Skip to Main Content
Silhouette of a woman to symbolize privacy


Customer Centricity in the Age of Data Privacy

How recent changes in privacy laws raise the value of first-party data and provide an opportunity for retailers

On Jan. 1, 2020, the California Consumer Privacy Act (CCPA) officially went into effect, giving California residents more power to control the way companies handle their personal data. It is one of the first comprehensive sets of data privacy regulations to be implemented in the United States, furthering the conversation on accountability, transparency, and the role brands play when handling consumer data in an age when buyer trust is not always easily earned.

This shift also places more importance on the value of first-party data, or data sourced directly from a customer by a retailer, rather than collected from a third-party source, like browser tracking cookies. Earlier this year, Google announced that it would be phasing out third-party cookies from its Chrome browser. In a blog post, Chrome engineering director Justin Schuh discussed the decision, noting: “users are demanding greater privacy--including transparency, choice and control over how their data is used--and it’s clear the web ecosystem needs to evolve to meet these increasing demands.”

What is the CCPA?

The new legislation gives California residents the right to access and manage personal data collected by companies. According to the bill, provisions include: 

  • The right to access personal data a business has collected about them, including demographics, online activity information, location logs, IP addresses and data collected to inform ad targeting.
  • The right to be informed of whether their information has been sold to third parties, and the ability to deny the sale of their personal data if desired.
  • The “right to be forgotten” i.e., the ability to request a business delete personal data collected.
  • The right to receive equal services even while exercising data privacy rights.

The CCPA follows the EU’s General Data Protection Regulation (GDPR), which went into effect for EU member states and foreign companies (i.e., the U.S.) doing business in EU member states, in 2018. Right now, the CCPA is structured to mainly impact larger companies (organizations that make more than $25M in revenue, earns more than half of their revenue from selling personal data, or actively purchases or sells data from more than 50,000 households). 

Woman logs into her mobile phone

A new age for retailers

For retailers, data has the power to inform and improve strategic decision making at every stage of the customer journey. Shoppers, especially millennials and Gen Z buyers, are willing to share data if they know a brand will use it to create more personalized experiences. But they’re also more aware of how companies use data and the potential risks involved, especially when company misuse or breaches thrust poor data handling practices into the spotlight.

As privacy laws continue to evolve, retailers are faced with the challenge of reinventing their data practices to adhere to a more transparent future, where consumer privacy is respected and data collection is viewed as a value exchange—with trust and customer-centricity fueling the relationship between consumers and brands.

Max Kirby, director, cloud solutions practice, Publicis Sapient, says that as data privacy becomes more prevalent, retailers must take a proactive, customer-centric approach to data collection, focusing on only collecting data that is relevant and contextual to interactions a customer has with a brand at different stages of the customer journey. 

“The challenge over the next 10 years for retailers is that they will take a data-driven journey and realize that it also has to be a data-led customer journey,” Kirby said. “That data, every time you collect it, has to be close enough to the customer expectation for experience in that moment… to collect the data you have to weave the collection into their experience – and that means according to their intent.”

Taking a customer-centric approach

When taking a customer-centric approach, clear visibility and control over data collected and leveraged across the entire supply chain becomes a greater necessity, with multi-stakeholder decisioning falling in line with both regulatory requirement and consumer need.  A unified, customizable Customer Data Platform (CDP) that enables customer experience optimization, on both the customer-facing side and internally, allows retailers to achieve this at scale.

A CDP collects first-party data based on interactions a shopper has with a retailer. It then ties this information, along with any second-or-third-party data, to a singular customer identifier, creating a 360-degree view or “profile” of an individual consumer. Data can be collected and resolved from both online and offline channels (call centers, in-store purchases, inventory, mobile interactions, e-commerce, etc.) and can be used to measure buyer preferences, purchasing intent, and product affinity.

This unified data view allows greater transparency and accountability across all channels and stages in the customer journey—enabling retailers to create more personalized experiences, while keeping individual preferences in mind.

Putting the customer in control

Putting the customer in the driver’s seat when it comes to data collection may sound risky—what if the customer decides not to share any data at all? But according to Kirby, embracing privacy preferences and giving consumers the opportunity to naturally share data fosters a growing relationship of trust, while also providing retailers with cleaner, more accurate data to act on.

“You may get less data, but you get more signal,” Kirby said.

In a simple example, a consumer may decide to opt-out of receiving email promotions, but opt-in to receiving coupons or offers in their mobile wallet or loyalty app via push notification. A CDP is able to unite these two insights, and signal to a retailer that “this customer prefers to receive promotions via mobile.” When armed with this information, retailers can create an experience that caters to the needs of the customer, while also adhering to privacy preferences.

Creating an environment of trust also allows customers to behave more naturally when interacting with a brand. Stellar in-store or e-commerce experiences can help prompt buyers to naturally share more details about their shopping preferences, like shoe size, or types of jewelry they prefer, or what new products they may be interested in, for example—all first-party data interactions that retailers can record to build an ongoing relationship.

A unified data platform

As consumers begin to take more control over their data preferences, and first-party data collection becomes more prioritized, it’s important for retailers to be able to accurately track, record and manage these preferences across the entire supply chain in a way that’s actionable, but also secure.

With a CDP, customer data is de-siloed, allowing every department to access a single source of truth when it comes to consumer data. But within a CDP environment, data permissions can also be managed in a way that allows different departments to only access the customer data they need to improve the experience at a given point in time.

According to Kirby, the challenge for retailers is uniting different internal organizations, and then determining what information each unit needs to truly succeed in delivering a cohesive customer experience.

For example, an update like an address change can impact multiple business functions, like logistics, location-based marketing, stock, delivery, etc. A CDP can ensure this update is propagated to every business function within the organization in a secure, actionable way, allowing retailers to become more agile when it comes to updating customer experience based on buyer preference.

“It’s two-way,” Kirby said. “It’s your customers and their needs, and it’s also your employees - understanding what their needs are is just as important.”

Looking ahead

Evolving data privacy laws are urging retailers to re-examine customer data health and execution across channels. While there is no catch-all answer to how compliance is achieved—the strategy developed largely depends on the direct needs and goals of the retail organization—building a CDP platform can help retailers future-proof their data processes, while providing a more transparent system that provides greater accountability for both internal stakeholders and the customers they serve.



  • 8 Trends Accelerating the Future of E-commerce in 2024

    Which trends really matter? Our industry experts highlight the shifts that every retailer needs to know.


  • Five Opportunities and Challenges for Retail Healthcare in 2024

    As retail leadership teams craft their health and wellness strategies, they need to find ways to bridge physical and digital customer experiences.


  • Beyond Product Recommendations: How Retailers Can Increase Profits with Generative AI

    Our experts summarize the state of generative artificial intelligence in retail in 2024, including use cases across customer experience, supply chain and back-end e-commerce.


Amy Onorato
Amy Onorato
Content Strategy & Thought Leadership