Book a demo
Login to console
  • Education

How can you make the most of customer data in a GDPR era?

Published on July 28, 2020 by Yannig Roth

Updated on May 27, 2022 by Yannig Roth

Still too many major brands do not comply with all the requirements of the GDPR, encouraging users to share their data in order to access a service. This is a big mistake bearing in mind that brand transparency is advantageous from both a marketing and a customer experience point of view. Why not just go all the way and allow your users to manage their data themselves through a Preference Center? So, how do you collect consumer data properly? How can you use it effectively in a GDPR era?






Justify and optimize data collection 


Why collect user data? 


Collecting and managing data, whether it be data used to create an account or communication preferences, is useful for a company either to enrich its CRM or to communicate. In the first instance, the data will allow the company to know its customer better and offer them a personalised service. In the second instance, the company will be able to personalise its offers and communication thanks to opt-in. 


As useful as it may be to the company, data collection raises a central question from the customer's point of view: how can brands motivate customers to give consent for the sharing of their data? The answer is clear: it must be perfectly transparent and provide them with real added value. The customer must have total control over the data they entrust to you, and must be able to benefit from services or advantages through this relationship.


How do you get your users to trust you with their data? 


In order to motivate your customers to give you their data, you have a number of options. Look at your objectives and decide which is best for you. For example, you can: 


  • Propose personalised content and benefits - by inputting personal information, customers will receive personalised offers and content relevant to their interests. 
  • Support your customers and reward their loyalty - offer support services (e-learning, training). To access this program, the customer consents to the use of their data 
  • Support and train your customers (B2B) - create a sales training and incentive program, allowing managers and salespeople to be rewarded and receive training 
  • Value your ambassadors - create an ambassador program enabling customers to ask questions about your product/service and be rewarded for doing so, allowing you to collect useful data to better understand your users 


These 4 ideas are different, but with the same logic. Whichever option you choose, when you collect customer data you should always put their the interest of the customer first. 


Manage your users’ opt-in/opt-out preferences 


With the GDPR, you can no longer deposit cookies without first collecting the consent of your users. Also, according to the recommendations of the CNIL, French companies must allow their users to accept or refuse tracers and cookies at the same time. However, this is something that very few companies do. 


The Preference Center, a tool dedicated to preference management 


So, forcing a user to give their data is not allowed. Moreover, a user has the right to access and change their personal information at all times. Of course, the ability of the customer to remove their personal information at any time is not exactly ideal for marketing departments, but… it’s the law!! 


To allow customers to manage their data, a Preference Center is the best option. By using this tool, your customer has the choice to subscribe or unsubscribe and you keep the proof of his consent. In short, you comply with GDPR. In addition, you offer your users simple and transparent access to their consent. This type of tool allows you to establish a relationship of trust with the user and to enrich your database in a reliable way. 


An example: Didomi’s Preference Center 


Often, brands manage preferences with a tool intended for something else (emailing, for example). At Didomi, we offer a Preference Center that allows the user to consult their history and easily update their preferences and for brands to take them into account. If you think that a multi-brand and multilingual Preference Center that allows you to manage preferences both online and offline can help your business, ask for a demo with us!  


Discover our Preference Management Platform


Have an explore of our Youtube channel and access all our tips on collecting consent and the advantages of a Preference Center for free! 


Ensure third party cookie compliance


The data collected can be divided into several categories, of which "third parties" are part. Used to enrich a database or expand an audience for advertising purposes, third-party data is data that is purchased or leased from your service providers or suppliers. 


How to ensure the compliance of third-party data 


First of all, you must ensure that your provider has obtained this data after correctly collecting the consent of its users. Although this obligation is rarely respected, the third party company must inform its users that it is forwarding their data to you. 


You must also verify that the third-party data has been collected for the purpose for which it was leased or sold to you. Finally, make sure that your provider's databases are regularly updated. 


As a reminder, data may not be kept for more than 3 years after the last contact with the customer and 13 months in the case of the collection of cookies (we will keep an eye on this, though, as it may soon be reduced even further). 


Our advice? Write down all these conditions in a legal document that you will send to your provider! 


Use of third parties and legislation 


Please note that the regulation of third-party cookies has evolved significantly with the GDPR. Still, some browsers did not wait for the implementation of the GDPR to restrict the use of third party cookies. Since 2017, you can no longer use them on Safari, and, since 2019, you can no longer use them on Firefox. Google Chrome will do the same from 2022. 




The implementation of the GDPR and the ePrivacy directive cannot happen overnight, of course. Nonetheless, by working on the user experience, companies will have no choice but to be more rigorous and to equip themselves with the necessary tools to act. There is still a long way to go, but it is a journey that we must all be in together!  


Want to ensure GDPR compliance? Schedule a demo with us


Book a demo


avatar Yannig Roth

Yannig Roth

Curious, open-minded marketer who enjoys writing & cycling in his free time.

Related articles