Available at a fixed monthly cost

Get your quote today

What we offer at a glance

  • Get an external data protection officer
  • Audit of your data privacy status quo
  • GDPR support for small businesses and large corporations
  • Personal contact person & individual support
  • Easier communication with authorities
  • 100+ experts from the fields of law, economics & IT

Don't trust us, trust them:

Jedox  Logo Contact Demodesk Logo Contact Elevate Logo Contact Canon  Logo Contact CBTL Logo Contact Alasco  Logo Contact RightNow Logo Contact Veganz Logo Contact Escada Logo Contact First Group Logo Contact

Learn more about our prices & services

or call us now: (020) 36956 452

The smart approach to personal data

The new regulations can help restore trust among a suspicious public when it comes to organisations and the use of their personal data. DatasGuard’s product Evangelist and co-founder of MyLife Digital, J Cromack explains how.

What you need to know in a nutshell

  • Organisation that use data privacy regulations to rethink and reorganise their processes improve their customer engagement
  • Compliance must go beyond a tick box exercise to achieve positive results
  • Creating trusted relationships leads to increased access to relevant and usable data and therefore stimulates innovation.

In this article

GDPR and consent requirements – a review

Ahead of May 2018 a headline in campaign, a marketing sector magazine, proclaimed: “GDPR will render 75% of UK marketing data obsolete”. The accompanying article stated that only 25% of the data held in marketing databases across the country met GDPR consent requirements, making the balance unusable. Our experience since May 2018, is that the reality is far worse when it comes to email contact-ability within some large organisations, some have lost the use of over 90% of their database. And with the Information Commissioners Office (ICO) still investigating the AdTech sector, real-time bidding and tracking technologies, the ability to deliver customers a personalised experience across device and channel is even more challenging. Organisations now need to focus on their first party data asset, increase consent and enrich this data as much as possible, whilst ensuring any third party data acquired is compliant.

Putting emphasis on the consumer to simplify the consent process

GDPR – the European Union’s General Data Protection Regulation, and the UK’s implementation of it, the UK DPA 2018 and now UK GDPR - regulate how personal data can be collected, stored and used by companies and other organisations. To date, we haven’t seen many organisations fully embrace the regulation, with the objective to elevate their trusted brand status, to enhance customer engagement through greater transparency or to empower consumers to self-determine how they are communicated with, and what about. Compliance should be more than a box ticking exercise.

Gartner has regularly made significant strategic assumptions that by 2022 half of our planet’s population will have its personal information covered under local privacy regulations in line with the GDPR, and 30% of consumer-facing organisations will offer a self-service transparency portal for preference and consent management.

With brands needing to concern themselves with a fast-paced global privacy and data protection landscape, our view is that they need to focus on two things:

  • Firstly, put the consumer front and centre of all decisions with regard to the collection and use of their personal data, and
  • Secondly, implement to GDPR standards across all territories and ‘tweak’ locally as the regulations are firmed up.

Putting the consumer first and at the centre of the decision-making process, means implementation of the updated, and new, regulations across the globe will become a lot simpler.

So, in today’s environment have marketing departments, hampered by regulation, ground to a halt?

Research by marketing automation leader Marketo found that 72 percent of organisations that had almost exclusively focused on how to use the new regulations to build or improve customer engagement had exceeded departmental targets. In other words, using the regulations to rethink and reorganise helped them get better at marketing.

Marketing is about building relationships, and all good relationships are built on trust. The problem is that trust is in short supply - the same Marketo research found that 72% of consumers were concerned about data privacy and were unwilling to share their data. This leads to the ‘privacy paradox’. Similar research conducted by Epsilon has found that 80% of consumers are more likely to do business with a company that offers personalised experiences. This is multi-channel and across devices, which requires the need to share data.

Becoming a trusted steward

This is where the new regulations can be used to help organisations, and brands, to deliver greater, more personalised experiences. By becoming trusted data stewards – by delivering greater transparency, tightening personal data security and better management of consent and preferences for marketing activity, the updated regulations are a great opportunity for organisations to rethink and recast their activities and build trust.

A first step towards becoming a trusted data steward is to avoid making common privacy mistakes. Check out our whitepaper about 6 data privacy mistakes almost every company makes and how to avoid them.

The data game is like a dating game

The GDPR certainly puts power into the hands of consumers – in most instances they decide how their personal data can be used. As a result, marketing departments have had to rethink relationships. What the smart ones realised is that the data game is like the dating game. Rush into it and the object of your affection is likely to take flight. On the first date you don’t ask how much they earn or whether they believe in marriage. Just getting their phone number can be a good result. Marketers need to take it slow, show the prospect respect, tact and discretion to reap rewards.

In practice, this means asking for only what is needed to conclude the first encounter – leave them wanting more. Get it right and there’ll be a second date, maybe more. Over time your customers will provide more information as trust grows. But this takes some preparation to play the long game.

Set the right tone at each stage to build up trust

To get the tone right at each stage, organisations first need to assess just how much value can be achieved from each extra piece of personal data they ask for. A healthy pregnancy campaign run by a pharmacy will be made significantly more efficient if it knows the sex and age of its contacts. But delving deeper to ask marital status adds proportionally less value –it’s not critical information. Even better, just ask for each customer or prosects preferences, so you can better personalise campaigns and not infer things that may cause offence.

Equally, it’s important that consumers know how they are likely to benefit from divulging more personal data. So, for example, explain that if they share their date of birth, they will receive a special 50% discount for their birthday. Organisations that explain clearly why they want information and how it will enhance the service they provide show a level of transparency that consumers react well to.

According to Boston Consulting Group, companies that excel at creating trust could increase the amount of consumer data they can access by between five to ten times, with the resulting “torrent of newly available data meaningfully shifting market share and accelerating innovation”.

Trust comes from consistency – always being treated in the same respectful way

By having a consent and preference management platform integrated within a brand’s marketing stack, marketing departments can make sure that all the personal data they collect is stored, synchronised across systems and acted on according to the relevant consents and preferences collected across every touch point.

The relevant information provided to the consumer and every interaction is recorded to demonstrate transparency and accountability. Our consent and preference management platform includes the following features to support these requirements:

  • Retain+ (also known as value cards); these allow brands to communicate the value exchange consumers will receive from sharing their data or providing consent to use the data, and equally what they will lose if they withdraw it.
  • Engage+; consumers are only presented with the ‘next best consent action’ based on their current status and the context of their browsing of your site, so they are not bombarded with the same requests they have already ignored, refused or even in some cases accepted.

We see this as a potential solution to the challenges faced today by the AdTech world and the requirement for a more granular, transparent consent mechanism.


Campaign’s headline might have been right about the state of the UK’s marketing databases, but its implication that digital marketing was doomed was flawed. Implement the regulation with the consumer at the centre of the decision-making process and the relationship will be enhanced and ultimately more valuable, not undermined. It’s just a matter of showing some respect.

Back to the top

About the author

J Cromack J Cromack
J Cromack

J is the Co-Founder of MyLife Digital, a consent and preference management business acquired by DataGuard in 2021, as well as founding member of MyData Global and DataIQ Privacy & Trust Champion 2020. J is an advocate of rethinking personal data to reinforce trust and the opportunities emerging from GDPR. He speaks regularly on the subject thanks to his pragmatic approach to data ethics, privacy and data protection. He articulates clearly how organisations can embrace the new regulatory landscape to deliver greater value and build trust with their consumers. In 2020, J was awarded DataIQ’s Privacy and Trust Champion award and is recognised by DataIQ as one of the top 100 most influential people in data-driven businesses and the innovators who support them.

Explore more articles