The next set of dots to connect into your single view of the customer is the digital portion of the customer journey.

Data gets complex in the connections here. But before talking about the connections, we need to make sure you have the necessary permissions from your customers to connect their digital search and behaviours to the rest of your data.

Privacy policies and terms of use/terms and conditions policies will determine how you can bind the data together and, more importantly, what you can do with the view you create.

It is imperative to stand by any customer data policies in place.
It is imperative to stand by any customer data policies in place.

I am not a lawyer, so please check with your legal team for specific recommendations to fit your situation as these are personal observations and not legal advice.

Before you connect the digital data to terrestrial data, print your policies and the legal fine print on your invoices/sales materials and the sales closing scripts used by your subscriber services department. Grab a yellow highlighter. Time to make sure you aren’t about to do something you said you’d never do.

While reviewing, here are some places to put your attention:

  • General data protection regulation (GDPR): There are a multitude of articles on implementing policies that comply with GDPR. I recommend you spend a good deal of time with legal counsel to make sure you are complying. Even U.S.-based companies should make sure they are properly documenting their status in the policies and terms and conditions.
  • E-mail address usage: How many times have you heard the line “we only use your e-mail address to set up your digital access user ID” or something similar. If you are linking digital to terrestrial data, you’re going to use the e-mail address as a connecting point and this breaches the oral contract of use.
  • Mobile: Do the policies cover geo-position data? Mobile is fairly new and the policies of desktop computing may not be enough.
  • Right to forget: For those of you outside of the GDPR requirements, are you making any promises about retaining data, or using data within a session to drive recommendations? Do the policies cover what you are doing?
  • Third-party use: Everyone uses a third-party provider of some sort in the digital layer. Do you know what the third party is doing with the data it collects? Does the company retain the data in any way? Make sure your provider’s policy isn’t in conflict with yours. There is a third-party vendor that provides local and national turnkey contests. It provides several generic policies on its contest sites to cover what the company does. The policies are editable, and when working with this vendor on setting up a contest, it repeats many times during the setup work that you should review the generic policies with your legal team. You should!
  • Internal use: Again, if circulation customer service indicates to the customer the e-mail address is used to look up an account then you can’t use the e-mail address to send the customer a renewal notice. 

Keep it fresh. I suggest an annual review of the policies. However, if you implement any new software, or app, you should review the policies before implementation to see if the new technology is going to do something you hadn’t planned on doing (or specifically had said you wouldn’t do).

Also, this may sound dumb, but do you state in your policies that you will be updating them from time to time and how you will notify the user of the changes?

A client with whom I just completed a project had a privacy policy that was eight years old and didn’t have terms of use or contest rules (an online version) policies at all. The privacy policy didn’t cover how the client data gathered was passed to a third party — an example was the pass to the third party to gather longitude/latitude information to place the customers’ location pin on their mobile deals application.

The client said people use maps all the time so it was no big deal. Good enough? No. You, in my opinion, need to be very transparent with what you are doing with a customer’s digital bread crumbs.

Putting the pin on the map was not the only thing happening! Behind the scenes, the mobile application was writing the customers longitude/latitude and timestamp information to a database where the information was retained. From the database, a person’s home address could be determined … and so on. Updated policies were drawn up, and the legal team is reviewing them.

Now, back to the dots connecting. With the data use policies published, and an ongoing dialogue between the software teams and the policy writers, we can move on to joining the digital and physical worlds.