This article appears in the Fall-Winter 2019 digital issue of DOCUMENT Strategy. Subscribe.

Image by: Deagreez, ©2019 Getty Images

Privacy management can be a massive elephant in the room when it comes to customer experience.

Consumer tech companies, such as Amazon and Netflix, have elevated customer experience expectations to the point where consumers now demand a seamless and personalized experience from all businesses that they interact with. To meet this challenge, companies must improve their customer experience or risk losing their customers.

However, creating a seamless customer experience is becoming increasingly difficult as more consumer privacy and consent regulations are being passed. To ensure that your organization maintains a proper balance between creating an exceptional customer experience while adhering to the necessary privacy regulations, here are five key steps to keep in mind.

1. Work with Your Legal and Compliance Team to Understand the Privacy Laws

Working with your legal and compliance team to determine how privacy laws affect your business will help you understand where the boundaries are and how you can mitigate any problem areas.

Privacy policies should be tracked and maintained by a centralized governing body made up of cross-functional roles. For example, a marketing team member who is working on a soon-to-be-launched campaign should participate and receive feedback on potential risk areas from other members of the governing team. This team should also conduct regulatory audits often to ensure your organization is abiding by any regulation that applies to your region and customer base.

Here are a few to get the conversation started:
  • General Data Protection Regulation (GDPR): Passed in April 2016 and implemented on May 25, 2018. It provided European Union citizens more control over their personal data across digital channels. GDPR’s maximum penalty is four percent of global annual turnover or €20 million—whichever is higher.
  • California Consumer Privacy Act (CCPA): Passed in June 2018 and effective January 1, 2020. It enhances privacy rights and consumer protection for residents of California. Businesses that sell data must include a “Do Not Sell My Personal Information” option on their website’s homepage. CCPA also requires parental consent for consumers under 13 and consumers between 13 and 16 years old to opt in to the sale of their data. It comes with a fine up to $7,500 for every intentional violation and $2,500 for every unintentional violation.
  • Nevada’s Senate Bill 220: Passed in May 2019 and enacted October 1, 2020. It enhances privacy rights and consumer protection for residents of Nevada. Typically viewed as a lighter version of California’s “Do Not Sell My Personal Information” law, it comes with a fine up to $5,000 per violation.

2. Your Personalization Strategy Should Be Transparent and Regionalized

By ensuring that your company’s personalization strategy is transparent and regionalized, you can ensure that any attempts of personalization are abiding by any privacy laws that are in effect. For example:
  • Add a flag to your customer segments that identify the privacy regulation that they are protected by
  • Provide your customer the ability to opt in and out easily
  • Provide people an easy way to see the cookies and tracking mechanisms that are being used to drive the personalized experience

3. Leverage Technology Platforms to Your Advantage

A quick way to boost your privacy management is to leverage a technology platform that has privacy and consent management capabilities and automated tools to help ease management. Some of the leading ones include OneTrust, OpenText, and Adobe.

Leverage IT analyst reports as a starting point to understand the broader market and to narrow down with platforms that would be a great fit for your organization. Whichever one you choose should have a strong customer preference center that allows your company to provide a personalized opti-channel strategy for your customers.

4. Ensure Strong Data Security

While data security is not just a privacy issue, this is just another reminder of the importance of securing your customer data. This includes reviewing how your customer data is being shared across your third-party partnerships.

Ensure that they have strong privacy and data management processes. If you have any doubt, consider consulting with a privacy expert and have them perform an audit on how your partners maintain their customers’ privacy.

5. Plan for the Worst

Last, but certainly not least, plan for the worst-case scenarios.

Work internally and think through different "what if" scenarios that might occur as your company is working to improve its customer experience. Some sample scenarios include customer complaints that they are still being tracked after requesting their information to be deleted or a data breach of a third-party partner.

The foundation of any exceptional customer experience is trust. Trust that your bank will keep your money secure. Trust that your package will be delivered on time. Trust that their customer data will not be abused.

Properly maintaining your customers' data and privacy requests will enhance the trust levels between your company and its customers, moving your company closer to building an exceptional customer experience.

Kelechi Anyanwu is a Practice Lead at Tata Consultancy Services (TCS), where she manages the Design and Customer Communication practice in North America. With over 10 years of tech industry experience, Kelechi has advised many Fortune 1000 companies on how to improve their customer/employee experience using the latest content, design, and marketing technologies and trends. For more information, visit www.tcs.com.
The convergence of artificial intelligence (AI) and machine learning technology with customer communications management (CCM) systems has reached a decisive tipping point