Insurers want to personalise their offerings - GDPR says otherwise

What can and can't be collected under the new laws?

Insurers want to personalise their offerings - GDPR says otherwise

Motor & Fleet

By Lucy Hook

Customers today want a smoother, easier, more personalised experience – that’s advice the industry has heard time and time again. But in today’s General Data Protection Regulation (GDPR) world, collecting personal data can be something of a minefield.

In a market of expensive motor premiums, many UK drivers have turned to telematics, agreeing to have their behaviour behind the wheel monitored in exchange for a better deal.

But the necessary collection of data by insurers is somewhat at odds with new data protection laws under the GDPR, according to a tech firm that works with a number of industry players.

“There is an inherent tension between the marketing trend in which insurance companies and Original Equipment Manufacturers (OEMs) want to learn more about the customer and deliver personalised services, and what that entails in terms of consent and only taking in the bare minimum of data needed to deliver that service,” Jacob Hasson, EVP and head of global sales for Scope Technology, told Insurance Business.

When it comes to telematics, the data collected is very personalised – whether that’s a customer email address, phone number, location, or driving behaviours such as speed.

“The telematics and connected car proposition, and other value-added services that we see insurers launching, are very tailored to your lifestyle. They understand who you are, and they are able to offer you some kind of personalised experience,” said Hasson.

But under strict new GDPR laws, which have brought in potential maximum fines of up to €20 million (£17.4 million), or 4% of annual turnover for non-compliance, insurers must take care to collect only the data that they need, and with explicit customer consent.

Under the regulation, the personalised experience that insurers want to give their policyholders has become more difficult to navigate, and each new product or service must be looked at through a GDPR-lens right from early development.

“By definition, insurers need to collect as little information as they can to provide that service,” Hasson said.

But while businesses are seeing their data collection desires hemmed in, it seems that customers – in the insurance realm, at least – are happy to serve up their data for a good deal.

A recent survey found that 44% of customers would be happy for insurance providers to use third-party data from the likes of Facebook, or collect data about them from smart home devices and health monitoring apps, to potentially personalise their service and lower premiums. The younger generations were even more keen, with 62% of 18- to 34-year-olds open to the concept.

By contrast, it has been suggested that insurers could face an onslaught of information requests under the GDPR, which gives consumers the right to ask organisations what data is held on them and enhanced rights to have that data deleted.



Keep up with the latest news and events

Join our mailing list, it’s free!