Digital Privacy and Compliance: How B2B Marketers Can Navigate New Regulations


By Maria Geokezas, Chief Operating Officer at Heinz Marketing

When pay-per-click advertising entered the scene 20 years ago, it was akin to the wild west. No one knew exactly what they were doing and marketers took a trial-and-error approach to learning. Digital privacy and compliance was not a concern for B2B buyers who handed out their data with little understanding of how it was used or shared.

But those days are long gone.

Now, buyers, marketers, and regulators know better. We understand that while third-party data allows superior campaign targeting, it can get out of control if not managed appropriately.

As marketers, we must navigate the line between optimization and what’s best for buyers if we hope to gain and retain their trust. We must also consider how those expectations will likely change and influence compliance initiatives as data collection capabilities expand.

Here, we reflect on recent changes, where we’re heading, and how marketers can adapt to increased oversight.

Understanding B2B Buyer Expectations

Do you know what companies have collected your personal data? What about how that data is used or shared?

If you said “no”, you’re not alone. Companies aren’t always forthcoming with how they use your personal information, and privacy policies can run hundreds of pages that no one is taking the time to read.

That’s probably why two-thirds of respondents either don’t know or don’t believe companies are using their data responsibly—a sentiment that caused Apple and Google to start restricting the data they share, allowing users to personalize and even opt out for greater privacy control.

But even though buyers’ trust is low, over half would still consider sharing their data if they gain additional value from a brand. In other words, they will still share information if you can prove it’s worth it.

Therefore, regulators are working overtime to develop stricter transparency and compliance policies to put buyers at ease before they lose their faith altogether.

Looking at Recent Changes

Let’s consider two of the most significant compliance changes in recent years: the General Data Protection Regulation (GDPR) established by the European Union and California’s Customer Privacy Act (CCPA).

The EU’s GDPR is the strictest data regulation to date, controlling what personal data is collected, how it’s stored, and how users can access and control their information.

Any EU company that doesn’t comply risks hefty fines.

Of course, GDPR doesn’t restrict the data collected for U.S. customers, but it set the tone for what was to come, like the CCPA.

California’s regulations were a wake-up call for the handful of companies that ignored the GDPR guidelines.

CCPA gives California residents the right to know what data is collected, to limit or correct the data, or to opt out of data collection without discrimination.

And California might be the first state to tighten restrictions, but it won’t be the last.

According to Gartner, 75% of the population’s personal data will be regulated by 2024. That means you need to develop a stricter privacy policy now if you don’t already have one.

A Marketer’s Path Forward

We can only assume that privacy and compliance guidelines will become more, not less, restrictive—creating a significant challenge for marketers that have become reliant on third-party data.

The smartest thing we as marketers can do is to get ahead of the changes so they won’t cripple our reach in the future. Below are three ways to restructure your marketing efforts to better align with privacy expectations.

Introduce Broad Targeting

Targeted marketing campaigns are not going away. But the type of targeting is changing.

Instead of using third-party cookies to follow individual customers around the internet, you rely on your ideal customer personas to target specific groups.

By shifting away from invasive targeting and toward persona-driven targeting, you still get in front of the right audience but also stay compliant.

Re-targeting your best customers doesn’t have to be cut completely, though. You can still use it for the segments of your audiences that opt-in through zero or first-party data collection.

Zero and First-Party Data Collection

Compliance restrictions aren’t in place to stop companies from collecting data. Instead, they’re around to protect B2B buyers from losing control of their data. So, third-party data is most at risk because it’s the hardest for buyers to track and manage.

Zero and first-party data–or the data you get directly from talking to or watching your customers–is less at risk. This data includes information like customer surveys or tracking buying behaviors, such as the type of products and purchasing frequency.

Forward-thinking businesses have shifted to asking their customers for their information instead of gathering it from outside sources without their explicit consent.

When you transition to zero and first-party data collection, the key to success is total transparency.

Improve Data Transparency

Most privacy regulations revolve around transparency. Regulators don’t mind if you want to collect buyer data as long as you tell the truth about what you collect and why.

So, you want to tell your customers what you’re collecting, how you protect and share it, and what’s in it for them. Then, allow them to opt out of anything they don’t feel comfortable with.

Not only will improving your data transparency keep you out of trouble, but it will bolster your reputation as a trustworthy brand and give you a bit of a competitive edge.

Ultimately, privacy and compliance regulations are a part of every marketer’s world. Therefore, we must think creatively to reach our best customers despite tighter restrictions.