With Acquia Lift, digital marketers have access to a powerful personalization technology that allows them to combine data across different channels to build a unified, high-resolution profile about their customers. A unified view of customers allows you to provide the best possible cross-channel personalization experiences through a better understanding of how a customer is engaging with you across every touchpoint. For example, you could personalize a web page to show a different piece of content to those users that clicked through on a particular email campaign, or have a particular account type in their CRM record, or exhibit affinities to certain content. Gartner believes that by 2018, organizations that have fully invested in all types of personalization will outsell companies that have not by 20%.
Data privacy as it applies to personalization is a balancing act. It’s been proven in many studies that users genuinely want more personalized experiences, and leveraging more data to improve personalization provides a benefit to both the user (with better, more relevant experiences) and the marketer (increased engagement and conversion). The data that you chose to collect and use to power these experiences must be treated with care and in consideration of local privacy regulations. In particular, data protection rules in the European Union (EU) are among the strictest, and each EU member country currently still has its own privacy laws. This will change in May 2018 with the forthcoming EU General Data Protection Regulation.
Aligning your data privacy practices not only helps you mitigate the risk of potential fines and legal expenses, it also is a cornerstone to building customer satisfaction and trust. Below are some of the key data privacy considerations for marketers who are implementing cross-channel personalization, and how Acquia Lift can be utilized to help support these requirements.
Where will customer profile data live and how will it be secured?
Hosting customer profile data outside of the EU for European users can be a challenge, particularly when it comes to EU customer data hosted in the United States. The easiest option for marketers with a European presence may simply be to choose Germany as the location to host all customer data, as it currently has the toughest rules governing customer data living outside German borders.
Marketers also need to ensure that customer data is secured and access is strictly controlled. If a third-party is involved in the handling of EU customer data, a Data Processing Agreement may be required to ensure that the vendor has necessary data security measures in place and that all vendor’s activities are solely based on the customer’s instructions.
How Acquia Lift helps: Customers can choose where to host their customer profile data, including data centers located in Germany, United States, and Australia. Security and controls built into Lift can be used to ensure that access to data is strictly limited. In addition, Acquia offers a Data Processing Agreement to all customers.
What kind of customer profile data will be used?
The most effective means of mitigating the risk of personal data is not to store the data in the first place. You should limit any data you collect to that which directly supports your desired personalization scenarios (and which in turn delivers clear value and better experiences to your end users). In particular, you should avoid storing names, addresses, or other specifics, as this information usually isn’t necessary for personalization. Unstructured data like a person’s name or street address isn’t particularly useful for audience segmentation or algorithm-based personalization. On the other hand, information that reflects a person’s past behavior, known facts, and their affinities towards content are very useful for personalization. Try to capture this kind of information as broad segments rather than as specific values. In other words, it is better and safer to store “Customer segment 1” instead of “Customer lifetime value = $65,434”, and the former will usually work just as well in support of personalization scenarios.
When identifiers are used to tie people together between data sources, it is best to employ a system-generated common identifier between systems or a one-way hash, rather than storing personally identifying email addresses or user IDs. For example, when a user signs up for a newsletter on a website, a unique UUID could be randomly generated, and sent to both Lift and the marketing automation platform. This common identifier can be used as the basis for synchronizing any data between the two systems that will be used in support of personalization. However, if the UUID stored in Lift or elsewhere was ever revealed, it could not be directly used to determine a person’s identity.
How Acquia Lift helps: Customers can choose which identifiers they want to utilize in order to match data between systems. Identifiers can optionally be stored using a one-way irreversible hash. Any data that is matched between systems is stored entirely at the discretion of the customer.