Can Brands Protect Privacy While Personalizing?

I sometimes think personalization is the best thing that happened to humankind in terms of marketing. As a consumer, I love getting suggestions on what to buy, especially when it’s exactly what I need.

Sometimes I feel as though I’m under constant surveillance, however, so I turn on my ad blockers, I surf in private mode, and I report ads that are not relevant to me. Of course, my marketer’s hat twists and turns when I do, but my peace of mind is more important than ads that are not relevant, right?

  • Most people have this type of relationship with technology. They view personalization and privacy as a dichotomy — we can have either one or the other. This goes back to the very definition of the words. According to, personalization is the process of making something suitable for the needs of a particular person.
  • Privacy is a state in which one is not observed or disturbed by other people.

How can we create something specific without observing a person’s needs? We can’t. What we can do is create something personalized while making it less intrusive to a person’s privacy and personal data.

Data as the Modern Currency

There are two major currencies today besides money: attention and data. As Milton Friedman often said, “there is no such thing as a free lunch,” and nowhere is that more obvious than online. We consistently make a conscious tradeoff. We allow bits of ourselves to be observed just to gain access to a service or information.

We read articles, browse online forums, and interact on social media without paying any money. We are well aware we are giving something in return — first our attention, and then our data. Marketers need our attention to keep their services running. They also need data to optimize ad distribution and improve the relevancy of the services offered.

At least in theory, this practice should improve both the efficiency of services offered and the users’ customer experience. For most of us, this is a non-issue. The problems begin when users start feeling they have given much more than they received, and that their data is being abused.

As marketers, how do we make sure that line is never crossed? How do we balance between making sure users get the products they need without going too far into their personal matters?

When personalizing products and services, companies usually make the following mistakes:

  • Some companies employ “the more, the merrier” approach: They collect everything they can about the customer instead of focusing on the data they actually need.
  • They don’t make the privacy and security of customer data a priority.
  • They don’t tell their customers what kind of data they are collecting and how they are using it.

Therefore, it’s simple to say the key is collecting exactly the data we need, being transparent about it, and storing that data in a proper, secure form. How do we actually do that?

Underlying Value: Treating User Data With Respect

1. Which data do you need and what do you need it for?

If you don’t know what you need the data for, you don’t know what you need. Some businesses fall into the trap of thinking they should gather as much as possible, which can lead to many problems.

Aside from the fact you are being intrusive when it comes to the privacy of your customers, if you don’t know what to do with the data you have, most likely you won’t know what to do with the new data you collect. Think about it. Do you really need to know the name of my pet or my phone number? I can’t remember how many times I’ve entered my phone number into an online form as a requirement, while we both know your company won’t really need it in the future.

Collecting data is just the first step in a bigger process of gathering, measuring and analyzing data to make better decisions. It’s not just turning on cookies, tracking our customers, and pushing ads to them based on retargeting tools and similar audiences. It’s also about knowing what story to tell, when to tell it, how and where. Sometimes that data is all about interviewing our customers, but it also simply can be using patterns in communication.

Some user data you will use individually, while some you will use in an aggregated manner. For aggregated data, use pseudonyms or keep users anonymous if possible. That way you make sure data can’t be connected to a specific user. As a business, your main goal is to understand your customers. Make an audit of the data you have, and evaluate which pieces are important to the bigger picture.

2. What are you doing with the data?

Our task is to recognize and frame a problem, collect relevant data, process that data, and review the findings in order to relate them to the problem. The key issue here is that processing data, especially if algorithms are involved, can become similar to a Pandora’s Box, with nobody knowing what is in it or how it works after a while.

If you are selling towels and the only thing your algorithm does is make recommendations on the color, size and composition of towels, perhaps that is not as big of an issue. If your algorithm is in a position to impact the livelihood, health or other important aspects of someone’s life, it becomes a big issue. We need to know how data is processed to exclude bias and prejudice from the process.

I sometimes believe the reason behind all those complicated and vague Terms and Services documents is that people writing them don’t know the process themselves. Or perhaps they do, but they are purposely trying to obscure them with legal mumbo jumbo.

Well, use this as guidance: If you ever feel the need to obscure the process you are engaging in, it’s time to seriously rethink it. And I am not even speaking about selling data to other companies.

3. Is the data collected, processed and stored securely?

The issues raised so far were brought to light with recent data privacy regulations, such as GDPR. Even though they may not apply to your business, the guidelines represent a good standard to uphold. One thing it illuminated for many businesses is what securing your data really means, both online and offline.

Yes, if you have an online business you should be focusing on securing the online data. You should really know better than saving all your users’ passwords in plain text. However, if you have documents lying around your office, those may contain customer data as well, and you need to pay attention to that. However, when it comes to offering personalized services, the bigger issue often is human error.

There is no one person in charge of making sure your company is treating users’ data with respect, or at least not just one person. That job falls to each and every one of your employees. Just as employees at a five-star hotel know how to protect the privacy of their guests, all employees in contact with users’ personal data should be educated on how to handle it with care and discretion.

This, of course, should be based on your company’s procedures regarding how employees access data. It also is a good idea to ensure employees are accessing only the data they need for their job, rather than all the data available for the entire organization.

4. Are you transparent with your practices?

People are more than OK with giving away their data if they know why they are doing it and what they are getting in return. The issues arise when consumers feel they’ve been exploited. So it all comes to the issue of trust.

How do you build trust? By being transparent about every part of the process! I don’t mind when marketers track my online preferences if I know they will use it to provide me with a better service. I mind if I find out they sold that data without me knowing.

People appreciate the comfort provided by the modern age, and you might even be surprised by how much people are willing to share when the ball is left in their court.

Being transparent might mean reworking your Terms and Services, but you also should find other ways to educate your users about what they are accepting and signing up for when they use your service.

This can even be a way to strengthen your brand if you highlight all the measures you take to ensure your users’ data is treated with respect and protected in a safe and secure manner. Of course, this also means alerting users if you mess up — because it is bound to happen — and doing your best to fix the issue.

So, Can Brands Protect Privacy While Personalizing?

The answer to this question changes constantly with the development of technology, emerging privacy-protective regulations, and corresponding practices within organizations, but in general — yes.

I hope that after reading this, you think about the way you are treating customer data. We are living in a world of rapid change, with new technologies being introduced as we speak, all of which continue to impact the way we interact with users.

However, one thing should never change, and that is our attitude and approach toward users’ data. When it comes to the legal and technical aspects of protecting user data, it may be best to consult with qualified teams who can provide more specialized support.

However, I simply advocate for one thing: being mindful about your actions. When ethical principles and respecting the privacy of your users are at the core of everything your organization does, the rest will fall into place.

Natasa Djukanovic

Natasa Djukanovic is the CMO of Domain.ME, the international tech company that operates the internet domain ".ME." She's spent her entire career at the intersection of social media, leadership and technology, and is constantly trying to figure out the secret to being in three different places at the same time.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories

E-Commerce Times Channels