Close this search box.

01788 815327

Case Study 4


In late 2016, we were tasked to overcome a problem for this national retailer that had been plaguing them for some time, the delivery of a new and sophisticated CRM system.

Limited by their own availability and appreciating that earlier efforts to overcome the issue had not paid dividends, we were appointed partly as a result of, “our meticulous attention to detail” and partly due to our appreciation of the client company’s business activities.

This project would need a high-level of attention, if it were finally to be resolved and it would require us to engage the full support from others within the company, each of whom would have various stakes in the project at some point of its evolution.


As a national retailer the client possessed a lot of customer and transactional data that ticked the volume, velocity and variety boxes for running queries about trends. Online and telephone orders provided information on brand purchases, sales values, distribution mapping, gender preferences, returns and email engagement. Retail tills were busy too (albeit capturing limited levels of insight) and we even had data being collected from store beacons and competitions as well as a breadth of data from approved partnerships and event venues. Clearly the system wouldn’t be restricted by these aspects, but it would be restricted by the veracity – the ability to stitch all this data together in a meaningful way. This was one of the biggest challenges as the customer needed confidence in the accuracy of the presented data whilst customer’s would;-

  • Sign-up for emails using one email address, then appear elsewhere in the system with another;
  • Family members living at the same address would each have separate levels of engagement but need segregating on title, forename;
  • Consumers could purchase product online in Exeter, then walk into a store in Manchester;
  • Others would request a catalogue at one address, then move to another property;
  • Some would purchase product for themselves in one size, then another size as a gift for a family member in the same order (but which was which?)

But aside from appreciating the data concerns, we’d also brought another issue to the attention of the client. A potentially greater threat that could cause untold financial damage and potentially risk the livelihoods of all the employees.

The new data protection regulations GDPR (General Data Protection Regulations) were also gathering pace and without due care and attention paid to this, anything we accomplished with the build or integration of a new system, had to make allowance for this.

This new set of consumer regulations would be imposed on all UK and European businesses (both in B2C, B2B and NFP) and would place the ownership and control of personal data back in the hands of the data subject. Gone would be the uncertainty of who ‘owned’ your data and ‘in’ would come the possibility of large fines if a firm got it wrong.

We now knew this was coming and had been aware of this development since late 2014, and whilst it had the potential to cause havoc, we saw this as good timing for the client, because it allowed for a much clearer vision of what was required from the new system.

Having that level of insight about adaptations to policy, regulation or any form of governance would not only help with the vision and expectation, but it would also help to agree the budgetary confines at the outset.

As well as developing a comprehensive brief, we’d also need to ascertain whether it would be more economically viable to integrate an ‘off-the-shelf’ solution or to build one from scratch. The new system which we’d refer to as ‘SMDb’ (Strategic Marketing Database) commenced with the compilation of a brief that would detail the sources of data, the volume of data available, the need to meticulously match consumer records. The previous iteration held hundreds of duplicates for some individuals, as each purchase became a new identity within the old system. A breakdown of tasks based on hierarchy, would allow us to approve the basic concept (Phase 1) before building out from there and subsequent phases would allow us to add our future expectations from the system giving us a maximum return on the investment.

With GDPR approaching, this meant that any system had to be ready and fully compliant with the new regulations in May 2018 (the predetermined release date for the regulations) as well as being able to portray an accurate position on the true numbers of customers (persona’s). We had to be able to demonstrate;-

  • Where customers purchased
  • What channels they engaged with
  • What brands they favoured
  • What average spend each made
  • Which branches attracted customers from further afield and a host of other questions

This gave us a mere 17 months, to complete the audit, compile the brief, undertake suitable research amongst potential suppliers, invite the shortlisted group to a ‘beauty parade’, qualify their presentations, agree budgets, make the selected appointment, build the system, test its functionality and robustness, and integrate it within the operations.

However, as the data requirements under GDPR were only just coming to light in early 2017, any partner would need to be able to provide some flexibility to adapt to changes in the reg’s made by the ICO and the Article 29 Working Committee (the independent European working party that dealt with issues relating to the protection of privacy and personal data).

Going with an off-the-shelf solution would place the responsibility for GDPR compliance at the hands of another and that would save time and provide further reassurance that the system would be ready for 25th May 2018. However, with the financial penalties being so large, this could introduce another level of risk and remove us from the very process we needed to take responsibility for complying with. The other downsides would be, that no matter what we learnt from the new system, competitors would be able to run similar, if not identical queries, thereby reducing our client’s competitive advantage. Of course, this meant a higher initial budget for a bespoke build, but one where the average cost spread over the usage period would reduce year-on-year and almost cease after being commissioned.

As the data commissioners released their requirements for GDPR, it was clear that any ‘data subject’ would have the potential to request to see (and transfer) any personal data stored on them for free, which also meant being able to compile all input sources into a single report and export it without fuss or delay and so meeting any SAR’s (Subject Access Requests) or RtbF’s (Right to be Forgotten) would be a key element for compliance whilst also creating a level of transparency and trust with the consumer.

As the project evolved and the dialogue between the final two shortlisted parties increased after a full review of the 30pp brief, it was clear that the favoured solution would be the remaining bespoke system provider left in the process. Final budgets and schedules were agreed, Purchase Orders were signed, and the build began as we continued to monitor any new outcomes from the regulations.

During the build process, which took approximately eight months, we held daily stand-up meetings to decide on the day’s tasks as well as highlighting any pitfalls from the previous day(s) that needed resolution on the client side. Most of these tended to relate to the developer gaining an understanding of specific elements within the data which we could rapidly overcome.

Besides the duplicates which had been a real bone of contention for some time, was the challenge of matching transactional data and stock movements to consumer purchases. Purchase data which had remained in one system (largely for use by the buying team) was soon to be matched to consumers wherever possible to provide added insight to the marketing and innovation function. Millions of historic transactions were no longer going to be dormant as long as we could prove that under GDPR we would minimise data retention at the point that it was no longer valid for purpose. This led to agreements being put in place that would, on a rolling basis, eradicate consumer data under pre-agreed conditions e.g., not opening an email within an ‘X’ month period despite not opting-out and not making an identifiable purchase within ‘Y’ years.

Rock Climber

The system was tested and commissioned for use at the beginning of May 2018 in a fully functional form, giving confidence to the board and Trustees, whilst providing confidence to the staff who could in-turn provide levels of transparency to customers, not previously seen.

From the point in which the system was commissioned additional features have been added to further improve its value. However, these were not undertaken with the primary system builder whose skills lay heavily in the development. The additional management reporting, analysis and export capabilities were added to through a new partner, thus protecting the client’s total investment. Additionally, the system code was regularly transferred to our escrow partner for risk insurance, should the worst with the system builder happen. Not only have we been an integral part of delivering on the project’s initial objectives, but we have successfully future-proofed the overall investment.

By continuing to use the site, you agree to the use of cookies - more information.

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.