As a consumer, what would you say is more important to you: personalized experiences or data privacy?
These terms may not seem mutually exclusive at first glance, but this question does present a challenge. Personalization requires data collection and analysis, and data privacy often hinges on restricting these practices.
The interesting part about it all is: people haven’t really made up their minds one way or the other.
In most regions of the world, the discussion on data protection and privacy is alive and well.
For example, according to Pew Research Center, 81 percent of U.S. respondents say that the potential risks they face because of data collection by companies outweigh the benefits.
And research in Europe shows 55 percent fear criminals or fraudsters accessing their personal data, and around 30 percent worry about advertisers, businesses and foreign governments’ access to information without them knowing. Security concerns like these gave rise to laws like the General Data Protection Regulation (GDPR) that restricts data collection and processing of personal data.
In general, the public seem to be more and more aware of how their data is shared online and how it can be misused, and certain such cases have caused outrage and led to animosity towards the parties involved.
Then, we have personalization. A definite favorite in marketing and customer service – it actually has real value for both companies and consumers.
And people know that: according to some research, 80 percent of consumers are more likely to make a purchase when brands offer personalized experiences, and 67 percent say it’s important for brands to automatically adjust content based on their current context.
But, all this comes with a price. And that price is data.
Advanced forms in particular, like hyper-personalization, require the disclosure of personal data, such as demographics, preferences, browsing history, purchase habits, and more, to be analyzed via technology (e.g. machine learning) and used by the company. This seems to be a hit on privacy, as people’s data is then stored and managed outside of their control.
The privacy paradox refers to a disconnect between views and behaviors around data privacy.
So, this is what the current dilemma is about: people want personalized experiences (they’re even willing to abandon brands that don’t offer them), but at the same time, they object to or doubt companies’ data collection and protection practices.
As brands that truly care about customer experience, we have to think about that. What can we do to resolve this discrepancy?
First and foremost, we shouldn’t make light of it. A McKinsey study indicates:
“Sixty-four percent of senior marketing leaders said they don’t think regulations will limit current practices, and 51 percent said they don’t think consumers will limit access to their data—this despite other recent surveys showing that more than 90 percent of consumers are concerned about their online privacy, and nearly 50 percent have limited their online activity because of privacy concerns.”
This means that consumers do care about privacy, and they may take action that will set business back. It’s an issue that needs to be resolved.
We’re all consumers, so we can step into the shoes of our customers. Of course we want to protect our privacy, but at the same time, we want to take full advantage of the positive aspects of technology.
One way to look at this is through the prism of trust: people have no problem sharing their data, as long as they can be sure it’s to their benefit and it won’t come back to bite them. But, consumers just don’t trust companies to behave.
For example, 79 percent say they are not too or not at all confident that companies will take responsibility for misused or compromised personal data, while 69 percent report having this same lack of confidence that companies will use their personal information in ways they’d be comfortable with.
So maybe it’s a matter of how trustworthy your brand is, whether you’re transparent or not, and whether you pay attention to data protection.
No matter how much we love personalization, the reality remains that the law comes first. Companies need to make sure they understand legal requirements and comply with them before they implement any marketing strategy. Rumour has it, more and more privacy policies are coming from 2021 onwards. Make sure you have all the legal help you need to inform data compliance.
This may sound onerous (compliance often is), but what’s important is to capture the spirit of privacy laws. In other words, be customer-centric. Laws exist to give people confidence that their identity is safe with you and that they can get real value from giving you their data. This should be your goal and it can only be good for customer experience in the long run.
So, ensure all actions you take are to your customers’ benefit in all aspects.
Despite their issues, the two ideas shouldn’t be mutually exclusive. You can collect data transparently and keep it safe. One step in that direction is to make sure you only collect what you need to.
For instance, do you really need to know a person’s location to properly personalize their experiences? (more on that below). In fact, research indicates that “the data consumers are least okay with brands collecting is information such as name, phone number, and physical address.” Perhaps you just need purchase history and products viewed, which are less sensitive than other types of data, like medical or financial.
Also, this is one of the areas where personalization could borrow from customization: personalization is meant to happen behind the scenes, while customization is driven by the user. Depending on your industry and business, there may be ways to let users decide the level of personalization they want (and therefore the amount of data they want to share) and let them shape their own customer journey and experiences.
For example, an organic grocery store used voice and augmented reality to help individual shoppers personalize their own experience as they go through the store. Just start a two-way conversation and let customers tell you what they want.
And of course, making sure the technology you use respects privacy is critical – one data breach may be enough for your customers to lose trust in your brand. Pay attention to security protocols, implement SSO logins if applicable, add security badges on your site, and so on.
Yes, this is another dilemma that needs to be addressed. On the one hand, the existence of privacy policies and the ability for people to give consent (e.g. as prescribed by GDPR) is important. Telling people how you collect data and why should be the norm.
However, there’s indication that anxiety increased for people when they started getting a “sudden flood of privacy notices” and messages due to GDPR, and they don’t feel good about blindly clicking consent pop-ups. A possible explanation was that some companies tried to misuse or circumvent the law, or simply didn’t know how to handle it properly.
So, being transparent about how and why you handle data is supposed to be good for your customers, not provide them with extra doubts or concerns. The lesson may be that, on top of any legally compliant policies you have to make available (e.g. on your website), you also need to make your communications about data protection clear, concise and to the point – not serving customers with long-winded privacy notices that nobody will ever read.
While consumers mostly want personalized experiences, there are some practices they don’t easily accept. Research by Accenture outlines “creepy” engagement tactics, with using consumers’ location to personalize recommendations topping the list. By another report, 74 percent of consumers think that push notifications are invasive.
Of course, your audience’s opinions might differ – for example, millennials are usually more accepting of the various uses of technology, compared to GenXrs or Baby Boomers. So, it’s important to listen to your customers, ask for feedback, and diligently measure results of different personalization campaigns.
Granted, there’s so much more to personalization than just analyzing anonymous data from all visitors or customers and building segments. However, this kind of data is much easier to digest on the customer side and may not cause as much suspicion as a hyper-personalized service. It’s a case of ‘work with what you got.’
For example, Amazon uses the “Frequently Bought Together” section based on data from many customers. This way, the company may bring some relevance for each new customer without alarming them about its data tactics. It’s possible you also have opportunities to make better use of aggregate data.
Some tech companies have even tried adopting something called differential privacy:
A cybersecurity model that makes it possible for tech companies to collect and share aggregate information about user habits, while maintaining the privacy of individual users.
If you’re going to earn customer trust, you need to make sure everyone in the company is aware of privacy and data protection, as well as how your marketing strategies and technologies affect customers. This will inform your brand and the customer experience you offer.
Consider that brands like Netflix and Spotify are rarely (although not never) questioned about the personalized suggestions they serve customers. That’s because their recommendation algorithm is a big part of their value proposition – customers already know that their habits, likes and dislikes will be used in a way that benefits them. If personalization is part of your identity as a brand, customers may be more willing to share their data.
Also, everyone in your company needs to be trained in ethical use of data. Developers who built products, salespeople who cold-call prospective customers using lists sold by other companies, or marketers who want to try AI; they all need to keep privacy top of mind to avoid mistakes – especially in the new state of things, with work-from-home models becoming more popular because of the pandemic, which potentially translates in less secure networks.
Privacy by design is an important idea for privacy laws – it means that every product or strategy you built needs to consider privacy from the very beginning, not as an afterthought.
This is a good principle to follow and can help you in balancing personalization with data protection requirements. Because you can both achieve personalized service and make sure you’re not overstepping your bounds when it comes to collecting, storing, and using people’s personal data.
After all, as mentioned in a SAS study:
“It’s clear that in this age of increased data privacy concerns – even without a more stringent data privacy law in the US – organizations that treat their customers’ data with care will be rewarded, and those that don’t risk the loss of reputation and customers.”
Nikoletta is a Content Specialist at Acquire. She's a writer and editor with an avid interest in data, tech, communication, and the customer journey.