CASL, GDPR, CCPA, CDPA, PPA … The list will go on. That much is for sure. There’s one concept at the root of all of these rules and regulations, however, and on its face, it’s simple. Organizations are now legally required to maintain the privacy of their users’ personal data, which ranges from name and phone number to more unique identifiers like address, birth date, and so on. Put yourself in your users’ shoes. You don’t want your personal information available for unintended or unauthorized purposes. But as a digital marketer, you’re also tasked with boosting awareness, visits, page clicks, and conversions, and data’s at the heart of all of this important work. Our future with data is bright as long as we’re responsible with it. So, from one digital marketer to another, here are the rules to live by in data privacy.
- Find your balance.
- Collaborate with experts.
- Be transparent.
- Take care.
- Set a higher standard.
1. Find your balance.
If you take away nothing else from this blog post, please take balance. It’s important in digital marketing, just as with many other areas of life. No one team should hold all the water on data privacy. And no marketing or business initiative should supersede the importance of users’ privacy.
2. Collaborate with experts.
I am not a legal expert nor am I providing legal advice. I am also not an IT professional. Your brand employs or contracts with lawyers for a reason. So, ask for their help assessing the various rules and regulations that affect your business and market. Their guidance is essential to your brand acting in compliance. In the same vein, your brand’s IT professionals are responsible for protecting email servers, files, websites, and more. They can also advise on ways to lock down your storage of data. They are key players in the data-privacy mix and should be involved at all times.
3. Be transparent.
Data is personal. For a brand to collect a user’s data at all requires that trust, and that trust is fragile. We’ve all had bad experiences with brands that abuse data they collected. You know, incessant emails from senders to whom you never subscribed (but now you have to unsubscribe or block). For this reason, it’s extremely important to be transparent about how you’re gathering users’ data, when, and what you plan to do with it. You can do so relatively easily with privacy policy, terms of use, and other notification mechanisms—potentially via pop-ups on landing pages. But, don’t just put your privacy policy online and call it done. Make sure it’s easily accessible by linking to it in your footer. Have your legal counsel review it for each market where you’re active, and do this review regularly, at least once a year. The last thing you want is to have an outdated policy that’s out of compliance and puts your brand at risk. Takeaway: Tell users how you’re collecting data, and what you’re going to do with it. If you don’t have a plan for how you’ll utilize someone’s data, don’t collect it! Having data for data’s sake is a huge risk, and in some markets it’s illegal.
4. Take care.
So you have a plan for how you’ll use the data, and you collected it. What now? This is where things do get a bit more complicated, and you’ll need to rely on your brand’s IT team. Some businesses (for example, major travel brands and large health care institutions) are more susceptible to hacking and data breaches than others, but the responsibility is the same no matter the scope or scale. User data, in addition to a brand’s proprietary information, must be protected and maintained. How exactly that takes place depends, again, on your market and your legal team’s interpretation of that market’s rules. In almost all cases, however, brands must have mechanisms in place for monitoring and alerts on improper data access. And in the case of a breach, you will have to notify users. And then you’ll need to fix the leak. Again, your IT team will handle the mechanics. But if a brand is to maintain trust with its users, marketing and communications experts will need to guide the public response. Takeaway: If you’re not already working closely with your IT team, schedule a meeting today. They will likely have the data protection framework in place. It’s important that you’re up to speed on what’s happening, and that you work together to create an issues management plan.
5. Set a higher standard.
Putting the data to work brings us back to our more comfortable wheelhouse as digital marketers. Data enables us to segment audiences and target communications in an efficient way. But in the end, it all circles back to trust. Customers extend a great deal of trust to brands to use their data in responsible ways. Brands, in turn, have to create experiences in which customers want to be a part, too. A two-way street, you might say. A brand that holds itself to stricter guidelines will be better positioned to comply with future iterations of data privacy laws. This practice also helps to create a positive customer experience. They’ll see that you’re doing the right thing because it’s the right thing to do, and they’ll be loyal in return. Takeaway: While laws vary by country, state and circumstance, set a consistently higher bar for your brand—go beyond the defaults. Also, make a solid plan, and stick to it. You’ve already laid out how you’ll use the data. Just do it, and nothing else.Thanks for joining us for the strategic overview of data privacy from a digital marketer’s perspective. Do you want to discuss how we’d put these practices into action for your brand? Drop us a line.Vladimir Jones is Colorado’s original independent, integrated advertising agency, with offices in Denver and Colorado Springs. We believe in brilliant brands and love making the world love them as much as we do.