The Five Questions You Need to Ask Before Implementing a Consent and Compliance Process

As marketers continue reacting to COVID-19’s impact on in-person events, they’re ramping up efforts to reach customers digitally. But going too fast can cause trouble. Understanding data privacy laws is the key to building trust with customers today. As you increase your digital marketing, you need to make sure that it’s all compliant with GDPR, CCPA, and more. 

Addressing compliance means working with legal teams to understand the nuances of these customer-protecting data privacy laws. Here at Pardot and OneTrust, we’re committed to helping marketers follow data privacy laws and best practices. Here’s what you need to know to get started with your privacy strategy and define consent and compliance with your marketing and legal teams. 

Who are your customers and how is their consent registered?

To start, marketers need to identify their current audience. Are you marketing to businesses in the U.K. or customers in California? What regions does your strategy include? Every area and demographic now has complex requirements and laws surrounding them, requiring you to know exactly who you’re marketing to in order to determine how best to store their consent.

Beyond that, marketers should take a look at their current processes for capturing data, consent, and preferences. For example:

  • Do you use web forms on your website for asset downloads, contact requests, or event sign-ups?
  • What information do you ask for in these forms? 
  • Do you ask your audience to opt in to communications?
  • What are those communication mediums?
  • Once you’ve captured the data, what systems do you integrate with?
  • Where does this data live and who accessed the data?

Make sure the answers to all of these questions comply with relevant data privacy laws.

Are there gaps in your compliance flow?

After you’ve identified your audience and your processes for registering consent, you’ll need to identify gaps in your current compliance practices. Work with your legal, compliance, or privacy team to determine which data privacy laws, regulations, and frameworks apply to your organization. Then, evaluate how your program compares. 

Let’s use GDPR as an example. Here are some questions you should ask to ensure GDPR compliance:

  • Are the appropriate opt-ins available and purposes for collection clearly stated?
  • Are you requesting granular consent that is unbundled?
  • Are the consent options explicit?

Questions like these can help you identify gaps in your current compliance flow. Solve these gaps to create a truly customer-centric privacy program. 

Do you have a defined privacy plan?

Customer journeys are a major part of marketing today. Your company needs to have rules in place to protect customer privacy throughout the entire journey. Remember that your privacy policy is about more than compliance with global regulations: it’s a critical part of building trust with your audience. 

A comprehensive policy policy and strategy will help you deliver a transparent user experience to your audience, empower users with consent options, and communicate your values to customers. Once you’ve built privacy controls into your customer journeys, you can continue to build on your vision with the right tools. 

How do you put your compliance plan into action?

Now that you have a data privacy plan, you need to see whether you can put that plan into action with the tools you already have. For example, imagine your company uses Pardot and Salesforce. Do you know how to use these tools to meet privacy laws, or how to create objects to store complex consent data in your CRM? Do you know what to do if you need this data synced across multiple systems, and do you know what the market recommendations are for a process like this?

Pardot and Salesforce are here to help with your quest for data privacy compliance. We’ve built an entire page dedicated to how you can meet these regulations within each of our systems. Salesforce has developed new consent management objects on the platform to help house complex consent and compliance data, and provide the means to manage that consent data via APIs for integration with Preference and Consent management tools like OneTrust. OneTrust has also made an on-demand webinar — Top 5 Consent Management Strategies for Marketers — available to help you get started with your compliance and consent strategy. 

How soon should you get started?

Get started now! Compliance and privacy laws are here to stay, and there are more on the way. Take the lead and put your marketing team on the forefront. If you don’t get involved soon, the market will leave you behind. A hands-off approach to privacy and compliance will negatively impact audience experience, damage trust in your brand, or and lead to opt-outs and unsubscribes. Protecting customer privacy and instilling trust in your audience are now fundamental, and it’s essential to build privacy controls into every customer journey.

Stay tuned for future posts from Pardot and OneTrust as we dive deeper into data privacy. If you’d like to learn more now, take a look at some real world examples of Pardot and OneTrust working together. You can also watch a recent webinar by Salesforce and Pardot about the world of privacy and consent.