These retailers along with many others have been using e-receipts for a good while now. Some customers are happy about the practice – the benefits include easier organisation, plus the fact that it’s more environmentally friendly.
Others are less enthusiastic. Those with hard-to-spell names or weird email addresses might be more concerned about in-the-moment awkwardness rather than future convenience.
However, a much bigger reason for dissatisfaction towards e-receipts is uncertainty over how retailers hold and use this kind of data, with consumers also feeling greater pressure to give away data when asked face-to-face.
Dear retailers @Topshop @WarehouseUK (& others) please stop asking for personal details when buying or returning in store – no clear reason and no explicit consent for data. No understanding of how data stored, used & sold. #gdpr cc. @MartinSLewis
— Mike Ireland (@mikeireland100) May 17, 2018
Recently, of course, the situation surrounding email data has changed, with GDPR tightening the law around consent.
So, how do the new regulations impact e-receipts, and what does it mean for both customers and retailers? Let’s delve into it.
Before GDPR
Previously, one of the main reasons retailers used e-receipts was to help create a single view of the customer. By using an email address as an identifier, retailers could then track customer purchases across all channels – mobile, web, and in-store.
Secondly, and more pertinently, retailers could also use e-receipts as a means to send more than just proof of purchase. Before May 25th, it was common practice for retailers to include marketing messages in receipts, using them to also highlight product promotions, offers, and other brand material.
Mothercare is one retailer that commonly did this. In 2016, the Guardian explained how an e-receipt for the brand also included a request to complete an online survey, promotion for a Dutch buggy brand, and an invitation to download the Mothercare app.
Here is another example from Topshop, which includes links to its social media channels as well as a competition to win £250 or an iPad.
While this type of marketing is arguably innocuous, the arguments against it are amplified if retailers are to take consent for an e-receipt and use it as an opt-in for any old marketing emails – long after the initial purchase has been made.
The ICO was quite clear in a blog post from 2016:
“Retailers must understand it’s not enough to assume that because a customer has given their email address to receive an e-receipt that they are happy for it to be used for other purposes. Being transparent about the collection and use of data and giving customers informed choices over how their data will be used is key to ensuring compliance with the law and building trust.”
After GDPR
So, are retailers still using e-receipts post-GDPR? The answer is yes and the rules are largely the same, except GDPR has tightened up consent.
It’s even more important for consent to marketing to be separate from other services. So for example, if a customer enters a competition or downloads a whitepaper, or in this case, ask for an e-receipt – marketing should not just be thrown in for good measure. The GDPR states that personal data should be “collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.”
Consent must be unambiguous and the retailer must keep records of consent under the GDPR’s accountability principle.
There are obvious implications for training and customer service. Given the face-to-face aspect of this, some customers may find it difficult to say no to e-receipts.
I am well aware of this, however the e-receipt should be *offered* as you said rather than asked for in a way that sounds like it’s mandatory. Some people may feel pressured into giving it. I declined, and it felt like a confrontational move to do so. Poor customer service
— Rob Holte (@RobHolte) May 29, 2018
Interestingly, some retailers like Timberland are incentivising consent to email marketing by giving away free gifts (in this case socks for a pair of new shoes).
Bought a new pair of shoes at lunch. Got roped into giving away my email address in exchange for a free pair of socks. Free Socks > Endless Email Spam. #GDPR
— Lizzy Hillier (@lizzy_hillier) May 31, 2018
In this instance, Timberland used a privacy notice and form at the checkout to make sure it complies with privacy regulation. See ICO Guidance for detail on incentivising consent, which doesn’t always amount to a penalty for those that don’t consent, but may be seen as a grey area for some, especially when talking about free gifts as opposed to loyalty schemes.
Where’s the proof?
While opting-in to marketing emails is clear in an online capacity (requiring consumers to actively tick a box), the fact that e-receipts are issued in person makes the whole situation far more complicated.
If brands want to attempt to obtain consent for further use of email data (for marketing), it is up to retail employees to carefully and clearly obtain this.
This poses two problems. First, it is unlikely to be easy to do, especially considering customers don’t expect (or probably want) a confusing explanation about email data when they’re buying something. Second, it’s also going to be difficult to prove how and even if a customer did indeed offer their consent, without introducing notices and forms like Timberland.
As a result of the new regulation, we could see a marked change in the way e-receipts are used and indeed perceived by customers. With the danger of fines for retailers who are found to infringe the privacy rights of an individual, many might forget about obtaining additional consent at the point of purchase (and only use e-receipts for their original purpose) – or even perhaps just revert back to paper receipts entirely.
This is not necessarily great news for retailers, of course, with many now required to find new ways to track and target multi-channel customers as a result.
Note that this article represents the views of the author solely, and is not intended to constitute legal advice.
I don’t know if it’s changed.. but when I bought something from TopShop last year, I declined the offer of an online receipt because I was told my email address would be used for marketing. I was then told I could pay for a paper one. I declined to pay for it so left without a receipt. The sales assistant seemed surprised that I declined and I don’t know if this is company wide practice or the store going rogue but I wasn’t going to pay (£ or data) for a receipt.
@Dee. TopShop’s official position is “Happily, a Topshop spokeswoman has confirmed that there is no obligation to provide an email address and the retailer will continue to offer printed receipts”, but of course you are not a journalist from the MSM.
https://www.theguardian.com/money/2016/apr/10/topshop-receipt-email-address
But there is no legal right to get a receipt in the UK, unless you are buying on behalf of someone VAT registered, so TopShop can refuse you if they want.
Regarding the GDPR and e-receipts, shops have to bear in mind the principle of data minimisation, so any data except the minimum to send you the receipt (your email address or phone number but not both) seems unnecessary at first consideration.
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/principles/data-minimisation/
Great article @Nikki.
I do however think, early on, you conflate two separate issues: the tweet you quoted from Mike Ireland appears to me to be talking about a different concern: the ‘requirement’ from retailers to provide address details when returning a product. I’d actually not thought about that until now, but it would appear to be difficult to support that idea under GDPR.
As to the e-receipts question, it will be interesting to see whether the ICO take any action on this, given their blog post. It would seem more likely that retailers should either get explicit consent to use the data gathered or delete the email data once the receipt has been sent.
Personally I MUCH prefer an e-receipt, but accept that this might not be true for everyone.
Really interesting article Nikki.
For me, especially after my time at Jack Wills it’s a really interesting one and the ‘explicit’ opt in challenger is definitely a conundrum as the issue we also found we hit was not having the time to explain the ins and outs of eReceipts to a customer in peak periods when there was a long queue of customers.
I suspect that some companies may end up opting for some form of digital signature akin to when you sign for a Yodel or PDP package however for others they are unlikely to change a lot.
The other question for me is actually the legitimacy of using the data to build a single customer view as for me, as this isn’t made explicitly clear by any companies at present and I suspect if customers knew this was what it would be used for, it might cause a lot of them to choose against it.
It’a wonderful grey area akin to one we’re having some fun with at the moment in the way of self service ticket machines!
Definitely an interesting issue. But actually in terms of the process it is really obvious (to those with a customer mindset at least)
Retailer .. would you like your receipt emailed to you? Clear, time limited (one off!) and consent requesting.
Customer. “yes please”. For a one off, safely storable proof of purchase (hard, nay impossible, to get any sort of refund or warranty without one). But you should not have to say “but I don’t want any emails”!
The onus on the retailer is therefore to make the receipt or overall transaction so compelling that this then encourages loyalty. Loyalty driven by excellent customer service not by giving the customer something they may not want (many marketing messages). Well done Top Shop.
Marketers need to stop thinking “how else can i get and use data” and start thinking how do I encourage customers to have a transparent relationship with me.
@Paul – I agree on the email opt in it’s clear. I’d argue on the data opt in less so however while given the email being sent it for all intents and purposes operational, should it really include any content about anything other than the purchase…
@matt – absolutely a balance to be achieved. But as a marketer, why would you not want to give a “thank you for buying from us – if you want to do something more or give us feedback, here is how to contact us” message? As we’ve all seen, many many paper receipts now have a ‘give us your feedback’ section.
Importantly, whilst this core info is operational (important to give company name, website, VAT number etc), anything else definitely needs to be proportionate – but it is most certainly allowed.