[Music] [Rakhi Patel] Well, hello, everyone.
Who's hung-over? Now we're going to talk about trust and the law, really easy, easy conversation. [Jon Revill] Exactly. Thank you so much for joining us today. If you're here for the Martech Guide to Building Trust, you're in the right room. And if you're not, I hope you stay because we have a lot of great content for you today. My name is Rakhi Patel, and I'm the Director of Marketing for our real-time CDP and Audience Manager Product. And I have a special place in my heart for marketing responsibly. And so today, I'll be joined with my amazing partner Revill, let him introduce himself. Yep. They picked people that were the same height. So, like, we're-- - Make it easy on us for sure. - Yeah. So hi, everyone. Sorry. - There you go. - Hi. I'm Jon Revill, I'm the Software Engineering Director for Marketing Technology and Personalization at Truist. And I guess we're ready to go, right? - Yeah. - So-- And brought a fan club.
So let's start with a question after last night, we may need it. Does anyone in the room know what this is? I was fortunate enough to spend some time in the emergency department with a family member a couple weeks ago. Shout it out. So defibrillator, right. But if you look a little bit closer, it contains ePHI. So in the act of saving your life, you're now giving up your data. And so it's a salient point for us, right? Is that ePHI and personal data and customer data is literally everywhere for us, right? So we have to have a certain level of trust with the, certainly with our doctors in the emergency room, but also with the other organizations and companies that we give our data to. So let's talk about trust. So it's the firm belief and the reliability, truth, ability, or strength of someone or something, right? Allowing, someone or to look after something that you care about, right? I'd trust you with my life, a friend you can trust. You can trust me. I have all the experience I need, right? Also in the spirit of trust, I want to make sure that we point out, we're not lawyers, decidedly not lawyers. And so this is not to be construed as legal advice or, any, anything that you should take and say this is something we should do from a regulatory perspective. This is our experience and our understanding of, how, especially from my, end of it, of how we went through and implemented some trust measures and use technology to deploy that. - Remove some barriers too, right? - Yep. In terms of how we build bridges with different teams and so on. It's a very intimidating topic. So hopefully our experience will help you build those bridges across your teams and at least know which questions to ask when you're thinking about responsible data management. Yep. So the obligatory, who is Truist, right? So we are a purpose-driven financial company committed to inspiring and building better lives in communities. And we do live that very much. And how we work with our clients, how we work within the communities, what we support and what we do. We are headquartered in Charlotte, North Carolina, and we're one of the largest commercial banks in the country.
So at Truist, we have a concept of T3 and that is, touch plus technology equals trust, right? And what that is at the end of the day, the client's preferred level of personalized touch through Truist, blend of innovative technology. And what that's led us to be able to do is, have a very robust customer preference and consent management practice, start using things like AI and ML to drive actual human discussion. So leading, for our agents and tellers and other people out in the market to be able to have more meaningful conversations with their clients, be able to deliver financial insights through AI driven technologies, and then...
Use data in real-time to provide the next best message.
- And thank you for that introduction. - Yep. I work for Adobe. I hope by now who we are, so I'll skip that part. Our goal for today is to go through a couple of different topics. We'll start with rooting five principles of trust the way we've sort of come together to understand what these are. And this will almost become our table of contents for our presentation for that today. We'll then also talk about personalization at scale, at a specific level. We've been talking about personalization at scale this whole summit, right? But, like, what does that look like in terms of differentiating with trust? I'm on the Adobe Real-Time CDP team, so I did want to root this conversation in customer data management. So you have something actionable. If you have the CDP today, you can go back to your desk. Or if you're evaluating a CDP, you might know the right questions to ask in the spirit of trust.
I'll also share our trust toolkit and so on. And then we will have a really fun kind of analogy, which will tease in a little bit. And Jon will then talk about building those bridges across teams. He's done a really phenomenal job doing that. And I think all of us can learn a lot about just being friends with each other, educating each other. It's okay if people don't know what a cookie is. Like, let's talk about it and how there's a difference between first and third, and so on, right? There's only one type that's supposedly going away. And then finally, we'll have some key takeaways for when you get back to your desk. So thank you for joining us today. We know it's a, it's an intimidating conversation. So as you think about where you may be in your journey with trust today, I think one of the most key things to think about is, do you have that line item in your, in your balance sheet to pay a fine? Because most of us don't. We're not some of these larger companies that can afford that. So it's really important for you to think about who you're partnering with to ensure that you not only differentiate with trust, but your stock price can plummet, right, if there's an encryption issue, if there's a breach, and so on.
But there's also an opportunity now to invite as marketers, privacy, compliance, legal to the table as we all educate each other and learn more about customer data management. It's going to be so tough for us as marketers to keep up with all the fragmented regulation, right? So understanding where your legal team prioritizes and how they want you to label data will be really key. And then, of course, mitigating risk. So pause for a second. Where are you in this journey? Are you proactive, reactive? Can you afford to be reactive? And what will that cost you in terms of brand equity, revenue, and so on.
So don't be scared if you are because we are really excited to kind of demystify this. From a five principles standpoint, this is a marketer's guide. Here's a few places to start. Strategy. We're all used to building marketing strategy, right? Optimizing marketing strategy. The same applies for trust, right? How are you collecting data? How are you labeling it? How are you activating it? Which regulations are important? What toolsets are available to you to centralize managing all of this and streamlining it? So actually having a strategy for trust is, really starting to be top of mind for a lot of companies and blending that with the marketing KPIs.
I don't know how often I hear about, what about privacy, right? And that's a really general comment. Privacy is all sorts of things. But when you think about customer data management and building personalized experiences, we talk about enriching data, right? Enriching the unified profile. What about enriching that unified profile with preferences at the beginning? So when you're building your segments, you've enriched with behavioral data as well as preference data.
They're in control, so they can, they can leave you and go to your competitor if you're not respecting their privacy.
Transparency in this context, we're going to talk about it for the organizations that are technical, that support marketing teams similar to what you do. Do you have-- Do those teams have access to audit, who has access to the data, to the tools, and permissions and so on? Security, this is sort of a no brainer, right? Like, making sure data's encrypted and so on. And then finally, data minimization. We started talking about data minimization maybe more formally with GDPR because it was one of tenants. But if you think of data minimization, not, if you take it out of trust for a second, thinking about the data you collect and using it with purpose and expiring it and destroying it when you no longer need it, why isn't that also a marketing imperative, right? Because if you're using the right data with the right purpose and managing that data lifecycle, you're actually going to get better outcomes, more conversion, and your consumers will be more interested in staying loyal. So this is our five-set of principles that we're rooting in today. And, hopefully, this is helpful as a starting point. If you're not familiar with this concept of some key questions to ask. A bit of a teaser. We'll also go through some ideas of demystifying each of these areas and give you some examples. But would we ever think about buying a car that didn't have safety features out of the box? Because if we're doing that, like, why aren't we also doing that with our CDPs? Why are not we not, like, making sure that customer data, tools are going to help us protect customer data? So that's your teaser. And with that, also reading this in terms of what we're talking about at Summit, right? Personalization at scale.
The reason we built CDPs is because there's a lot of things going on in the market, right? There's shift to durable identifiers. We all know that there's an expectation of personalization from consumers. They don't know or care how hard it is for us, right? We just have to get it done. Privacy and governance have always been at the forefront, but now it's also elevated. It's no longer an afterthought, right? And then the consolidation of marketing platforms is also some things that we've seen. But as that happens, sometimes the regulatory, the governance stays fragmented. So it's an opportunity to go over that as well. So what are the implications, right? The shift to durable identifiers with more PII, ePHI, whatever business you're in.
It's an added level of oversight that will be needed, right, as you stop using third party cookies and turn to more durable identifiers to replace those signals.
We talked about consumers, right? And again enriching that unified profile, like, just make it part of the process now. Behavioral data, preference data, it's just another data source, right? In addition, future proofing, investments. Regulation is so fragmented. It's changing all the time. How do you keep up, right? It's important that the tools that you invest in have frameworks that will be flexible and enable you to adapt quickly. And last but not least, I often ask this question, how many of you in the room are IT or technical that support mark marketing teams? How many of you, it's your favorite job to, like, manually manage data usage policies? That's what I thought. So hopefully we gave you some inspiration on how you can automate that while working with your privacy and your legal team to understand how to build that in. And, Jon, I'm curious as we look at these market forces, how do these apply to Truist? Sure. So from a Truist perspective, we have moved to more durable identifiers, so internal identifiers, hashed email address, hashed phone number, those types of things to be able to make sure that we can understand where the customer is and their journey and be able to speak with them, with confidence, knowing who they are.
We're continuing to try to meet-- Again, putting those meaningful messages in front of our customer, using those identifiers, making sure that we have a very clear line between what we're sending them in communication and the consent that they provided us. And then from a privacy and governance, we've provided a very simple and we'll discuss this a little bit later on, but simple tools that the customer can use to be able to provide their own privacy management. But we've also-- And what was most important in our case was, we raised the overall institutional knowledge of the concepts that we have. So it wasn't one pocket of people who have all the knowledge around cookies and cookie enforcement and cookie, the regulations around that. We've shared that information more broadly as an organization and it's made us better for it, in my opinion. And then from a consolidation perspective, we've centralized a lot of the controls around data usage, using real-time CDP and other tools, so that we have things like automated time to live, automated checking for data hygiene and those types of things. So it has been a very innovative change for us in terms of how we're using data, how we're making privacy meaningful in our day-to-day worlds.
So from-- It's okay. So from a trust perspective, a lifecycle at Truist. So let's talk about the different steps that we go through.
So first, and this isn't a formal truestism. This is just a generalization of how we work. But it's a good kind of understanding of the process of the customer and where things lead. But we always start with the client life cycle with acquisition. In that frame, right, there's only a few things that we can know about that person. We know maybe the content that they've interacted with. Where they came from, from a traffic source perspective? Was it Paid Search? Was it display? Was it something along those lines? And then we might have Geolocation depending on browser settings and browser technology, right? And so that is more of a turns into more of a stepwise process very early on, right? It's-- We know where they came from. We moved them into content engagement. We hopefully moved them into signing up for an account, right? That then moves into activation, right? So that we get a little bit more of a shape of a person, right? We know email address, phone numbers. We know whatever zero-party data they may have given or provided to us. We know channel preferences and the like. And that's when we move from campaigns into conversations, right? It's-- How do we help you onboard? How do we give you the channel features that, make sure we're working with the channel features that we have, make sure we're giving you the messaging that we're, that's meaningful to you, that you can move on to the next step. And that next step is deepening, and now we really know a lot about this person, right? We have a very firm relationship with them. We may have things where they've worked with relationship bankers, or move through our site, again, more content they've had the opportunity to engage with. And so at that point, we are moving into filling in the pieces of that relationship, right? Of providing financial insights, personalized their product messaging, guiding conversations with our team members, and then further community engagement. So understanding where we can reach them and work with them in their own communities.
And what's interesting about that, that kind of framework is that that's pretty much how we think about a CDP as well, right? So Adobe's real-time CDP, which is one of the Adobe Experience platform applications, so that also would include customer journey analytics or Adobe Journey Optimizer.
With real-time CDP specifically, it's about now in the age of third-party cookie deprecation, being able to manage the entire funnel of data through your customer data management platform. So now we're bringing together known and unknown data in one system, whereas perhaps historically, this was in a DMP and a CDP. The world is evolving here and we're building product on top of that. So at the end of the day, our CDP is a mechanism for you to ingest data flexibly, create profiles and audiences out of it, and activate it to channels, which again was, I think, remarkable to see your trust framework actually fits that same workflow to a degree.
All right. And with that I'm going to spend just a quick amount of time to talk about Adobe's Trust toolkit. So we talked about the five principles earlier. Here they are again. And our roadmap is actually built to continue, to innovate in this area. So whether it's regulation-based, consent-based, and so on. In data governance, we have a feature called data usage and labeling, or sometimes you're hear Adobe teams call it dual. We actually have four patents on that specific product. So innovating and trust is not an afterthought for us. There's different audiences, different definitions of a data steward, and the goal is for us to give you those tools. As another teaser, we give you access to the seatbelt. - It's up to you to wear it, right? - Mh-hmm.
Encryption, data lifecycle and so on. So you'll all get a copy of these slides, but the way to think about it is that area in gray, those are all the features that are available. And then the ones on the bottom, there are some advanced used cases of, like, options that are available as well. So I'm going to just provide a dual example, and this is one of many features, right? We have access controls, encryption, all sorts of things. But as a marketer, we're collecting data, turning the, transforming that into audiences, and syndicating those audiences out to channels of our choice.
So as we see, in the data in section, these are probably all data types and data sources you're really familiar with. But I've added below there in green a CMP.
And I did that because if you think about ingesting data from your CRM system, why also not integrate your consent management platform. No matter where it's from, if you're collecting that data internally, externally, working with a partner like OneTrust, for example, no longer an afterthought just add it as part of your strategy, and it will probably give your legal and privacy teams some peace of mind. Yeah. That we're doing that proactively, right? So let's do an example of dual, data usage and labeling. And this is a specific financial services example, but no matter what industry you're in, you could probably follow along here. So when you bring data in, let's say you have a dataset of profile data, and you have a group called savers and you're tying it to email addresses for PII. The reason I picked Savers is because we know there's a lot of sensitive data in the financial services market. You don't need to ingest all of that data to have signals for your marketing. You can map that data a certain way and keep the confidential data, the sensitive data in your own data warehouse, and just bring in what you need. So maybe in your internal system, savers means the group that is invested in CDs more often, right? Something like that. Adjusted from your CRM. And then you could set a label right there, whether it's your IT team or your consulting team, your partner who's setting it up for you. For example, this cannot be tied to social media advertising. And then we could put in some data hygiene in there as well.
So now we move on to your marketing team or your agency whose building audiences, right? And let's say they build a prospect audience for early retirement opportunity. They have a couple of attributes there, and you'll see that some of those attributes are part of the original dataset with labels. Your IT team, your governance team, they don't have to do anything and neither does your marketing team because all of the labels and policies, they get inherited.
But let's just say, when these audiences are activated...
Your agency doesn't know all of your policies and tries to activate it to a social media destination, it will be blocked.
Another channel, it may not be the same way. So this is a super simplistic example, but think about how powerful that is to be able to set it and forget it, to be able to understand and comply with the data usage policies, not only in your industry, but perhaps by your specific legal team, your specific privacy team in terms of what your campaigns are.
And with that, we want to kind of go into some fun here.
So as we kind of teased earlier, you'd never buy a car without its standard safety features. Let's kind of demystify what that could look like with some customer data management protection features. So we're going to-- Again, you see the same five principles rooted here. And we're both going to kind of talk here. I'll provide an Adobe feature, and Jon will provide some context analysis. Commentary. Yep. All right. So transparency.
If you have actually any Adobe Experience Cloud products, there's a feature called Privacy Service. And if you don't know about this, Privacy Service was actually created once GDPR went into effect. So Privacy Service enables you to manage data subject rights. And this is not just GDPR. This is for regulation based when, for example, CCPA was turning into CPRA. This tool was the tool that everyone's using and so on. So this is the one-- This is a feature at Adobe. But how do you think that relates to a seatbelt? Yeah. And so data privacy and seatbelts. So from a regulatory perspective, rather famously, seatbelts were one of the very first things that were regulated in automobiles from a safety perspective. And for good reason, right? You wouldn't want to drive without one and if you don't, it's not going to save you. It's not going to be there for you when you need it. If you don't use the privacy service, it's not a part of your planning from a data ingestion perspective into your build, it's not going to be there when you need it. And with, in the State of North Carolina, where I'm from, if you get caught not using it, it's click-it or ticket, right? If you're not protecting data in a way that's-- - California too. - California too. If you're not protecting data in a way that's meaningful, then you're at risk of running a foul regulation, right? So you wouldn't buy a car without a seatbelt. Why would you buy a tool that didn't help you manage your customer-- - Exactly. - Data, access, delete, and so on? Data minimization. A feature here from Adobe, and we have actually a lot of different tools to manage data hygiene, whether it's using TTLs to put expiration dates or if you want to do, like, a mass deletion of experience events or something along those lines. So, Jon, how does this relate to, the pressure gauge? Yeah. So from a tire pressure gauge, right? So, it's there to let you know how much air is in your tires. So if it goes up or down, you're aware of it but you can have too little air in your tire. Everybody's had a flat tire if you drive at some point. You can also have too much air in your tire. Obviously, it can pop, right, eventually, but it can also make your tires go out of form. It'll make your car go out of balance. There's a lot of things that can go wrong with just seemingly innocuous type thing of having a little bit too much air in your tires.
With tire pressure gauges, you have automated regular checks. That's the same as with data hygiene. You want to make sure that you're able to put your finger on, where the where the data is, data cleanliness, and be able to report back on any issues that you have that's, that may be going in your dataset, ingestion, those types of things.
And again, it lets you know that something's wrong through alerts and regular reporting. So you don't have to run the risk of not knowing something that you could otherwise have damage your car or risk your, or eventually risk your life. And you wouldn't put too much air in your tires because it would pop, right? So as you think about your customer data, sometimes it's too much data. - You don't need everything. - Yeah. You don't need to hoard it. It might not even be valuable if that's how it's managed. So one thing, in the previous one, every time you put on your seatbelt, think about, do you know how to manage your request from your consumers? When you're checking your pressure gauge, how are you thinking about data hygiene with your customer data? Yep.
With strategy, so we have a lot of-- I just gave an example of data usage and labeling enforcement. In addition, we're also working through consolidating all of the trust tools in one area, in Adobe Experience Platform. So all data stewards just have to go to one place. How does this relate to antilock brakes? And pre-collision? Yeah. So think of it, think of it as dual and labeling. Dual is there when you need it, right? It's not something that's going to stop you from doing your work necessarily. It's not going to prevent you from marketing freely. It's there to make sure that you're doing it at the proper speed, in the proper way, right? It stops you when you're not looking. So I have a daughter who recently has started driving. And one of the things that happened to her, she gave me a call. She's like, dad, my car just stopped suddenly. It freaked me out. I'm-- I don't like it. So, well, what was going on? Was there a car in front of you? She goes, I don't know. I said, okay. Well, that's the pre-collision system. She goes, well, can we turn it off? I'm like, well, did you see the car in front of you? No. Then no, we're going to leave that on.
It's there when you need it. It helps you when you don't, when you're not looking, right? And so, yeah, it's a very useful tool to protect you from yourself.
I love Jon's stories.
All right. So now we think about security specifically. Your car keys, right? The feature, the Adobe feature I would recommend in this area or create an analogy for is access controls.
Yep. So car keys and locks, right? So it's literally how you get into your system. It gives you the right, proper control, and access. It gives you access to the data you're supposed to have and not anymore, right. It doesn't-- And this sounds a little odd, but it doesn't let you see the things that you shouldn't see, right. So there's business purpose. There's business right to use in our organization. So if you shouldn't have access to data, you don't have access to data. You don't have access to push certain things out if you don't need to. So in that way, it allows you to work with confidence. As administrator on my end, it allows me to allow you to work with confidence. And I can be confident that I'm not going to run afoul of any of our internal policies, and that the people who may not be the technical teams who are working in some of these systems, they can work without, like I said, running afoul.
Also think of this as, that's kind of like, also kind of wonky. It's kind of like child safety locks, right? You don't want to let your kids enter out of the car when the car is moving, right? Or when you stopped and you're not in control of it, right? It's kind of the same thing. We don't want everyone to be able to do everything at all times. Yeah. You wouldn't give a car key to someone if they're not going to drive responsibly, right? - As like a baseline. - Most people. So same in terms of data-- Yeah, most people. Same in terms of data. We want to make sure that whoever accesses it is using it responsibly. Yep. Exactly. So now when you put in your keys in the ignition, think about how is that happening at your organization.
Only share data if you trust the destination. So here, we are talking about how. If you have your own platform to collect consent or if you're working with a partner, how are you integrating that today with your customer data management system, so you're using that for your unified profiles? And here we're using the analogy of a driver's license. And again, literal license to drive, right? It'll, it doesn't-- Again, it's a heavy regulated thing in the real world, getting your license, but it's not necessarily restrictive, right? Once you've got your license, you can go where you want to go, right? So in our case, data is heavily regulated from an internal policy perspective, from an external regulation perspective, but it doesn't prevent us from being able to use it responsibly.
And you have to have the right license for the right use, right? You have a driver's license for a car. I don't have a pilot's license for a plane. You wouldn't want me to have one. I don't have a CDL. I can't drive a big rig. You wouldn't want me to do that either. So it's a matter of understanding what you have, access to and using it responsibly.
Awesome. - Was that our last one? - Yeah. That was one of my favorite segments. So how many of you have a car? Yeah. That's probably should've.
Next time you drive your car, think about how you would not get in that car if they didn't even offer a seatbelt. Yeah. And are your customer data management tools giving you those seatbelts? So thanks for going on that ride with us. - We thought that was fun. - Yep.
All right. So I'm going to turn it over to you for the next section. Yeah. So let's talk about the journey that we have from a digital privacy perspective at Truist, right? We started off with, like a lot of companies, with very, kind of disparate departments, right? So my world was marketing technology. We're responsible for delivering capabilities and refining requirements, working with our partners to understand what it is that their needs are. And what we serve, obviously, is the technology SMEs around how this technology functions. We also have privacy and compliance, right? So these are everybody's favorite lawyers. They are there to help us interpret regulations and set the internal policies and standards around how data is going to be used. And really, we moved into their educating us around the regulation and the legal environments that we're operating in. Then we have enterprise data, who is very kindly sitting in the front row.
Enterprise data is, they set our internal data policies. They understand how we collect and manage that data and their preferences and then they're responsible for the execution of controls around data. So how are we storing our data? How long do we hold that data? And then how do we verify that we're doing the things we're supposed to be doing in those environments? And then we have our marketing activation teams, right? They execute on marketing strategy. They utilize capabilities that we deliver from a market type perspective, and then they really are the touch in the T3, right, in terms of being able to reach out to our customers and speak with them.
And so like a lot of us, I'm sure that you've been working through the CCPA, CPRA changes. They have been a little fluid, I'll say.
So it's intended to give and so the California Consumer Protection Act and California Privacy Rights Act. So for those who aren't familiar, it's new laws that give regulatory control to the California AG to, allow to set regulation and set policy that gives, is intended to give customers more rights to their data and privacy.
It officially and Sesha, keep me honest, officially went live March 29th of 2023. They tried to delay it for a year, then they decided after they delayed it, not to delay it and set the date back to March 23 afterwards. And so it was very kind of wonky and how it went together. And so because of the speed at which we knew the regulations were coming, we went through a very accelerated path to implement. And so we were very proactive in that sense, rather than being reactive, because it would be-- We'd be in a situation where litigation was going to start forming and giving us that, the world that we would live in, because of the regulations were untested. Right? And so what do we do, right? So as a team, as a company, and our data privacy teams really led the way, we all came together. And, I mean literally, we came together in workshops, in groups, in large room meetings, in small group meetings, lots of conversations, right? And we also understood that we were in the room because we were experts, because we knew the space that we were in. So we were all on equal footing. And that was a major important step in this.
The other important part of this was that we've said very early on, right, that familiarity does not equal expertise, right? I am an expert in marketing technology and CTP and managing data.
I'm familiar with laws, right? I live in a regulatory world. I have to drive on the right side of the road, right? It doesn't make me an expert, right? Same with our legal teams, right? Our legal team, very, very well informed in regulation and the changes that are going on, very well connected in understanding what was coming down the pipe and being able to explain that. They use browsers, right? They have digital data. They know cookies exist. But do they know the difference between a third-party and a first party? Do they know them in a third-party, first-party context? Can they tell me what a third-party tag is versus a first-party tag? What sets the cookie? How long does it live? No. But it was the understanding of having that humility to work through that together, right? Compliance is a highway, not a detour, right? We're going to continue going forward, right? It may not always go in the direction we intend it to be, but we have to continue moving. We have to continue working through it. And we have to continue to be educated in terms of how regulations change, how technologies change, how third-party cookies are going away, but they're not going away, they're still going to hang out in certain places in certain contexts. First-party cookies are still going to exist, and there may be creative ways of getting through those first party-- Doing some of the same things through first-party cookies too, right? And that's going to be heavily regulated as well eventually.
It's about the intent of the law and the letter of the law, right? And so back to my newly driving daughter, when she first started driving, we got car keys and license and boyfriend, those things in that order. And so when we first started driving, we set curfew at 9 o'clock, right? And so the first day she came, she went out, she went to her boyfriend's house, and it was 9 o'clock. Nobody walked to the door, right? She wasn't home 9:15, nobody there. Eventually at 9:30 she comes home. I'm like, Honey, where have you been, right? She goes, well, you said my curfew was 9 o'clock. I said, I know. Where have you been? She goes, well, I left Colin's house at 9 o'clock and then I went, and I stopped to get gas, right? And then I stopped by Hannah's house for a few minutes on the way home, and then I came home. I'm like, okay. So why weren't you home at nine? She said, you said curfew was at 9 o'clock. I said, no that means you're home at 9 o'clock, right? Not leave at 9 o'clock. And so, she is a very intelligent child, just so I'm clear. She's gotten to a very good college. But she is-- So we had that understanding of, her understanding of, first time being exposed to a curfew. I'd leave at 9 o'clock. Okay? We didn't, we didn't elaborate. And my understanding was, no, you're going to be home at 9 o'clock. And I didn't elaborate that either, right? We don't have that understanding necessarily that we may have different perspectives on intent and letter, right? We have to meet both. And if we don't meet both, we'll find ourselves in trouble, right? And then like the defibrillator, talk it out, it could save your life, right? So when we talk about having conversations, we're talking about the big scope of things, but we're also talking about all that little nuances in the regulation, all these little commas and things that could throw things in a very different world, right? So we had to sit down, and we beat things to death when we were talking through some of these regulations. And really, we would talk to it, and it might be a new sentence in a disclosure. It might be something new in our collection, data collection, or on our preferences screen. It didn't seem like big changes, but they have huge impact, and it all came from those very small conversations, right? So that's how we talked about it from a team perspective. That's how we work through it. So let's talk about it from a technology perspective. And I have to tell you, as you're talking here-- Yeah. You mentioned that your privacy, like, there's someone here. He's been nodding the entire time. So Jon's not making this up. He's a good partner. He's very supportive no matter what. So let's talk about T3 and how it actually turned into technology at Truist, right? So-- All right. So we'll just go from here.
There we go. There we go. So from a digital perspective, trust starts with, in most cases, truist.com, right? They're going to come to our website. They're going to work, look at our product catalog, work through that content and move through to conversion. So on truist.com we have implemented OneTrust, who I think is in the room to capture consent from a digital perspective, right? And so we allow. So one of the big changes for CCPA, CPRA, is, they do not sell share links and the ability to select, set those preferences through a utility like this, right? And so we've implemented OneTrust to allow a user to enable or disable the collection of third-party data. And-- So we start there with truist.com. And so that's OneTrust, with OneTrust consent and global privacy controls with GPC. All of that's automated through our tag management solution Truist, through Adobe. Excuse me. And then we move into the AEP, the experience platform SDK, right? And so from a technical perspective, it is how we manage everything that happens from a third-party tag perspective, how we collect analytics, how Adobe Target runs on our site, it manages everything that's there. And so from an analytics perspective, it determines what goes into the XDM. Simplify that. The data that we collect on the site, right, and eventually gets into data. So we capture the consumer's preferences in the, in Adobe Analytics, and we send it through the data streams that go to the Edge. The Edge is where a lot of the initial processing happens from a rules' perspective, from a personalization perspective, audiences, and so on. And so this allows us to look at that OneTrust preference, and we change the data stream that we select for, where the data actually goes, right? And so now we're not just giving the user control over their data, we're physically sending it through a, not physically, but literally sending it through a different pipe, right? From a collection perspective.
That has meaning downstream, and we'll talk about that in a bit. That eventually makes it to our AEP dataset down the road and then also to event forwarding, which is a relatively recent technology that we're using. And at event forwarding, it starts to impact our rules definition. So if the user has set their preferences, they don't want to collect, they want to have our data used in third-party sharing or in AI and ML, we won't send signals down to the third-party end points, right? So that's consent only. The frontend from a digital perspective and how it implement, it's implemented through our Adobe Analytics solution, how we can manage third-party tags. But on the other end of it, we also have our new privacy and preference center. And this allows the user to go much further in their definitions in terms of privacy and what we can and can't do with their data, what they would like us to do with their data. And so that goes into our backend systems, from a customer data perspective. Okay. From a customer data perspective and then eventually makes it into our AEP dataset, right? That allows us to then use that consumer's preferences in both Adobe audience definitions, as well as audiences built and defined through customer journey analytics. Okay. So we have complete control at that point. Also, from a destination's perspective, it will automatically determine with labeling and with other rules, whether or not that data can be used and sent to specific destinations. If it's not intended for social media, it won't go to social media. If it's not intended for paid display, it won't go to paid display, right? So it is a very protected and automated way of sending data to third parties without avoiding the consumer's preferences. And then also, from an AJO perspective, we can then use it to define the rules in AJO for, based on consumer preference. So you'll see-- You see through all of our Adobe stack, right, and beyond that, with the privacy and preference center, we have different points where we can, back to the analogy, check the pressure, understand what the consumer's preferences are and then act on those accordingly and work responsibly, right? So let's go through a couple of points around.
What you can take back to your desk. Okay? So first, it's important to build relationships. Communication is the first step in trust, right? Talk to your partners. Learn who they are. Gain perspective, right? Understand what motivates them. Understand how they're incentivized, right? Confidence and humility equally in that. You don't know everything. I don't know everything. They don't know everything. But they know what they know. I know what I know. You know what you know. And live in that space, right? Align to business goals. What are we trying to achieve? What are the outcomes we're trying to drive, right? And then how do we get there? What is the strategy in terms of meeting those goals? And I will close out with the second two-- Sorry, the last two here. So think about what processes you can automate today, right? And also check with your team who manages your Martech stack. - There might be tools already available. - Mm-hmm. And already built-in that you're just not aware of. So with real-time CDP, data usage and labeling is a no brainer. Like, it's out of the box, and that's the example I also provided earlier. You can set up and create your own usage policies and get to know where your consent management is being managed as well. Is it a vendor? Is it internal and so on? And you optimize your marketing strategy monthly, quarterly, budgets, all of that. You create new road maps, right? Same goes with trust. So elevate trust as a strategic imperative that aligns in all those areas. We do hope you enjoyed this session. We know it's a very dense topic. We, hope we demystified it for you, so that you can start now building those relationships through your organization to have those conversations with confidence and excitement and curiosity. - Yep. - Thank you. Yep. Thank you all.
[Music]
