The past five years have seen sweeping privacy laws and compliance regulations enacted around the world to protect both B2C and B2B consumers. Clearly this is good for consumers. But what may not be so obvious is the opportunity privacy and compliance opens up for businesses to better serve their customers.
We operate today in a buyer’s world where expectations are high, choices are plentiful, and people want control of their engagement and process with companies. Done thoughtfully, privacy and compliance is an opportunity to put your buyers in charge by re-thinking your buyer-seller relationship and governance approach. Rather than wait for laws and punitive regulations, businesses should go all in and put global, universal governance and permissioning in place for all interactions, experiences, and data management. It’s a bit of work up front, but it pales in comparison to the thousands of hours and millions of dollars businesses invest chasing governance, pushing away prospects and customers, and risking brand reputation and fines.
The smartest investment is to put a strategy and plan in place, committing to a more modern approach to governing customer privacy and managing data compliance. Here's what B2B teams can do to be proactive in a buyer-driven world.
1. Set Your Own Global Privacy and Compliance Standards
It all starts by reviewing the privacy laws around the world to understand and document their core requirements. Work with your legal and risk team to understand these requirements and then build your governance strategy based on what you learned. A smart list to start with includes: General Data Privacy Regulation (GDPR) in Europe, California’s Consumer Privacy Act (CCPA) and Consumer Privacy Rights Act (CPRA) in California, and Canada’s CASL.
Use the most stringent regulations as your standard for how you manage customer privacy, document compliance and govern data. Once in place, this becomes your global governance standards that ensures protection for your audiences and protection for your company. A common mistake is trying to manage to dynamic, varying regional laws. In the end, this takes more time and more resources.
A warning: Some marketers, sales pros and executives may become nervous. Even fight this move as your database numbers will likely go down, your marketable audience may at first shrink, and random acts of list and data dumps will be banned. Just remind them in business terms, it’s not about big database numbers — how big your database is, how many emails you send, how many forms get filled out. It’s about the quality. Marketing (and selling) today is about identifying, engaging and developing a trusted relationship with the buyers and audiences that matter to your business.
Related Article: Preparing for New Data Privacy Regulations? Learn From the GDPR
2. Govern all Third-Party Data You Generate Before it Hits Your Database
Marketers who grew up in the era of marketing automation and CRM developed practices that focus on cleaning up your database AFTER the contacts and records have hit your systems. This is wrought with challenges, primarily because it misses data and/or the team never gets around to cleaning it up or appending. Inevitably, bad data mounts like cigarette smoke taking over a room. The database becomes a cesspool of out-of-compliance data with no opt-in or bad or invalid company or contact info. It all goes downhill from there.
Data practices must be proactive. Put in place strong upfront governance engines and processes that check data before it goes into your core systems and database. This approach mitigates risk and saves time and resources in the long run. This is especially critical as buyers and the world become increasingly reliant on digital channels and third-party demand generation programs and data sources are the norm for generating new audiences and prospects. Best practices include validating contact and account info, standardizing data formats and checking for compliance before it’s uploaded into your database(s).
Make sure you document your processes and criteria to upload lists and data, with clear tracking on the source of the data. This provides a way for governance checks and tracking when field marketers, sales or other groups do bulk uploads or populate your systems and databases with lists.
Related Article: How Clean Data Supports Consumer Privacy Efforts
3. Data Hygiene Must Be an Organized, Daily Discipline With Measurable Health Targets
As sure as the sun will rise tomorrow, bad data will get into your database. However, with the right governance strategy, you can ensure personal data and your processes meet compliance standards.
A few must-have practices here: Establish a process for updating opt-in and communicating your privacy standard. Lawyers will try and take over the process. Be respectful, but don’t forget we are selling and working with humans. Make your outreach and the process human, maybe even interesting. Include an incentive, remind them why they want to be part of your brand and world.
The second is to set goals for database size, relative to your key go-to-market targets, such as total available market (TAM), target accounts, and the critical roles/personas that comprise your decision-making unit. For benchmarks, B2B teams have set a goal of having 80% coverage in your database of contacts at key accounts that also have opt-in permissioning. This keeps your data compliant and marketable, but also provides common goals across marketing, sales, customer success and your Operations/Data teams.
Related Article: Is a Single Source of Data the Way Forward for Data Governance?
4. Don’t Overlook the Importance of the Ability to Prove Compliance
One final note. Many B2B teams spend tremendous energy and resources working across the teams to remain compliant with regulations. The hardest and most important capability is having the processes and systems in place to document and show and prove specific compliance when there is a breach or a consumer privacy complaint. This is especially true when you work with third-party sources to generate new opt-ins and data via third-party demand generation programs and data providers. In this use case, you must equally share the burden with these providers by putting Data Processing Agreements, Sub-processor agreements and source agreements in place.
It's a buyer’s world and as marketers and brands, we’re just living in it. Now is the time to take all the energy and effort we put into governance and compliance and put it to work on behalf of the buyer to drive more impactful results for our business. By putting your buyer’s experience first and doing the hard work up front, data quality and compliance results will follow and become a competitive advantage.
Learn how you can join our contributor community.