty program

With our loyalty platform, we help design and operate world-class, tailor-made subscription and reward programs that make sure your customers always come back.

Book a Demo →

We are trusted by global brands.

Convenience retailers all over the world have engaged and rewarded consumers with our tailor-made loyalty programs.

To our case studies →

Liquid Barcodes
Liquid Barcodes
Liquid Barcodes
Liquid Barcodes

Convenience retailers all over the world have engaged and rewarded consumers with our tailor-made loyalty programs.

To our case studies →

Liquid Barcodes
Liquid Barcodes
Liquid Barcodes
Liquid Barcodes

Situs Judi Togel Slot Online Terpercaya Indonesia

slot pulsa

situs judi slot online

togel slot casino online

istana slot online


Situs Judi Slot Deposit Pulsa

judi slot gacor terpercaya

istana slot

istana slot situs slot


judi slot online gacor

judi slot online gacor

slot deposit pulsa

istanaimpian slot online

agen togel casino

judi live casino

agen togel casino


uno prediksi

prediksi togel istanaimpian

slot online gacor 2023

raja situs judi slot

slot online terbaik 2023

Daftar Slot Online Gacor 2023

Situs Judi Slot Demo Pragmatic

slot deposit dana Terbaru 2023


slot dana
istana slot
Situs Togel Toto 4D