Dhiraj Kumar, Dashlane CMO
The global customer relationship management market has exploded to approximately $58 billion this year, and that number is expected to grow to $128.97 billion by 2028. This massive opportunity has attracted several new CRM vendors, while many other marketing automation solutions are also adding CRM-like components to their platforms to keep pace.
This is excellent news as competition helps lower the price and provides more options for customers of all sizes across various market sectors. However, as valuable as the data a CRM can provide may be, it also comes with significant responsibility to ensure that customer data is used the way it is intended and by the people authorized to use it.
More sophisticated CRM systems might be managing more sensitive data beyond just names and emails — it’s buying habits, pricing data, payment information, personalized service profiles and more.
Why the data privacy conversation is so important right now
Data privacy should never be a conversation for the backburner, but recent data breaches have put it at the forefront of many executives’ priorities. Expanded data privacy laws were the natural response to these breaches, forcing businesses of all shapes and sizes to prioritize privacy.
In the U.S., if a company does business in California, the California Consumer Protection Act (CCPA) governs user privacy standards. The General Data Protection Regulation (GDPR) also enforces privacy and security standards on everyone who collects data from customers based in Europe.
Another perhaps less apparent reason is that SaaS-based CRM platforms are built on technology stacks that often include several other partners. CRM developers may use a variety of vendors for hosting, CDNs, databases and JavaScript frameworks, to name a few.
Therefore, it’s important to know upfront how each vendor will handle and maintain data privacy and integrity as it’s likely they will interact with the company’s data at some point. The following questions are essential to understanding that dynamic and getting CRM right.
What does the privacy of end-user data look like?
Much like a safe-deposit box, a CRM vendor should be responsible for protecting valuables without really knowing the specific contents put into it (nor should a third party, without clear and explicit end-user consent). With that, tools like a password management solution can really help to implement and manage employee controls on customer data and create a zero-knowledge architecture within the organization.
How is employee data handled?
With any CRM or marketing automation tool, it should be the customer’s responsibility to decide the appropriate level of privacy for their employee and company data. They should be able to choose to provide access at levels that are appropriate to their type of business, company culture and the regulatory constraints in their particular industry. And they should be able to choose to change those access levels quickly and simply. These are not the types of decisions a vendor should make for a company or hardwire into their solution.
How to maintain the privacy of usage activity
The beauty of using a SaaS-based tool is that it’s dynamic and constantly seeks to adapt and improve to suit a company’s needs better. It needs to track usage patterns and learn from usage activity to do this effectively. It is critical that all information about how a company interacts with the CRM and other services and websites is always anonymized and cannot be tied to individual customers. This information should also be clearly and explicitly called out in the vendor’s privacy policy.
How is personalized behavioral data handled?
Like company usage activity, the customer’s experience improves the more it is personalized. This data can be very sensitive, so to maintain customer privacy, the trigger to this personalization should be separate from the database. Ideally, it should reside within the user’s device while the personalization details remain anonymous in the cloud.
When — and how — is data shared with third-parties?
The tech stack on which most SaaS-based solutions are built requires information sharing to be effective. But data can be shared for other reasons, including optimizing marketing and advertising efforts, such as ensuring that a customer isn’t served ads for a product they already use. Understanding how these policies work is crucial because they can vary significantly based on providers. Freeware and Freemium have to be paid for by someone, and often, the cost can be a company’s data.
The future of CRM and privacy are linked
CRMs are powerful tools and, when used properly, they allow businesses to improve their dialogue with customers, identify needs quicker and more accurately and increase customer satisfaction by providing the right solutions at the right time. However, maintaining customer and company privacy is a complicated topic that cannot be overlooked regardless of the potential benefits to the bottom line.
Privacy needs to be an ongoing conversation in an organization and with any vendor as well. Both need to be prepared to evolve their thinking and policies regarding privacy as societal norms, industry practices and government regulation can quickly and dramatically impact how a company handles data.
Sponsored By: Dashlane
More from Digiday
Chasing U.S. growth, Tony’s Chocolonely focuses on a retail media and social blend
Premium chocolate brand Tony’s Chocolonely is focusing on retail media and paid social as it targets U.S. growth.
Creators are left wanting more from Spotify’s push to video
The streaming service will have to step up certain features in order to shift people toward video podcasts on its app.
The year the memes took over reality – and marketing followed
Subcultures aren’t niche anymore — they’re the culture. And for marketers, that changes everything.