Marketing responsibly with consumer data

Now more than ever, consumers are holding brands accountable. In addition to demanding personalised experiences, consumers want their data to be protected and their permissions to be honored — no matter how complex this process is for the ecosystem. These permissions must go beyond simple shopping and communication preferences. Consumers want transparency and choice on how their data is used, stored, and updated.

In Adobe’s 2022 Trust Report, 79% of consumers stated that they were concerned about how companies are using their data. 73% worried that the data brands collect will be used to benefit the brand and not them. Nearly a third of consumers reported that brands still make it too complicated to protect, understand, and choose how their data is being used.

The emergence of laws such as GDPR and CCPA reflect a desire by regulators to give more control to consumers on how their data is used and shared. Not only is the loss of consumer trust a risk to the bottom line via fines from regulators, but the loss of market share coupled with negative press related to data breaches can be detrimental.

Showing consumers that marketers care about their data means understanding and implementing the most critical strategies for protecting information — consumer privacy, data governance, and system security. These terms are not synonyms. These distinct concepts have the same end goal in mind — honor consumer requests, responsibly manage the data they provide to marketers, and protect the systems in which that data is stored.

The pre-requisite — build bridges across functions

The definition of the ‘data steward’ has expanded in the last decade. Today, any individual who has access to customer data should consider themselves a steward of that data. This is a role and responsibility no longer tied to just one person in IT or legal. Marketers need to share their initiatives, customer data needs, and priority channels with their IT, legal, privacy and security counterparts. Create an open environment and cadence that bridges the teams while breaking down siloed responsibility. Best practices would include streamlining data usage across marketing systems, building in consumer consent preferences into campaigns, and staying in lockstep with legal, privacy and security teams to understand implications of ever-changing compliance standards.

The pillars of data governance, security, and privacy

It is easy to use catch-all phrases and questions such as ‘what about privacy’ or ‘do we need more encryption?’ However, understanding the jargon can pay dividends for marketing teams and create credibility with stakeholders — and eventually consumers. As you build your foundational understanding of these concepts, recognize that these terms are not synonyms — and assuming so could lead to poor investments and counterproductive implementation cycles.

Think of consumer privacy, data governance, and system security as a united force — all three must go into practice to achieve optimal business results across pillars of trust. Let’s dig into these definitions and apply them to marketing responsibly with customer data.

Consumer privacy

Consumer privacy relates to protecting the rights of the consumer, honoring consumer preferences, and being transparent about the use of their data. Regulations such as General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA, as updated by the CPRA) reflect the principles that consumers should have the right to access, update, or delete their data. The deletion right may extend to all systems that are leveraged with a brand. For example, if an email address is stored in a retailer’s email database as well as their customer data management system, the data steward may need to delete the email address from a preferred communication method, along with all other links to that email address.

Marketers can embrace consumer privacy by building consent collection into the experiences they build for customer loyalty or customer acquisition campaigns. By using an internal or outsourced Consent Management Platform (CMP), customer data can be collected at the onset by use case. The consumer will set the options such as analytics, data sharing, personalization, or special offers. By building the consent preferences into the consumer’s centralized profile, all systems accessing the profile will have insights into how and when the data set should be used.

Data governance

Data governance is the process of defining rules for how marketers handle customer data. From a marketing perspective, teams need access to certain types of customer data to create audiences for campaigns while honoring policies related to data usage as defined by their legal and privacy teams. IT teams manage and maintain the tech investments that support these initiatives but can get bogged down in manual processes that take them away from their day job.

Efficient data governance tools and processes enable IT teams to leverage automated tools to streamline and enforce data usage policies at scale — across any channel. For example, the marketing teams may have access to datasets that are okay to use in email campaigns but not okay to use in social campaigns. For an IT team to manually enforce these restrictions would take custom tools and additional resources. However, by using a tool with built in data governance, the IT teams can set it and forget it, with peace of mind and efficiency. Data governance involves labeling data — for example, labeling data as personally identifiable information — prior to ingesting it into any marketing systems. Once the labels are tied to the dataset and a marketer builds an audience with this data, the audience can then inherit the rules based on the dataset label.

System security

According to our 2022 Trust Report, two-thirds of consumers will stop buying goods and services from companies if they experience a data breach. When it comes to system security, companies need a secure infrastructure across all platforms that house consumer data.

An organization’s chief security officer is frequently tasked with defining the security standards to help ensure that systems that store consumer data are protected from breaches. These standards are then executed by the IT teams and are implemented across marketing programs. Ideally, the result helps ensure strong security and builds security into a company’s offerings.

So now what?

Equipped with knowledge of these distinct concepts, you’ll be able to confidently make decisions and provide guidance on how systems manage customer data, how to open the conversation with stakeholders, and how to optimize processes as you build differentiated campaigns. As a starting point, here is a summary of considerations:

• Are your IT, privacy, legal, and marketing teams meeting on a regular basis?
• Is there a process in place to label customer data, tying the labels to marketing actions?
• How can you help IT free up resources from manual policy enforcement?
• Do you have access to out of the box capabilities to manage consumer privacy, data governance and system security at scale?
• What do you have to lose by not getting it right? Consumers? Market share? Revenue?

Marketers often have new concepts and added responsibility handed to them without much training or support. However, this is an opportunity for them to elevate themselves as data stewards and lead the conversations internally to truly build experiences with trust at the forefront — not as an afterthought.

Learn more about how Adobe can help you deliver trusted experiences to your customers every day.