3 Lessons Learned From Gymshark's Approach To Customer Data Privacy
If you're a fitness enthusiast, a Shopify merchant (or both!), then you've almost certainly heard the name Gymshark before. They're one of the most recognizable Shopify Plus success stories – a classic tale of a brand that rapidly picked up the pace, re-platforming out necessity to allow continued growth. In 2019 alone, Gymshark made sales of £175.2 million with a profit of £18.6 million.
Gymshark is known for their form-fitting fitness apparel, savvy social media presence and exemplary customer service. And this attention to detail extends to privacy.
Breaking Down Gymshark's Privacy Approach
Gymshark provides a privacy notice for no less than three separate audiences. Let's take a look at each of them:
- Customer, App, Marketing, Promotions, Events and Social Media Privacy Notice
- CCTV and Access Control Privacy Notice
- Rest of the World Privacy Notice
The first applies to anyone who has bought items from their Website, events or pop-up stores, used their apps, received marketing emails, entered promotional competitions, attended their events or interacted with the brand over social media.
The second pertains to visits to the brand's premises or events. And the third – that's a catchall for just about everyone else.
You might be thinking, wow, this is excessive—why? We're not surprised as Gymshark is headquartered in the UK; they fall under the privacy legislation GDPR (General Data Protection Regulation.) The fines associated with a privacy risk can range into the thousands, putting a significant strain on brands of any size.
So, when it comes to best practices surrounding your customers' data privacy, what can you learn from Gymshark?
Know Your Audience & Make It Personal
Gymshark interacts with its audience in a number of different ways. As a digitally native DTC eCommerce brand, most of this interaction occurs online. Still, increasingly Gymshark have leveraged "IRL" activations such as pop-up shops. They've recognized the importance of keeping their privacy policies up to date when it comes to the varying way they connect with the public.
As well as having a large staff, Gymshark is also known to make great use of influencer marketing, and this strategy often leads to headquarter visits and hosted events. As they can reasonably expect an above-average level of non-employees being present on their premises; as a result, it's great to see that they've reflected this is a clear CCTV and Access Control Privacy Notice, specifically targeted at employees and their visitors.
- Key Takeaway: As with any form of written communication, keeping your audience at the heart of things is key. The information you provide should be clear, relatable and relevant to the full range of ways your brand interacts with its audience.
Make it Easy to Reference
Part of Gymshark's success lies in the huge amount of effort they put into connecting with their audience, on and offline. Working with a wide range of customers, clients, and influencers across digital and offline environments means equally diverse requirements for privacy.
Gymshark's carefully segmented policy speaks directly to each audience, clearly telling them which section will be relevant to their situation. Clear calls to action and hyperlinks make navigation very intuitive, for example:
- have bought something from our Website or at one of our events or pop-up stores
- use any of our Apps
- have signed up to receive marketing emails from us
- have entered any of our promotions/competitions
- attended any of our events
- interact with us on social media
- Key Takeaway: Consider the presentation of your policy page. If you're going into detail or creating separate sections to deal with different audience segments, then go the extra mile to create a layout that keeps things separated and less offputting.
Make it Easy to Print or Download
Gymshark provides each of its privacy notices as well-designed and branded PDFs. As a result of presenting each policy in this format, it's very easy for individuals to save and print the documentation.
This might be required for several reasons, especially as many find larger, longer documents challenging to read and annotate in a digital format. By facilitating the ability to download and print their policies, Gymshark removes barriers to full exploration and discovery of their privacy policies.