gdpr, CCPA, audience targeting, Eyeota onboarding, Data Quality, data privacy, PII

Maintaining Privacy Compliance Throughout the Data Onboarding Process

By: Aaron Jackson, Chief Growth Officer

In recent years, data privacy has become an increasing point of focus for governments and businesses around the world. Strong legislative efforts like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have fundamentally changed the way brands collect and use customer data.

As the global regulatory environment continues to evolve, brands will need to be vigilant about how they deliver messages to consumers online. This is especially important for brands looking to bring their offline data online. Data onboarding involves taking customer information from disparate offline sources, like transactions, competitions, surveys and loyalty schemes, and bringing it into an online environment where it can be used to reach new customers. Because this process deals with vast amounts of data, brands should carefully consider the privacy standards of the vendors they work with.

Removing personally identifiable information from consideration

As privacy regulations have strengthened in recent years, traditional, deterministic onboarders have run into a problem: Their process uses personally identifiable information (PII), which is protected under regulations such as GDPR. Examples of PII include email addresses and phone numbers. From a privacy point of view, deterministic onboarding is flawed because it uses one-to-one matching, which can be risky. Using offline data to find specific individuals online has limited benefits today and requires consent from individuals. 

Privacy-focused onboarding providers like Eyeota take a different approach. We leverage a one-to-many process using propensity modeling and geographic location markers to deliver data onboarding. By using geolocation markers with more than five individuals, we eliminate the risks involved with targeting individual consumers while ensuring user privacy and offering greater opportunities for scale.

Ensuring compliance with variable global regulations

The number of privacy regulations around the world is growing. At the same time, interpretations of legislative actions are also evolving. Brands operating in this varied environment need to ensure that their onboarding practices comply with any and all applicable laws. Choosing a non-deterministic approach is one of the best ways of doing so.

Brands should speak with their onboarding partners to ensure they’re comfortable with the onboarder’s privacy practices. Eyeota, for example, takes steps to ensure that all data providers we work with have a consent platform in place in the relevant markets. In addition, stripping out PII from brand data eliminates the possibility of impinging upon an individual’s privacy when sending online messages. Regulations like GDPR and CCPA have made it clear that deterministic onboarding is no longer a viable option. That makes it all the more important to choose an onboarding partner that takes privacy seriously.

Balancing privacy, precision and performance

Eyeota’s cohort process not only ensures brands protect their customers’ privacy, but also opens the doors to new opportunities. Our geolocation-based methodology enables brands to target net new customers who exhibit qualities similar to those of their existing customers. While some precision is lost, the likelihood of attracting new customers actually increases, because the brand isn’t solely targeting its existing customer base. This means brands can focus their efforts on attracting and nurturing new customers who are likely to respond well to the messaging. 

Finding an onboarding partner that is serious about privacy is extremely important in today’s ever-changing regulatory environment. To learn more about how Eyeota Onboarding preserves privacy while delivering exceptional performance, get in touch with our experts