Build Confidence with Data Privacy Best Practices
Point of View
August 3, 2022

Build Confidence with Data Privacy Best Practices

A checklist for data security best practices.

Practice makes perfect, or so the adage goes. In order to master something — the piano, baking, fly fishing — it needs to become second nature. That can only come by putting in the time. Not just any practice will do, either. It needs to be productive practice. It needs to be something you do frequently. It needs to be part of your routine.

If a way of achieving good results is so well-established it is considered the gold standard for success, we often call that method a best practice. Almost like following a recipe, a best practice is a tried-and-true way of getting the results you want. A step-by-step process is often made more important when handling something sensitive or precious. If a friend trusted you to take care of their cat while they were away, you would likely be meticulous about following their instructions to safeguard the wellbeing of their pet. Afterall, your friendship is at stake.

This sort of thinking is also true when customers entrust you with their information. In an online world, few things are more valuable than customer data. Customers want to know you are using their data responsibly. Doing so is a show of good faith and is a cornerstone of strong customer relationships. But understanding how to best go about achieving such coveted trust — not to mention remaining compliant —  isn’t always intuitive. Since data is so important to your business, it is easy to take for granted how valuable it is to your customer and keep in the forefront of your mind that they have entrusted you with something precious.

Luckily, with these best practices, there is little need to worry about data privacy.

The Importance of Data Privacy

If your business has an online presence, you are likely trying to navigate between making data more personalized while respecting customer privacy. Having open and transparent policies around what your company does with customer data is becoming increasingly important. Backlash surrounding the policies of tech giants misusing data has chiseled into the public consciousness how bad actors can use your information for purposes you never intended. Simply put, customers want to know what you are doing with their data. It is your job to ensure they understand what you are using their data for and with whom you are sharing it.

Because of this, data privacy has become a bit of a joke. We have all browsed a site for something without purchasing it only to have an ad pop up on other sites. Maybe you have even just told a friend — within earshot of your cell phone —  about needing something and gotten an email or an ad about it. This is all too commonplace, and enough of it erodes customers’ trust in your brand, especially if the user never consented for you to track their data.

Giving autonomy to the customer — which is essentially what good data privacy practice is —  builds credibility. Even if the customer doesn’t mind having their data tracked, they are likely to have a more favorable view of your company simply because you respected their choice to deny tracking. While you may be able to get away with your practices not violating any laws or policies, you will not be able to fool a customer who has a bad experience. Concerning yourself solely with legal compliance is no way to go about making your customers feel respected.  

Let’s take a look at the basic privacy guidelines checklist every company should have.

The Checklist

  • Have a banner that informs visitors to your website that you track activity to support the site with ad revenue. Make sure that banner enumerates which cookies are active and makes it easy for users to unselect those options, by, for instance simply unticking a box. Also, have something similar when users download an app to their tablet or phone as well as a link the user can click to learn more about how and why you track their data.
  • On a related note, make sure your back-end legal and automation structure is set up properly. This makes the above practice a breeze. Giving the user an option to deny certain types of data tracking is predicated on being able to honor those preferences by ensuring if, say, they want to deny microphone access, you have the capability to deliver and adhere to it.
  • If your back-end structure is not able to accommodate a banner because, maybe your tracking beacon is not able to be switched off, you should at least have a privacy policy that informs the user that you track their data. This is not as ideal as giving users the option to select which type of tracking they want to allow, but it at least is informing them. Just as with the banner, have a link the user can click to learn more about your data tracking.
  • Make it super simple for users to unsubscribe from your emails. This is really easy to do and communicates to the customer that you only want them as a customer if they want to be one, not because it is inconvenient to unsubscribe. You aren’t hiding behind anything.
  • Be in the business of getting customers by having a human CAPTCHA, i.e., one of those tests designed to weed out bots by making you select all the images with street lights or copying a slightly distorted code. Bots aren’t customers.This lets customers know you see them as an individual not a data point. And it prevents invalid emails from entering your lists thereby protecting you from further sender reputation harm.
  • Enumerate how frequently you plan to contact the customer. Whether you’re texting them or emailing them your newsletter, give the customer concrete details about the content. Telling them they will receive the newsletter once or a month or promotions a few times a year lets the user know you won’t inundate them with unwanted content.
  • If a customer unsubscribes from promotional material, give them the option to adjust the frequency of contact instead of unsubscribing. This tells them that you care why they decided to unsubscribe. If it was because of the frequency with which you are contacting them, this practice gives them an opportunity to adjust it, maybe opting for once a month instead of once a week.
  • Avoid treating customers like commodities by advertising partnerships with similar brands, or worse selling them as a part of a list to another brand without express consent. Purchasing email lists from companies with similar customer bases is not uncommon, but it can leave a bad taste in customers’ mouths. If they give you their email address and you sell it to someone else, you have just put a price on that relationship, which violates the loyalty they have. Instead, use such a crossover as a branding opportunity by letting your customers know of the new partnership and allow them to opt-out.
  • Have a security authentication infrastructure in place. Make sure your marketing team is not downloading or sending sensitive customer information as attachments. Avoid using chats to share passwords across companies. Give each person on the marketing team their own login so they are not sharing. This keeps accountability high on your team and breeds a culture that respects the sensitive nature of data, which in turn gives customers confidence that you take the use of their data as seriously as they do.
  • Invest in architecture that has such security built in, such as Salesforce. Salesforce’s encryption makes the whole process, top-to-bottom, easier by providing you with the necessary tools for success.

While these tips may seem like a lot, they are all really geared toward the same goal: building accountability and transparency with the customer. Nobody wants to feel as if the company they hand their data over to is treating them like just a number. Each of these practices achieves a similar goal. They are checkpoints that ensure every interaction you are having with a customer is wanted and fully informed.

By making these changes, data privacy will become second nature. So, attend to the details. Make your practices perfect. Your customers will thank you.

CDP
Customer Data Platform
CRM
Customer Data
Salesforce
Banking
Commerce Cloud
Point of View
December 20, 2022

Build Confidence with Data Privacy Best Practices

A checklist for data security best practices.

Practice makes perfect, or so the adage goes. In order to master something — the piano, baking, fly fishing — it needs to become second nature. That can only come by putting in the time. Not just any practice will do, either. It needs to be productive practice. It needs to be something you do frequently. It needs to be part of your routine.

If a way of achieving good results is so well-established it is considered the gold standard for success, we often call that method a best practice. Almost like following a recipe, a best practice is a tried-and-true way of getting the results you want. A step-by-step process is often made more important when handling something sensitive or precious. If a friend trusted you to take care of their cat while they were away, you would likely be meticulous about following their instructions to safeguard the wellbeing of their pet. Afterall, your friendship is at stake.

This sort of thinking is also true when customers entrust you with their information. In an online world, few things are more valuable than customer data. Customers want to know you are using their data responsibly. Doing so is a show of good faith and is a cornerstone of strong customer relationships. But understanding how to best go about achieving such coveted trust — not to mention remaining compliant —  isn’t always intuitive. Since data is so important to your business, it is easy to take for granted how valuable it is to your customer and keep in the forefront of your mind that they have entrusted you with something precious.

Luckily, with these best practices, there is little need to worry about data privacy.

The Importance of Data Privacy

If your business has an online presence, you are likely trying to navigate between making data more personalized while respecting customer privacy. Having open and transparent policies around what your company does with customer data is becoming increasingly important. Backlash surrounding the policies of tech giants misusing data has chiseled into the public consciousness how bad actors can use your information for purposes you never intended. Simply put, customers want to know what you are doing with their data. It is your job to ensure they understand what you are using their data for and with whom you are sharing it.

Because of this, data privacy has become a bit of a joke. We have all browsed a site for something without purchasing it only to have an ad pop up on other sites. Maybe you have even just told a friend — within earshot of your cell phone —  about needing something and gotten an email or an ad about it. This is all too commonplace, and enough of it erodes customers’ trust in your brand, especially if the user never consented for you to track their data.

Giving autonomy to the customer — which is essentially what good data privacy practice is —  builds credibility. Even if the customer doesn’t mind having their data tracked, they are likely to have a more favorable view of your company simply because you respected their choice to deny tracking. While you may be able to get away with your practices not violating any laws or policies, you will not be able to fool a customer who has a bad experience. Concerning yourself solely with legal compliance is no way to go about making your customers feel respected.  

Let’s take a look at the basic privacy guidelines checklist every company should have.

The Checklist

  • Have a banner that informs visitors to your website that you track activity to support the site with ad revenue. Make sure that banner enumerates which cookies are active and makes it easy for users to unselect those options, by, for instance simply unticking a box. Also, have something similar when users download an app to their tablet or phone as well as a link the user can click to learn more about how and why you track their data.
  • On a related note, make sure your back-end legal and automation structure is set up properly. This makes the above practice a breeze. Giving the user an option to deny certain types of data tracking is predicated on being able to honor those preferences by ensuring if, say, they want to deny microphone access, you have the capability to deliver and adhere to it.
  • If your back-end structure is not able to accommodate a banner because, maybe your tracking beacon is not able to be switched off, you should at least have a privacy policy that informs the user that you track their data. This is not as ideal as giving users the option to select which type of tracking they want to allow, but it at least is informing them. Just as with the banner, have a link the user can click to learn more about your data tracking.
  • Make it super simple for users to unsubscribe from your emails. This is really easy to do and communicates to the customer that you only want them as a customer if they want to be one, not because it is inconvenient to unsubscribe. You aren’t hiding behind anything.
  • Be in the business of getting customers by having a human CAPTCHA, i.e., one of those tests designed to weed out bots by making you select all the images with street lights or copying a slightly distorted code. Bots aren’t customers.This lets customers know you see them as an individual not a data point. And it prevents invalid emails from entering your lists thereby protecting you from further sender reputation harm.
  • Enumerate how frequently you plan to contact the customer. Whether you’re texting them or emailing them your newsletter, give the customer concrete details about the content. Telling them they will receive the newsletter once or a month or promotions a few times a year lets the user know you won’t inundate them with unwanted content.
  • If a customer unsubscribes from promotional material, give them the option to adjust the frequency of contact instead of unsubscribing. This tells them that you care why they decided to unsubscribe. If it was because of the frequency with which you are contacting them, this practice gives them an opportunity to adjust it, maybe opting for once a month instead of once a week.
  • Avoid treating customers like commodities by advertising partnerships with similar brands, or worse selling them as a part of a list to another brand without express consent. Purchasing email lists from companies with similar customer bases is not uncommon, but it can leave a bad taste in customers’ mouths. If they give you their email address and you sell it to someone else, you have just put a price on that relationship, which violates the loyalty they have. Instead, use such a crossover as a branding opportunity by letting your customers know of the new partnership and allow them to opt-out.
  • Have a security authentication infrastructure in place. Make sure your marketing team is not downloading or sending sensitive customer information as attachments. Avoid using chats to share passwords across companies. Give each person on the marketing team their own login so they are not sharing. This keeps accountability high on your team and breeds a culture that respects the sensitive nature of data, which in turn gives customers confidence that you take the use of their data as seriously as they do.
  • Invest in architecture that has such security built in, such as Salesforce. Salesforce’s encryption makes the whole process, top-to-bottom, easier by providing you with the necessary tools for success.

While these tips may seem like a lot, they are all really geared toward the same goal: building accountability and transparency with the customer. Nobody wants to feel as if the company they hand their data over to is treating them like just a number. Each of these practices achieves a similar goal. They are checkpoints that ensure every interaction you are having with a customer is wanted and fully informed.

By making these changes, data privacy will become second nature. So, attend to the details. Make your practices perfect. Your customers will thank you.