Why retailers must balance personalisation and privacy

Online shoppers crave convenience, yet they’re becoming less willing to share data that would help etailers to refine their customer experience. Can they have it both ways? 


Retail has entered a new era: consumers want more than products; they also want experiences that connect them with their chosen brands. 

To meet this demand, retailers and marketers must discover more about who their customers are. They are using data and personalisation methods to engage with shoppers in meaningful ways, helping to build relationships that feel authentic. Yet at the same time, consumers are generally becoming more cautious about sharing their personal information, as their concerns about ensuring data security increase.

“The ability to personalise allows a brand to differentiate, creating more experience and value around its product in a competitive, price-driven market,” says Andrew Frank, research vice-president at Gartner. “But consumers are realising that they’ve been giving up more data than intended – and that they have little control over how it’s being used.” 

Personalisation is an effective marketing strategy, but the feeling that a brand is following you around online, or even eavesdropping on your conversations, is a disconcerting one. The negative response from consumers to what many view as surveillance, rather than benign attentiveness, has prompted some remedial reaction from the tech industry.

Google has announced that it will stop the use of third-party cookies in its popular Chrome web browser by the end of 2023, for instance. In the process, it will fall in line with Apple and Mozilla, which have already ditched the tracking technology from Safari and Firefox respectively. Apple has also introduced a privacy feature called App Tracking Transparency to iOS 14.5, the mobile operating system used by its latest iPhones. And Facebook has deprecated the Advanced Mobile Measurement program, which means that advertisers on the platform receive far less detailed information about users than they had grown accustomed to.

It’s crucial that each data point serves a tangible purpose that ultimately adds value

But such moves present challenges for both businesses and consumers, according to Gartner’s senior principal for marketing research, Mike Giblin. 

“Customers are concerned about the way their data is being used, sold and otherwise profited from by companies that they don’t believe have a right to it.” So says Jennie Gerum, chief marketing officer at software firm Voyado, who adds that people have little recourse beyond choosing to shun a given service, since these firms often do have a legal right to use their data. 

“We’re at an interesting point, where customers think they can get a good, personalised experience while also being very protective of their data,” he says. “By pulling away data access, they will make their experience less personalised and reduce its quality.”

A global survey published last year by US software firm Acquia found that 40% of consumers didn’t trust all brands to handle their personal data properly. Moreover, 82% of the respondents reported receiving marketing communications that they couldn’t recall ever being asked to allow. 

Prioritising privacy

So how do retailers get the balance right? Developing customer experience (CX) strategies that don’t rely on third-party cookies and ‘surveillance marketing’ will show that you’ve heeded consumers’ concerns and it’s also the best way to future-proof your business, argues Niki Hall, chief marketing officer at web analytics specialist Contentsquare.

“Online customers are providing a constant source of feedback on your brand’s digital experience as they navigate your website or use your app,” she says. “How they browse, what paths they take to achieve their goals, where they get stuck – all this data provides clues to how good an experience they’re having.” 

Using such information wisely and being transparent about requests for further customer data should be the cornerstone of an approach to personalisation that’s based on digital trust and CX excellence. While there isn’t a firm answer for how much material customers are willing to hand over, Hall says that the consensus is that they’d prefer not to share overly personal data. Rather, they want to know more about what is being collected from them and how it’s being used.

“Brands must closely scrutinise what data they’re asking for and why,” stresses Stephen Gilbert, loyalty solutions director at CX specialist Collinson in EMEA. He adds that retailers need to ask themselves what the purpose of each piece of data is – and what value the customer gains from sharing it. This could come in the form of targeted offers and exclusive rewards – or simply a better shopping experience. 

“It’s crucial that each data point serves a tangible purpose that ultimately adds value to the business and/or its relationship with the customer,” Gilbert says.

Tailoring your approach

It’s a strategy that’s working for Victor Lugger, co-founder and CEO of restaurant group Big Mamma and hospitality payment app Sunday. He reports that he only uses opt-in data to improve the CX his businesses offer. 

Lugger explains: “A vegetarian may want to see only the vegetarian options on a restaurant’s menu. Someone with a particular food intolerance will be keen to look only at the dishes they can enjoy. Does the restaurant need to have their full personal data for this? No. But a customer who dines there regularly may benefit from a loyalty programme and be rewarded with special offers, so they may share their email address. Each case is different and must be treated differently.”

This is where striking a balance between a tailored approach and one that might be considered invasive is key.

One of the privacy functions of Apple’s iOS 14.5 obliges apps to seek permission before they can collect tracking data from iPhone users. Of those with the new operating system installed on their devices in September 2021, about 21% had opted to allow such tracking, according to Statista. Companies such as Facebook have been hit hard by this increase in privacy, yet there has also been a boom in hyper-personalised subscription services over the past 12 months. These businesses rely on collecting personal data from customers and, in many cases, far more sensitive data than Facebook can access, such as information about people’s health.

“The difference is that they’re not collecting data to target adverts,” explains Lee Wilson, head of services at marketing agency Vertical Leap. “They’re doing it to build unique experiences for customers and help individuals to find the perfect products for them.”

Wilson cites the example of subscription company Vitamin Buddy, which uses the information supplied by a customer to build a two-way relationship. “Every piece of data submitted by a user improves the quality of the products they receive. At the same time, this allows the company to increase the relevance of each recommendation and so retain the customer for longer,” he says. “Intent is important – and so is value perception.”

A business can tackle the issue of relevance head on by conducting a data audit, suggests Rodolpho Cardenuto, president of applications at US telco Vonage. This would entail an exhaustive review of all the points at which it obtains and processes personal data, along with the legal justifications used and permissions gathered, he says. This can provide an informed starting point to ensure that any data collected is seen to be serving the customer first and foremost.

In addition, Cardenuto advises companies to give customers the option of deciding when their data is erased. This can empower them to manage their compliance needs more easily and reframes the collection of data as a consensual element of the business-customer relationship. 

Although privacy measures will only become more stringent in the coming years, firms that are already building relationships around the exchange of data and showing the value of personalised experiences are likely to gain a competitive edge.