Articles
Privacy 101
How to select the right Consent Management Platform (CMP)
Privacy 101
new

How to select the right Consent Management Platform (CMP)

Published  

12/29/2022

by 

Chitra Iyer

8
min read

Published  

December 29, 2022

by 

Chitra Iyer

10 min read
Summary

Consent management today is a lot more than a cookie pop-up warning or legal compliance. It is a process that impacts many stakeholders including legal, technology, data, and marketing teams; and customers and regulators. 

 

In other words, the consent management strategy has to be compliant with regulations, but also be tech-stack, user, brand, and customer friendly.

 

How can brands build a long-term consent management strategy that meets evolving regulations, scaling business needs, and changing customer expectations? With the right Consent and Preference Management Platform. 

 

Here’s how to find the right solution for your needs, from compliance to boosting programmatic ad revenue.

 

Summary


 

 

Start with internal clarity about consent processes 

 

Select CMP - Body 1

 

Picking the right solution to cover all consent bases is undoubtedly one of the most crucial decisions a business will make. Even the smallest of lapses can lead to outsize implications.  But before you begin a platform assessment, take stock of the current reality in your organization:

 

Clarity on the gaps and bottlenecks in the current solution

Why do you need to change or upgrade your current system? For instance, if your business has grown its geographical footprint, or your customer needs have necessitated multiple new channels to be added, your old system may begin to feel inadequate.

 

Another common example is that the original system was a compliance purchase led by legal and implemented by IT, but now, marketing leaders want to get involved because of how much it is impacting CX, programmatic advertising revenue, and what competitors may be doing. 

 

Visibility into current data processes 

Audit all the touchpoints, on all the channels, across all the geographies where consent and customer data (even without consent) is collected, stored, shared, processed, and disposed of. Map all the internal systems through which data flows, bringing stakeholders such as accounts and billing, legal, marketing operations, and customer service onboard.

 

Identify all the external partners who may be able to access the data, such as agencies and analytics partners. The audit will also bring to light any and all trackers dropped across systems by multiple teams or vendors. 

 

A customer data audit is crucial for a thorough need assessment because the process of finding the right vendor has to be led by your needs, not vendor functionality. 

 

What are the goals for data collection today, and in the future? 

Collecting high volumes of customer data - even with consent - is never an end in itself. What are your primary and secondary data applications? For instance, personalization, data analytics, or even data monetization, as in the case of retail media.

 

Another popular use case is boosting programmatic advertising revenue with higher consent and opt–in rates. How and why you collect, process, and store data should be based on your business needs. What needs to change in your current processes to support that?

 

What regulations currently govern your business?  

How effectively does the current system manage multiple geographies? How will known expansion and growth plans be impacted by the changing privacy and regulation landscape? Do you need systems that comply with multiple language requirements?

 

With this clarity, you are ready to find the right partner to build a stable and reliable data privacy strategy. This is not the place to experiment or follow your intuition. Instead, use this list of questions to understand if the vendor is a fit for your business.

 

Selecting the right Consent Management Platform: 9 key questions and considerations 

 

Select CMP - Body 3

 

1. How will the platform address the evolving privacy laws around the world?

As per the UNCTAD, 137 out of 194 countries had put in place legislation to secure the protection of data and privacy. The regulations themselves keep evolving, and many nations have regulations that vary by state. The United States of America is a prime example

 

Consumer data privacy laws, like any laws, will always remain an evolving field for society. How flexible and agile is the system so your company is always one step ahead of these changing laws?  

 

Look for inclusions such as dedicated managers who can ensure access to legal expertise when needed, and frequent business reviews with CMP experts to help manage the multiple global privacy regulations that may govern your business.

 

2. How complicated will system deployment be?

With customer data privacy, there is no time to be lost. How quickly can the platform be deployed across multiple systems, digital and non-digital properties and touch-points, and geographies so that transactions can continue smoothly without leaving any part of the business vulnerable?

 

Enterprise clients could also check if testing environments or POCs are being offered. 

 

3. How well does it integrate with your larger tech ecosystem?

Your tech ecosystem includes the CRM, CDP, marketing automation systems; website tag managers and cookies, billing systems, customer service systems, paywalls, and data analytics platforms - all of which need access to the most current, up-to-date version of opt-in data. Once deployed, how easily can the platform integrate with other backend systems to ensure smooth, secure, and synchronized data flow?

 

From the customer's point of view, there is nothing more annoying than sharing consent or preference inputs and still encountering communications that don’t reflect their choices. If a customer makes a change to their preference, asks to be unsubscribed, or logs a data subject access request (DSAR), this needs to be reflected in all systems to ensure a smooth experience. 

 

4. Can marketers use the system to improve CX, independent of IT?

The UI and UX of consent and preference have a significant impact on opt-in rates. The more freedom users have to control the system at customer-facing touchpoints, the better. But of course, that flexibility should not impact any of the back-end integration, data flow, or security. 

 

For example, how easily can marketers customize or change the wording and appearance of opt-in and preference interaction screens and forms? Do they have the freedom to make consent messaging consistent with the brand voice, or are they limited to standard templates? And if they can change it, how easy is it to do so without extensive technical support? 

 

How easy is it to bake consent and preference into any new marketing campaign across any digital or physical touchpoint? How does that impact go-to-market timelines for new campaigns or launches?

 

5. Can it upgrade to seamlessly include a Preference Management Platform (PMP)? 

For most companies, a data-privacy solution means consent management, but that's just table stakes. In a CX-first world, it will not take you all the way to customer delight. Customer-centric brands also need a Preference Management Platform to cater to their customer’s evolving needs and preferences over the relationship.

 

This recent study found that the most effective strategies for email marketing campaigns are subscriber segmentation (78%), message personalization (72%), and email automation campaigns (71%). Preference management systems help brands laser-focus segmentation and drive campaign ROI.

 

Letting customers make more granular choices about how they want their data to be used, change preferences and opt down instead of opt-out also helps optimize retention and minimize opt-outs.

 

{{discover-our-preference-management-platform}}

 

6. Does it provide basic and advanced compliance alerts? 

Just like your antivirus software runs ongoing scans to flag any system vulnerabilities in real-time, your Consent Management Platform too should offer ongoing real-time compliance scans and alert the business to any gaps and vulnerabilities.

 

Detailed ongoing compliance reports in your preferred format, with metrics such as overall compliance and security ratings, should be a part of any standard CMP. 

 

For brands that want to take customer trust to the next level, some platforms offer advanced scanning features that ensure watertight compliance with the stated cookie policy.

 

7. How well does it perform in a CX-first, omnichannel, multi-device world?

Can consent and preference be seen as an addition to the overall brand experience, rather than a disruption? Consent and preference are becoming important elements of CX. How often brands ask for consent or preferences, at what points in the buyer’s journey, and what formats and language they use - are starting to matter more than ever to customers.

 

Equally important are the channels: does your solution support consent and preference collection across channels such as mobile, website, connected TV, OTT apps, and IoT devices?

 

Customers neither want to give consent and opt-in repeatedly on different devices nor do they want fragmented experiences across channels. Does the system keep preference in silos or does it help deliver a seamless, friction-free, personalized experience across all online and offline touchpoints, especially in logged-in environments? Can it help the brand leverage the consent and preference experience as a differentiator in the overall brand experience? 

 

8. Does it help capture consent and preference metrics?

How do you measure the returns on your privacy tech investments? The best consent and preference platforms allow brands to monitor the metrics that matter when it comes to privacy and trust. Granular and credible analytics provided on easy-to-access dashboards help various stakeholders make better decisions based on tangible outcomes. 

 

For example, via Didomi's Consent Mode integration, marketers can get better insights into conversion data for advertising and analytics, while respecting user choice when using Google Ads, Google Analytics, Floodlight, or Conversion Linker. 

 

9. What depth and breadth of expertise can the vendor offer in terms of technology, legal, and customer experience support?

The Consent Management Platform is meant to keep your business 100 percent compliant across all your digital and physical properties in all geographies, even in a dynamic landscape. 

 

This requires a delicate balance of legal, technology, data, and brand considerations. Not only should the vendor have watertight technology credentials, but also an equally solid legal expertise and a deep understanding of the impact of customer privacy on marketing and customer experience. 


Your choice of Consent Management Platform is a high-stakes decision

 

No matter what size or industry your business operates in, you are liable for customer data privacy, and for respecting customer choices about data usage. Even the slightest lapse can cause big trouble and dent your hard-won brand credibility.

 

Don’t take a chance with a solution that cannot meet the highest standards on every aspect of what a consent management platform should provide.  Instead, invest in a vendor that can share your vision of compliance and help co-create the most future-proof consent and preference strategy for your business. 

 

{{discover-our-cmp}}