Third-party data is often obtained without explicit consent, so we can reasonably expect that all third-party activity will vanish now that GDPR is in effect, right?
Don’t panic yet — third-party data isn’t going anywhere. Data collected without GDPR-level consent will become obsolete, but the practice of acquiring data from outside sources is here to stay.
To use third-party while complying with GDPR, you have to evaluate and rethink your methods — as well as your partners’ methods — for collecting, storing, processing, and protecting data.
Ask the right questions about practices and data collection
Under GDPR, the data controller is equally as liable as the processor.
GDPR indeed complicates the relationship between data vendors, controllers, and processors. It’s increasingly important for marketers to work with partners who can not only show proof of compliance but have been regarding consent and transparency as the norm before the loom of GDPR.
Beyond asking the partners you work with if the consumer clicking “Accept” on the opt-in box understands how their personal data will be processed and handled, you should also be asking about their strategies for remaining compliant and what they offer for GDPR support.
Understand the GDPR guidelines for obtaining consent
The jargon and legalese of opt-in forms that galvanized GDPR were intentionally vague to confuse consumers about what user agreements they’ve accepted, i.e., what personal data would be collected from them.
Now, if consent is not individually and explicitly gained before sending marketing emails or collecting cookie-based data, it’s a breach of GDPR.
When formulating a consent request, the GDPR guidelines state “the request for consent shall be presented in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language.”
In short, keep consent requests separate from other terms and conditions, say exactly what kind of you’re data you’re collecting, avoid technical jargon, and make sure the request is obvious and visible to the user.
Work with trusted third-party data partners
No one thinks twice when they get a niche product catalog in the mail. That media is targeted to you in the same way digital ads are. In fact, many of the catalog data companies were the pioneers of digital segment creation.
The knee-jerk reaction of Facebook removing Partner Categories, an advertising option that allowed companies to use third-party data to find customers, has given third-party data an unfair bad rap among marketers.
Companies like Acxiom, Oracle, and Experian have provided purchase data to advertisers for a long time so they can target their ads to specific users and households. They obtain the information from other organizations, like credit card companies and loyalty cards. This data is important for companies that might not directly know who is purchasing their products, especially for consumer goods brands.
However, not all data partners are created equal. Marketers need to ask the hard questions, like how the was data collected, and how often it’s updated.
Believe it or not, there are upsides to GDPR
Yes, third-party data will be harder to procure and more expensive to use — especially for smaller brands that lack first-party data and rely on third-party data to power their advertising strategies. More people will oversee the vendor ecosystem to make sure data processing is consistent with GDPR.
The upside is GDPR will clean up the muck of bad data in the third-party ecosystem, making the question for us, the marketers, if the data is impactful for our advertising strategies easier to answer.
While there’ll be a lower volume, it’ll be better quality.