If you’ve ever bought a product from a company you’ve probably been told the company is “customer-centric” or “customer-led” or something similar. Companies really want you to know they care about you and about your business with them.

Rarely, it seems, is that actually the case when it comes to your own data. I’ve lost track of the number of places I’ve had to fill in a raft of personal details over and over again in order to buy a product.

Why does a company need my home address when the product I’m buying is digital and will be delivered via the internet?

Why can’t I keep my credit card number or bank account number when I change providers?

Why is it always that the onus is on the customer, not the company to do all the leg work and fill in all the forms?

Even something as simple as getting a repeat prescription can be awkward, especially if you’re out of town or can’t remember where you last got your prescription filled. Yet surely all this information is held in a database somewhere for the companies involved to access – why do they need us to do it all for them again?

The problem is largely that retail transactions are set up to be individual, one-off activities yet we live in a world where repeat business is deemed to be good for sellers, and buyers are encouraged to be loyal to one or two providers. When I buy sushi I get my card stamped and every 10th visit is free. Same with my coffee. My grocery shopping involves a loyalty card because I get discount points when I use it and the data gathered helps the supermarket work out what shoppers really want.

But we customers are largely left out of the loop. We’re not the centre of these transactions or even empowered to benefit from them in any great detail – our data is the product in this case, and we are not seen as a customer but as a data point to be counted and filed away.

All that could change with the introduction of a “Consumer Data Rights” (CDR) model currently being investigated by the Ministry for Business, Innovation and Employment (MBIE).

The idea is that by giving New Zealanders greater control of their own data they should be able to use that to their advantage. It’s a concept already deployed in Europe, and Australia recently introduced its own version as well. It means customer data is finally given the respect it deserves and as a customer I have control over what it’s used for.

The concept incorporates principles from three existing laws – privacy, consumer rights and competition law – and means companies are held to account for their use of your data. It also means if you want to change providers, whether it’s swapping doctors or credit card companies, even insurance or banks, the data is yours to take and goes with you to the new provider.

The idea is that by allowing you to keep your own data with you, changing to a new provider should be a piece of cake and you won’t be locked in to an old provider who may or may not be able to meet your needs.

Take banking – you might want to swap to a new bank because of a better mortgage rate or because they have more useable apps, but the idea of having to get a new account number, new credit cards, change direct debits undertake that massive lift and shift operation usually stops most people in their tracks. They miss out on better interest rates or reduced fees because they can’t migrate easily. Give them the power to keep their numbers and identifies and suddenly it’s child’s play.

The mobile phone industry had to go through this a few years back. It seems odd to think of it now, but in the old days you couldn’t keep your phone number when you swapped providers. Vodafone customers were easy to spot as they used 021 as their prefix: Telecom was 027 and TelstraClear 029. Back then changing providers meant a new number, so for small business owners the barrier to migration was very high. You had to reprint business cards, get the website changed, update your customer records, hope your customers updated theirs and so on.

Today, you can change providers and nobody knows or cares which network you’re using.

That’s the aim for the wider CDR review. Customers would get to decide which provider they want to use, the providers just have to figure out how to identify the customers and share data safely.

Banks would need a new system to handle account numbers that may have migrated. Doctors and hospitals would need to ensure all patient data is available (but still protected) when needed in another location and so on.

It’s not rocket science, but it does require a fundamental change to the way many companies treat customers and their information. But if they are as customer-centric as they say, they should leap at the chance.