Let’s be real. Until Europe’s 2018 General Data Protection Regulation (GDPR), data and internet privacy policies haven’t been on any US company’s radar since they were first written other than to update to address the ever-changing digital landscape. Now that the California Consumer Privacy Act (CCPA) is in place, things have just hit a new level. It’s clear more legislation will follow. Which means others will be dictating how companies can communicate with their base of leads and prospects if marketers do not lead this conversation. Marketers need to be at the forefront of the discussions within their organizations about a comprehensive privacy strategy. They also need to proactively enact their own privacy principles and guidelines to stay one-step ahead of any regulation.
Customer Data is a Competitive Advantage
From enhancing product design to influencing marketing communication approaches, customer data is invaluable to the growth of many companies. It can be the unique differentiator for them. In a Harvard Business Review Analytics Services Survey, August 2017 stated companies believed big data analytics (95%) and data-driven marketing and customer tracking (87%) among other things would be critical in their long-term business growth. Companies are now realizing a comprehensive privacy strategy could be a crucial component to ensuring that this competitive advantage continues to be in existence, and could help improve business performance as well. According to a Forrester commissioned IBM report, 36% of organizations expect a holistic privacy strategy to drive improved customer retention, while 35% say they expect it to support revenue growth.
How can organizations expect this competitive advantage to last if they do not establish a clear line of trust and transparency with prospects and customers?
Build Trust to Drive Growth
A Pew Research article covered how people know when they visit a website, information about them is collected. Some consumers are even willing (especially millennials) to share data about themselves if they get a better brand experience. However, as part of what I call the “sharing community”, we as marketers must take proactive steps to data privacy. To me, this is the only way to build trust with prospects and customers so they come, stay and refer often.
Here 3 things as marketers we can do to elevate our efforts to be a responsible customer steward and support a thriving business at the same time.
1) Expand “Your Account Profile” Settings – In 2006 when I was working at StubHub we created one of the most robust Preference Centers/Account Profile I’d ever had a chance to help frame out. We were able to put in implicit (recommended) and explicit (purchase history)choices for sports, concerts, theater choices in one place. Customers had control of what we promoted to them. That control established a trust between our brand and our customers. Brands today need to get to a place where “Your Account Profile” settings allow customers to pick and choose how they interact with them. It’s not enough to have a subscription center to manage email settings. Amazon has one of the most comprehensive account settings out there. They give the consumers full choice and transparency in how they want to interact with the brand. Now, this is not the easiest change to make since it requires IT support, CRM and other system updates. However, is the greatest investment you can make to building customer trust and a long-lasting relationship with them.
2) Proactively Establish Third-Party Compliance Requirements
Although compliance as a whole will rollup under a comprehensive data privacy strategy, marketers need to start setting the standards with their own third-party vendors now. In a previous post I shared the ever growing fragmented marketing ecosystem. It’s definitely an eye chart, but it shows just how many different tools marketers use that could touch customer PII and user data. That’s why it’s essential to create rigor around third-party compliance. Vendors need to be accountable for management of your customer data. As a marketer myself these are 3 things I’ve always done with Martech vendors I’ve used.
a. Map – Take the time to document how your customer/user data will flow between your internal and the external platforms. Additionally, make sure there is a data dictionary that defines all the fields (character count, description, usage, primary/secondary tables, etc.) for every record in your database. This data dictionary should also include what fields will be shared with any API connection. It’s essential to have both a map of data flow and a data dictionary in case you are impacted by a breach or cyberattack. It will help you figure out where the integrity in your connections are broken and what has been compromised.
b. Monitor – Along with driving revenue and profits for your company, a marketer’s job is to also be an advocate for customers/users. Whether it is a daily or weekly check, all processes needs to be QA’d. It’s vital that a protocol (however, simple) is in place to monitor data transfer and usage within any external platform. Do a quick assessment how data is flowing regularly. Watch the data privacy policies of your vendors and ensure that any changes won’t impact your customers’ data.
c. Audit – At least once a year, every marketer should conduct an intense audit of all protocols, policies, integrations, data management and data flows of vendors. A checklist of what should be happening along with additional checks and balances should be included.
d. Triage - No one wants to even consider an integrity breach, but cybercriminal activity is on the rise. Just check out Symantec’s ISTR report if you want to understand it fully. You’ll want to have a process in place to help detect, prevent and address threats that have immediate impact on customer data. By taking a preemptive stance shows your commitment to maintain trust and transparency. And don't shy away from sharing your high-level plans to hold true to your commitment to address triage any breaches.
3) Communicate Your Privacy Standards & Breaches
Now this might seem like a no-brainer, but there is still a lack of transparency between companies and their customers. It’s a new decade so make this a priority for the years ahead. It’s important for marketers to establish a new way to communicate with customers and prospects about how your company will be handling data privacy going forward.
a) Show Them - Develop your own content pieces around your corporate data privacy strategy. Whitepapers, infographics and even a quick on-demand video would be worthwhile.
b) Update Them – Once these content pieces are created, share them not only through email, but also on your website and social. Your third-party compliance requirements should be part of what you share with customers. Be transparent about what you are doing to make the data people share with you safe. This includes sharing any data breaches within 24 hours of your own knowledge of the issues.
c) Listen to Them – Be willing to let customers/prospects tell you how much you can do with their data. This is a big part of CCPA anyway. This why #1 above is so important. The account setting center is a place where customers can voice their needs and wants through the actions they make in their settings. Companies also need to start considering a feedback loop for customers to tell you what they want. Adding this in the account setting and creating outlets within social channels are a great outlet. From chat functions to direct messages you can allow customers to interact with you and provide their input.
Be Your Customers Best Advocate
Data Privacy regulations have been instituted because we as brands and marketers have not paid attention to the other half of the “sharing community.” Be respectful of the relationship prospects/customers have with your brand. We cannot expect to collect and use any PII, implicit or explicit information shared by customers if we don’t reciprocate the action. By taking proactive steps as a marketer to show you care about the relationship, we will be able to create a willingness to share without fear or distrust. This will keep contain the over regulation by any body of government.