How to strike a balance between hyper-personalisation and data privacy

31 March 2023

Gary Allemann, MD, Master Data Management

Gary Allemann, MD, Master Data Management

In the current era of hyper-personalisation, a blanket approach to marketing is simply not effective. Customers want tailored offerings and experiences based on their own personal desires and needs, and businesses must be able to deliver this to remain competitive.

This requires a significant quantity of data and some sophisticated analytics, which then raises concerns around data privacy. Given the rise of ransomware, the rampant increases in data breaches, and the growing body of data privacy legislation, there are legitimate concerns around businesses possessing and analysing personal information – necessary for hyper-personalised marketing – due to the risks this presents. So, how do we strike a balance between hyper-personalisation and data privacy?

What customers want

Despite the major hype around personalisation, it is genuinely something that customers desire. Nothing will irritate or alienate a customer faster than being targeted with marketing for a product that holds no interest or use for them. Tailored marketing that appears to be one-on-one and personalised is essential, whether this is as simple as engaging with customers via the channel they choose, or as granular as specific products and solutions.

Simultaneously, customers are growing increasingly uneasy about the volume and detail of information that is collected by corporates. A report from KPMG reveals that 86% of the surveyed respondents feel a growing apprehension about data privacy and 78% are concerned about the amount of data being collected. People are worried that their data will be compromised, used unethically or sold, or that their trust will be breached in any number of ways. This is a real concern in South Africa, as in the words of Pansy Tlakula, chairperson of the Information Regulator, “there are so many data breaches in this country, because our personal information is all over the place. We don’t know what eventually happens to it.”

Tightening the gaps

Organisations need to take data privacy and security far more seriously, especially in consideration of the Protection of Personal Information Act (PoPIA), and effective data governance lies at the heart of data privacy management. However, the concept of data privacy remains ill-understood in South Africa, and in fact across most of the world. The reality is that companies need to be able to manage and track data usage, data location, and customer consent, not only to meet regulatory obligations but to build and maintain customer trust.

This is as important as effective, hyper-personalised marketing, and it means that people within an organisation must understand their company’s responsibilities in retaining customer data to support business decision making. Education around data privacy and data governance is an essential link in building this trust, but this still begs the question of how we can run personalised analytics without impacting privacy.

Anonymous but personalised

To keep customer trust, we need to have clear and transparent data governance for data privacy, educate our people on what data privacy is and why it is important, and perform analytics on the data without compromising privacy.

The key is to anonymise the data using techniques such as masking, tokenisation and other strategies that will remove personally identifiable information from data sets, while allowing this data to be used for analytics purposes. This will enable us to identify customer segments and even individual customers to target with tailored offerings, without allowing the personal identity of the customer to be compromised, or even seen.

Data anonymisation is essential for protecting confidential, personally identifiable, and regulated data from being accessed inappropriately, so that analysts and data scientists can use the data responsibly. The challenge here, however, is that the concept of data privacy depends heavily on context, because different people will need different levels of access to information.