The EU’s General Data Protection Regulation, which restricts certain uses of customer data, has not put a stop to targeted digital marketing. But it has forced some changes, and compels retailers and brands to rethink their personalization and marketing strategies.

Mike Sands, CEO, Signal

Mike Sands, CEO, Signal

We’re now several months removed from the General Data Protection Regulation (GDPR) dropping across the European Union—and the Y2K-esque panic accompanying its debut turned out to be more bark than bite.

Sure, the first few weeks saw an initial burst of consumer complaints against organizations across the pond… not surprising given the scope of European businesses that must comply. But here in America, where a spate of highly publicized data breaches and Congressional hearings have thrust customer data security in the spotlight, respecting data privacy has become the new norm. A recent survey found that nearly 60% of U.S. consumers believe the federal government should regulate how companies use consumer data; a separate study on global businesses reveals that 66% of American companies believe the U.S. should implement regulations similar to GDPR. (California’s already close, recently passing the toughest data privacy law in the nation.)

In this light, marketing’s post-GDPR future doesn’t look so grim; It actually looks quite bright.

You may believe you put your customers first, but the GDPR actually enforces it.

But the restrictions imposed by GDPR do introduce some new obstacles, most notably in response to the legislation’s broad tightening of limitations around the use of third-party data (what you can buy on the open exchange) for marketing purposes—an impact that extends beyond the EU. Facebook has shut down Partner Categories, for example, while Google announced stringent new restrictions on the use of the DoubleClick ID and suspended third-party ad serving and pixel tracking on YouTube. Elsewhere, ad tech firms like Verve (for location data) and Drawbridge (for cross-device targeting) have pulled out of the EU altogether.


The result: a landscape with significantly greater constraints on how retailers leverage third-party data—one that in turn provides a strong incentive to invest heavily in first-party data that brands can own and operate with users’ consent. And while it may be a challenge in the short term, making this strategic pivot toward first-party data will benefit retailers and put them on better footing in the fight against Amazon.

Pivoting to First-Party

The strategic use of customer data has always played a vital role in how retailers grow their business. As the industry’s apocalyptic dust settles, those left standing have built—or rebuilt— their brands around first-party data, using these proprietary insights to inspire new products and services, fulfillment strategies, partnerships and investments. This is how Amazon grew from a digital bookstore into every retailer’s biggest threat, and why Walmart is transforming into an e-commerce giant to fight back. It’s how legacy cosmetics brand Ulta continues to open new stores amid record-setting retail bankruptcies, and why disruptive newcomers like personal shopping startup Stitch Fix prosper. In short, it’s how retailers remain relevant, and why others become obsolete.

Remember, marketing isn’t about closing deals; it’s about opening up deeply loyal relationships. Retailers would be wise to take a page out of the GDPR playbook and consider how its customer-centric policies will actually help them win hearts and wallets for the long term.


1. Treat customers like individuals.

Think you have personalization figured out? Odds are you don’t: last year, 41% of U.S. consumers cut ties with brands due to poor personalization and a lack of trust, equating to $2.5 trillion in lost retail and brand sales globally ($756 billion in the U.S. alone).

While the GDPR limits the quantity of data a brand can collect, the quality of data it ensures is way more valuable for building relationships. Retailers must move beyond outdated, cookie-based retargeting tactics and transaction-driven product recommendations and, instead, strategically use first-party data to deliver 1:1 interactions that aren’t solely focused on making a sale but also offer value, convenience or delight.


2. Take relationships to the next level.

Experience has taught us that people will share personal data as long as they get something valuable in return, like skipping long lines or receiving a free birthday treat. And despite the recent string of data breaches and increasingly invasive advertising, new research reveals that consumers are more willing to share data—from product preferences to pregnancies—than they were two years ago, primarily with retail brands. The catch: 96% of consumers want more transparency about how brands collect and use their personal data.

By being completely transparent about the value exchange from the get-go (as those who fall under GDPR are forced to do), retailers make it clear what customers are giving up, and what they are getting in return. Sure, there will be people who don’t buy in. But the prospects and customers that willingly share data have now become active, engaged participants, empowering marketers with insights to advance relationships to the next stage.

3. Do business better.


Considering customer data underpins everything marketing does, it’s fair to say marketers felt the initial brunt of the GDPR. Yet remaining compliant is a company-wide responsibility that will force collaboration among marketing, customer experience, legal and business stakeholders, all of whom play a role in the end-to-end customer experience.

Regulation or not, this is just good business. By dissolving organizational silos, retailers can strategize more effective ways to create cohesive, privacy-forward customer experiences that strengthen shopper relationships. Of course, a unified, company-owned data layer will be essential for connecting all the dots and ensuring data is managed ethically and sensitively. But that’s just good business, too, and something nearly 50% of marketing professionals in North America agree would help derive the most value from their data.

While many brands must comply with the GDPR to avoid massive fines, there’s an even better reason to adopt its customer-centric mandates: gaining customer trust. You may believe you put your customers first, but the GDPR actually enforces it. And in a marketplace where consumers hold all the cards, the GDPR doesn’t just signify the start of an opt-in world—it heralds a new era of relationship building for brands across the globe.

Signal provides a platform designed to help retailers and brands identify consumers and market to them more effectively.