Who would have thought that in 2023 it was still possible to get people talking about you (in a good way) thanks to the GDPR? Yet that’s just what Leto, a start-up I invited on my podcast, manages to do. Its ambition is to automate GDPR compliance for organizations. I interviewed its co-founder, Edouard Schlumberger, with whom I traced the genesis of this start-up, which features in the Challenges ranking of the 100 start-ups to follow in France. A great story shows that good market research is often synonymous with market success.
Privacy and GDPR: 3 figures to remember
- by 2023, an estimated 65% of the world’s population will have their data protected, compared with 10% in 2020
- +131% : the increase in the number of fines for breaches of the GDPR between 2020 (3,764 fines) and 2021 (8,698 fines)
- 87% of French people say they are sensitive to the issue of data protection
Respect for privacy: underlying trends
We have identified 3 underlying trends in terms of privacy and, more specifically, concerning the GDPR and its application.
The GDPR is no longer alone
Many laughed at the European Union’s desire to regulate data collection. With hindsight, we have to admit that it was necessary. Other countries and territories have followed suit, imitating what has been done in Europe. Examples include the United Kingdom and California.
As a result of this epidemic of virtue, the percentage of people worldwide protected by privacy regulations is set to rise. A Gartner research study estimated that the population protected by personal data protection regulations would rise from 10% in 2020 to 65 million in 2022.
Infringements are increasingly punished
During my research in 2020 on the effects of the GDPR, I noted that this new regulatory framework had mostly stayed the same in the behavior of Europeans. Complaints hadn’t increased. The situation has changed a little today, and national regulators have become more aggressive towards companies that don’t comply with the GDPR. We see an acceleration in checks and fines: 8698 fines in 2021 vs 3764 in 2020 in Europe).
Increased sensitivity to data protection
There is a growing public awareness of the issues surrounding protecting personal data. 87% of French people say they are sensitive to the issue of data protection. This can only increase the pressure on companies to comply.
Fines for breaches of the GDPR have risen from 3764 in 2020 to 8698 in 2021.
Added to this is the business challenge for companies to develop their activity by “showing a clean bill of health” in the context of calls for tender with key accounts. This, in turn, triggers a growing need to comply with regulations and maintain this compliance over the long term.
Leto hypothesizes that pressure from regulators is no longer concentrated solely on very large companies. Smaller companies are now heavily exposed. They don’t necessarily have in-house lawyers or the inclination to call in outside experts (lawyers). Instead, they want tools that automate compliance, making it less costly and time-consuming while guaranteeing the security of their business development.
The genesis of Leto
Leto began as a friendship between Edouard Schlumberger and Benjamin Lan Sun Luk. The two had already embarked on several ventures and found themselves working on a new project. As is often the case, an observation in the field triggered the desire to undertake and provide a solution.
Benjamin and Edouard had noticed a real need among companies to comply with the GDPR. Despite the obligation for all companies to comply with this regulation, they needed more tools and technology to simplify operational implementation. The word “ease” is central, as the GDPR is a “pain” (suffering) before being an opportunity for many companies. So, it was on this promise to simplify the job that Leto was born, a solution that automates GDPR compliance, reconciling simplicity, clarity, and efficiency. The aim is to make the subject of GDPR collaborative and automated.
During the idea’s “gestation” period, Leto’s future co-founders had to consider and develop a solution to meet companies’ GDPR compliance needs. They analyzed the challenges and stakes of the market and sought to propose a tool adapted to teams working on GDPR compliance within organizations. You’ll find this phase in our market research method, as it corresponds to the first 3 stages, during which the initial idea is put forward and then fine-tuned.
Validation through qualitative interviews
I can’t stress enough that market research is the key to ensuring the relevance of your business idea and increasing your chances of success. That’s exactly what Benjamin and Edouard have done, by meeting hundreds of players to compare their vision with the reality of the market. Through interviews with entrepreneurs, managers, experts, lawyers, DPOs… in large and small companies, they confirmed their intuition.
Only then was the first “MVP” – “Minimum Viable Product” – developed. This MVP was presented to the people we had previously met to confirm the selected use cases.
This type of market analysis fits perfectly with the Lean vision. It remains the most effective approach for identifying customers’ real pain points and focusing on what counts in terms of end-user benefits.
Lead generation: Leto’s tactics
Each development period has its lead generation method.
In the early months of development, outbound was a particularly effective method, emailing DPOs and executives. I’ve always been very skeptical about these email methods, but it’s clear that they work 👍
What I found interesting was how Leto’s prospecting methods have been enriched over time. After the start-up, Leto opened up other outbound acquisition channels:
- Google Ads
- LinkedIn Ads
- Facebook Ads
- Trade shows
Leto now also focuses on inbound. Edouard tells me that both approaches work for Leto and that leads are evenly split between the two.
Posted in Entrepreneurship.
