Customer data and privacy protection remain a hot topic in a fairly tense climate.

Let’s look at some data privacy stats. In the US alone, customer data breach cases hit a record number of 1,579 in 2017, with over 178 million records exposed. In the following year, there were fewer data breaches but the number of exposed records rose to over 446 million, an unprecedented high.

The issue of data privacy, largely set off by the Cambridge Analytica scandal, has left a profound effect on consumer-to-brand relationships. Weíve all felt our online privacy is being violated in one way or another; consumers have become more cautious and aware on a global level.

But hereís the thing: research shows that 61% of American consumers and 48% of those in the UK are ďwilling to share their custmer data with a company in order to get customized communicationsĒ.

Essentially, the topic of data protection and privacy has taken a central role in a narrative that focuses on consumers regaining control Ė and marketers regaining trust. Itís paramount that marketers understand that protecting customer data is their responsibility.

our success largely depends on how well youíre able to adjust to the new climate and re-establish consumer trust. To help you in this endeavor, weíve rounded up the key points and expert advice for protecting personal data, managing data privacy, data governance, data privacy law, and general data protection regulation.

  • Facebook
  • Twitter
  • LinkedIn
  • Buffer

Be transparent with your customer data

Although the majority of people are willing to hand their data in return for better service, theyíre naturally not inclined to share it with just anyone. The key for marketers lies in establishing trust and allowing customers control over the information they provide Ė both of which require maximum transparency.

For one, people generally trust companies that they wonít sell their data to third parties. They expect that the information provided will only be used for the given scenario, whether itís completing a purchase or signing up for an email list. It goes without saying that meeting these expectations is a vital part of an ethical approach to data-driven marketing.

data privacy
  • Facebook
  • Twitter
  • LinkedIn
  • Buffer
Source: freepik.com

But in order to establish trust and maintain your authority as a trustworthy enterprise, itís crucial to set clear expectations and communicate transparently what you will do with the customer data and data data privacy before they share it with you. Abiding by the GDPR compliance rules, the European Union regulations, no matter whether youíre legally bound by them or not, will help you do all this successfully and relieve customer-marketer tensions.

One of the key rules here is to use simple language and simple agreement statements on forms, free of corporate jargon, to information security and ensure transparency.

customer privacy
  • Facebook
  • Twitter
  • LinkedIn
  • Buffer

Avoid collecting information that wonít be proactively used

Responsible data-driven marketing calls for another simple rule: take only what you need and no more. Collect customer data intentionally and donít ask for the information that wonít be proactively applied.

In a 2016 study on the effects of data privacy on customer and firm performance, researchers examined how customers responded to companies accessing their data. The results were as follows:

  • 10% of customers are more likely to fabricate their personal information
  • 23% speak negatively about the firm
  • 22% switch to a competitor

Now, these numbers might not be staggering, but they point to consumersí distrust Ė and that was back in 2016, before the Facebook scandals.

  • Facebook
  • Twitter
  • LinkedIn
  • Buffer
Source: freepik.com

Considering all the past tension around data privacy, turning a blind eye to this simple piece of advice will have you losing trust, and ultimately losing customers, faster than youíll care to admit youíve been pushing it too far. Lastly, take note that the mentioned study also concludes that ďhigh transparency and high controlĒ constitute the best practice for data privacy management.

ďPersonification over personalizationĒ

Andrew Frank, distinguished VP analyst at Gartner for Marketing Leaders advocates that companies can offer certain kinds of personalization without having to rely on personal data. The idea is to reduce the use of personal data and find new ways to deliver relevance to anonymous customers, thus seeking personification over personalization.   

In his research on this topic, Frank defines personification as ďdelivery and optimization of relevant digital experiences based on an individual’s inferred membership in a customer segment and their immediate circumstances rather than their personal identity.Ē

In short, Frankís research suggests that marketers should focus on the type of data thatís significantly less risky from a privacy standpoint. This would be the type of information that the GDPR isnít concerned with Ė the data that determines what people are looking at and the ways in which theyíre interacting with a brand, in no relation to their personal identity. He suggests that this type of information has significant marketing value because itís insightful and more telling of user intent at a given time, while entirely evading the tension around personal data.



Adopt a blanket privacy policy

Another key piece of advice from Andrew Frank is that a company needs to come up with a global privacy policy that adheres to the most strict privacy laws. A blanket global policy will ensure you meet the highest privacy standards so that it works anywhere, as opposed to piecing together by region policies of varying stringency. Maintaining different privacy laws based on specific regions is not only risky for data management, but itís also more costly and incredibly difficult to keep up with logistically.

customer data privacy
  • Facebook
  • Twitter
  • LinkedIn
  • Buffer
Source: freepik.com

This is a great starting point, but youíll naturally still have some spaces to patch up and you canít always depend on an across-the-board compliance. Data privacy laws are evolving and getting tougher, with Californiaís Consumer Privacy Act (CPA), following in the footsteps of GDPR, going into effect on January 2020. It only affects California residents, but itís a viable regulation to adhere to in a blanket policy. However, itís not identical to the GDPR, which is why a thorough understanding of the different regulations is crucial to your data privacy management.  

Take inventory of your customer data

This is a solid piece of advice to help you prepare for more rigorous data privacy laws.

Both the CPA and GDPR demand organizations obtain consent to acquire individual data, as well as to disclose how the data will be used (remember the issue of transparency weíve talked about near the top of this article).

Before you even set out to meet the requirements of new privacy regulations, you have to understand what sort of information youíre currently dealing with. Identify the data youíre currently dealing with and how itís being applied. Take inventory and determine not only the type of data youíre using, but how youíre applying it as well.

  • Facebook
  • Twitter
  • LinkedIn
  • Buffer
Source: freepik.com

Data protection starts with your employees

What many businesses fail to recognize is that the majority of cyberattacks are the result of human error. Hackers will always look for the simplest way into a system, starting with the places where employees are not vigilant enough.

One of the most obvious examples is cracking passwords, knowing that a surprisingly large number of companies use oversimplified passwords and even repeat them across multiple accounts.

Then there are also phishing attacks, which remain a tenacious cybersecurity threat, and rely entirely on deceiving unsuspecting victims into handing off information. Clearly, advertising and marketing departments are an especially obvious target for perpetrators looking to compromise data.

In short, all the impressive IT security systems in the world canít keep your data safe if you donít foster a company-wide culture of cyber-literacy and awareness. This brings us to the next part.

free marketing assessment
  • Facebook
  • Twitter
  • LinkedIn
  • Buffer

Establish a cybersecurity awareness program

Start with basic IT security training, where experts will teach employees about common threats and provide guidelines for security measurements. These involve:

  • Password security: creating strong passwords, using different passwords for each account, and guidelines for changing passwords
  • Recognizing phishing emails
  • Guidelines for marketers working with outside vendors and software
  • Cautionary guidelines for social media (including which type of brand information can and cannot be shared, learning about eavesdropping attacks, etc.)
  • Taking caution with links and email attachments from unknown sources
  • Security protocol to limit access to sensitive data in order to reduce the risk of human error
  • Guidelines for remote work: which systems may not be accessed on unsecured networks, physically guarding devices, logging out whenever devices are going to be left unattended, learning which steps to take first if a company device is stolen
  • Auditing new systems and solutions before putting them to use
  • Policies for enabling regular software updates and security patches
  • Guidelines for performing routine data backups securely
  • Monitoring accounts and reporting any irregular activity, etc.

Once youíve laid the foundations, engage employees with ongoing training to address common issues, persistent threats, and the most recent types of cyberattacks.

  • Facebook
  • Twitter
  • LinkedIn
  • Buffer
Source: freepik.com

Clear email lists routinely to ensure data privacy

It feels great to see your email list continuously expanding, but the number you end up with ďon paperĒ, although impressive, certainly wonít be representative of how many contacts youíre actually dealing with. Among the accumulated contacts, youíll have a lot of people who are unresponsive or who have explicitly chosen to opt out, in between those who open your newsletters with varying regularity.

Take the time to regularly clear your email lists by eliminating the contacts that have manually opted out as well as those whoíve ignored your attempts to reengage them. Youíll set up this routine depending on how frequently you send out marketing emails.

This is a precautionary data management measure. Removing these contact groups will protect both you and them in the case of an eventual cyberattack. If your database were to be compromised and former contact information leaked, youíd have a lot of trouble on your hands as it would turn out that you donít respect opt-out requests accordingly.

Plus, this simple practice, although often overlooked, has obvious benefits to your email marketing strategy. Firstly, youíll reduce the risk of being labeled as spam because of too many contacts that donít open your emails. Youíll also have a more representative idea of how many leads youíre dealing with and how your efforts have fared.

Get SSL encryption for your website

Encryption is an obvious and crucial part of data protection. But itís up to companies and their data privacy and protection policy to determine which level of encryption theyíll employ for maximum security. For example, you can take it a step further by employing encrypted data and keys on different servers.

Another key piece of advice for securing data is that you get an SSL certificate for your website. SSL, short for Single Socket Layer, encrypts data sent between a website visitor and the web host. While information entered by a website visitor travels from point A to point B, there are numerous security vulnerabilities, where neither the sender nor the receiver has control over the sent data.

SSL encryption helps ensure that only the intended recipient is able to access the data by creating keys and locking the data before it hits the receiving end. Thatís the gist of it.

Now, this is an absolute must for companies collecting credit card information and such, but itís highly recommended that every business uses SSL on their website for safety. Thatís why Google now prioritizes HTTPS pages, which are the ones using an SSL certificate.

Be vigilant when integrating business systems

Mergers and acquisitions present a special risk to cybersecurity and data management. Information breach and other issues are common when companies merge; weíve seen one such instance highly publicized when Verizon executed an acquisition agreement to acquire Yahoo, and shortly after discovered a data breach that happened at Yahoo back in 2014.

In fact, a report by Forbes shows nearly 40% of organizations whoíve been acquired or went through a merger found cybersecurity issues during the due diligence period. Whichever kind of systems integration you might be undertaking, beware of the countless issues that may arise. Donít rush the process and find the best professionals to inspect every nook and cranny so that they may carefully cover all the vulnerabilities.

  • Facebook
  • Twitter
  • LinkedIn
  • Buffer
Source: freepik.com

Conclusion for Data Privacy

Ultimately, itís best to go by the motto ďTreat your customersí data like your business depends on itĒ Ė because really, it does.

Thatís why a crucial step to successful data privacy and data management is that all departments, especially marketing teams, take on their roles in the efforts and collaborate with the IT team rather than entirely relying on them.

The IT team will do the heavy lifting, but putting in place proper policies and adhering to appropriate practices is up to you.

As stricter data privacy laws are put into place, weíre entering a phase where marketers are going to be creative, engaging, and more transparent with their strategies Ė which is certainly a good thing overall.

We’re listening.

Have something to say about data privacy? Share it with us on FacebookTwitter or our LinkedIn.

Natasha Lane is a web designer, a lady of a keyboard and one hell of a tech geek. Natasha is always happy to collaborate with awesome blogs and share her knowledge about IT, digital marketing and technology trends.

website redesign template
  • Facebook
  • Twitter
  • LinkedIn
  • Buffer

Increase Your Site Traffic and Close More Sales.

Capture and Convert More Sales Leads.

  
      
                         

Digital Service to Grow Your Business


                  
                                                
  

You have Successfully Subscribed!

Get More Leads!

Learn how to boost your sales leads in 2021.

  
      
                                      
                                                
  

You have Successfully Subscribed!

Pin It on Pinterest

Share This!

Share this post with your friends!