woman looking at email on her phone
Editorial

Lessons in Transparency from the Great Opt-In Race of 2018

5 minute read
Patrick Salyer avatar
Analyzing the last-chance emails leading up to the GDPR deadline through a lens of transparency.

In last-ditch efforts to preserve their European Union prospect databases, marketers sent a dizzying variety of “opt-in” emails in the days leading up to the General Data Protection Regulation (GDPR) enforcement deadline on May 25, 2018. And in the overwhelming majority of cases, response rates disappointed.

Aside from consent collection, however, these last-chance communications were a litmus test for businesses on another GDPR principle: being more transparent about personal data collection and processing practices. Even if they didn’t convince consumers to opt in, these emails were an opportunity for companies to demonstrate their commitment to offering unambiguous consent requests and clearly stating the purpose of their communications.

How did the marketplace do? Let’s analyze these last-chance emails through a lens of transparency.

Hitting the Sweet Spot or Missing the Mark?

In its Guide to the General Data Protection Regulation, the U.K. Information Commissioner’s Office (ICO) said requests for consent should be “prominent, concise, separate from other terms and conditions, and easy to understand.” The ICO also said each consent request should explain why you want the data and what you will do with it.

While messages with those elements may not have elicited high opt-in rates, they at least demonstrated that the senders prioritize consumer privacy and are prepared for GDPR compliance.

Yet even among companies that are big enough and have enough money to address GDPR requirements effectively, these three common issues caused brands to miss the transparency mark:

  1. Misleading email subject lines. Some promised cheaper services; others used the old “RE:” ploy to trick recipients into thinking the email was actually a reply to a personal message. While these tactics might boost open rates, they’re far from ideal when the goal is to build trust, show transparency and encourage people to opt in.
  2. Bundled consent requests. Some companies confused recipients by trying to get consent for terms of service, privacy policies and marketing communications in one fell swoop. Others tried to bundle their requests with promotions, confusing and angering many people, since the only way to take advantage of the promotion was to sign up for marketing communications they didn’t want.
  3. Lack of a clear opt-out choice. Many companies pushed the envelope too far in their attempts to get prospects to opt in. Some unsavory tactics included presenting only an “opt in” choice; offering two choices: agree to receive all communications or just a reduced amount; or presenting dominant, colorful opt-in buttons and relegating the opt-out buttons to small, hard-to-find rectangles.

Related Article: All That GDPR Consent Spam? In Many Cases It's Unnecessary

Takeaways From the Opt-in Extravaganza

If you want to build trusted relationships with customers, transparent data collection and processing is a digital experience imperative. With GDPR now in effect and with other consumer data privacy regulations on the near horizon, businesses must adhere to granular requirements for delivering more transparency. How can you meet this evolving demand? Here are four steps to consider.

Capture preferences and consent the right way — at each interaction

The GDPR-enforced “right to be informed” requires companies to notify customers about the collection and use of their personal data at the time it is collected. In most instances, you must inform individuals of your purpose for processing their personal data, how long your business will retain that data and who it will be shared with.

Designing an approach to provide this information at every consent capture point in concise, easy-to-understand language — from initial cookie, to full registration, to first purchase and return visits — will help you address GDPR requirements while demonstrating your commitment to your customers’ privacy and well-being.

Learning Opportunities

Centralize customer data storage and management

When a customer entrusts his or her profile, preference and consent data to your business, store it in a centralized and secure environment.

Rather than trying to manage different data points in multiple silos, centralizing them into a single data store of unified profiles makes it easier to track the communications and activities customers have given permission for. In addition, a central repository streamlines responses to customer requests for data, the automation of consent renewal requests and policy version-control maintenance.

Ensure synchronization with downstream technologies

If any of your brands, properties or downstream application or service vendors don’t meet GDPR requirements, the entire organization runs the risk of incurring large penalties, not to mention breaking your customers’ trust.

With each customer’s profile, consent and preference data stored in a single, unified record, you can govern profiles centrally while orchestrating them across the digital ecosystem. This paves the way for innovation through bidirectional data synchronization with data management platforms, email and marketing automation providers and any other third-party applications and services. With the customer profile as a single source of truth, these tools can be used to responsibly drive world-class omnichannel marketing, sales, services and product strategies.

Empower customers with control

Finally, put customers in control by offering an intuitive preference center that enables them to easily view and manage all of their information in one place. Through such a portal, customers can give or withdraw their consent, change their preferences and correct their profile information. They’ll feel respected and in control, and your business will stay out of harm’s way because their changes will be enforced consistently across the organization.

Related Article: How GDPR and AI Turned Unified Data Into a Business Imperative

Focus on Quality, Not Quantity

In this new era, your goal should be to increase the value — not the volume — of customer data. When consumers choose to opt in, they are putting trust in your business. A holistic strategy for honoring that trust and enforcing people’s wishes across the enterprise is a core capability for businesses looking to be more transparent and to unlock new potential in a crowded, customer-experience-driven marketplace.

About the author

Patrick Salyer

Patrick Salyer serves as General Manager of the SAP Customer Data Cloud and is responsible for driving vision, strategy and day-to-day operations. Under his leadership, the SAP Customer Data Cloud has become the industry leading platform for helping companies build trusted digital relationships with over 1.3 billion consumers.