Supermarkets are adapting the strategy to adjust themselves to the GDPL

General Data Protection Law guarantees rights to the customer and supermarkets should take advantage to qualify its customer database

Super markets are increasingly more active in the digital environment, gathering essential data in order to make the purchasing experience as positive as possible to the customer. All information about each customer may become insights to the companies and more customized buying opportunities to the consumer.

The General Data Protection Law (GDPL) was created in 2018, to protect consumer data on the internet, and in order to prevent supermarket operations being surprised by application of these rules, the APAS Show Blog talked to Marcelo Fattori, partner at the law firm Germano de Lemos Advogados and expert in the GDPL. According to the professional, the law is about a compilation of rules on personal data protection and the retail needs to use data in order to develop Market Intelligence.

One of the main goals of the GDPL is showing managers that more quality on data collection is best for both company and customer. “The law stimulates the development of technologies and proposes a healthier environment for everyone. Not everything collected is actually needed. Collecting data by the false premise of the more data, the more assertive, could generate extra costs”, Fattori said.

Data X privacy

Despite the tools that allow an easier data collection, it is necessary a data hygiene based on the rules created to avoid abuse. “The possibility of having more and more information on the customer does not improve the business on its own. A strategy is needed to understand which the customer intentions with the supermarket are”, explained the lawyer expert in GDPL.

According to Fattori, the GDPL’s greatest contribution to the supermarket customer is more protection to their privacy and guaranteeing the constitutional right of providing data to whoever he or she wants to. “This law assures to the citizens the right of saying yes or no about providing their data, as well as tracing where their information are treated and if any company has shared these data with another company”, explained Fattori.


Although this law was created to contribute with the organizations’ operations, there are a few bottlenecks that supermarkets will have to solve as, for instance, the operations that guide the business model based on information on the customer. “That is not always the best option, since the GDPL gives the right to the customer to withdraw the use of their data, and it may have an impact on the operation”, the partner at Germano de Lemos Advogados, Marcelo Fattori, pointed out.

For him, supermarkets need to have a strategy to identify which are the data and understand the reason why they should have them, since each company has a reality of its own. “The adaptation to the GDPL should be done from top to bottom. Leaders should treat the General Data Protection Law with their associates as a continuous awareness, once it generates impacts such as property losses, heavy fines, in addition to compromise the company’s reputation”, the expert concluded.