Customer trust is vital, don't risk it

Arctic Spas, based in Thorsby, Alberta, Canada, manufactures, sells, and has an internal technical support team for spas. This is a simple enough concept in theory, but in practice, they have found themselves responsible for large amounts of customer data. On the one hand, this means they have rich possibilities when it comes to reporting and analytics. On the other, it means they have to be vigilant about their own security so that nothing accidentally exposes anyone's data.

In recent years, consumers have become more aware of privacy and security issues. Now more than ever, consumers want to know where their data is going.

According to Mike Sigvaldason, Factory Sales Representative for Arctic Spas, "we get a lot of questions about what we do with our customers' information. We don't ever sell information to other parties." This seems like a no brainer, but it has become increasingly obvious that it's not something customers can assume. After data sharing scandals such as Cambridge Analytica entered the mainstream, the conversation shifted. Consumers know what rights they believe they should have and they want to work with companies who respect that.

When it comes to customer data, Arctic Spas and Zoho share the same, firm stance: a customer's data belongs to that customer, and it's not ours to sell. For Sigvaldason, the issue was one that the company could never have ignored. Arctic Spas' database contains lots of lead records, and some of those records contain personal information. "The more information we have, the more we need it to not get hacked," said Sigvaldason. If there is a breach, not only is their customer data at risk, but so is Arctic Spas' reputation.

Considering all this, for Arctic Spas, privacy is always a part of the decision when it comes to who they will work with. "I don't feel comfortable with a company that would sell customer data," said Sigvaldason. In order for Arctic Spas to secure their customers' data, Zoho has to secure Arctic Spas' data. Because of Zoho's commitment to not selling our own customer's data, Arctic Spas can spend their energy worrying about their own data practices, and in turn, their customers' data.

As public concern over data privacy has grown, governments have begun regulating what corporations can and can't do with customer data. GDPR in Europe, CCPA in California, and CASL in Canada have all moved the needle on privacy. For business owners, even those who believe in those rights, this can lead to some concerns. Many businesses are going in blind trying to navigate these new laws and implement new processes and aren't sure where to start. But when Arctic Spas shifted processes to respect all of these regulations, they were able to rely on Zoho's infrastructure to set this up for them. "We didn't have to implement a policy, we could just turn it on," said Sigvaldason.

Though Zoho does not yet have functions in place to turn on CASL compliance, this was not a barrier for Arctic Spas. They were able to become compliant with a few custom functions in Zoho CRM. All of these measures that Zoho makes possible augment the efforts on Arctic Spas' side to ensure the safety of their data, and therefore their customers' private information. Their servers are all hosted in secure locations and their IT manager is very picky about measures in place and comes from a systems breaching background.

Because Zoho is built to take privacy as a necessity rather than an option, Arctic Spas can lean on Zoho's privacy and security functions rather than working alone to build it all up from scratch. And in a climate where customer trust is everything, this gives them every confidence to move forward and assure their customers nothing but the best.