Customer experience (CX) personalization is growing rapidly. Judy Weader, Principal Analyst at Forrester, noted in her 2024 predictions that those who “invest in targeted CX improvements – and that never lose sight of every customer, associate, and partner being a human being – will come out on top in the new year.”

CX strategy and personalization are becoming more and more crucial to all areas of business – from customer acquisition to net profit to user satisfaction. At the same time, privacy is increasingly important in ensuring the trust of and safety of your end users.

With large scale laws like the General Data Protection Regulation (GDPR), smaller localized laws like the California Consumer Privacy Act (CCPA), and the removal of 3rd party cookies, it’s important to not only keep up with the laws but comply with them as well. This can lead many businesses to shy away from personalization in fear of privacy violations – but the truth is, you can have both. Personalization and privacy are not mutually exclusive.

Those who “invest in targeted CX improvements – and that never lose sight of every customer, associate, and partner being a human being – will come out on top in the new year.”

– Judy Weader, Principal Analyst at Forrester

Knowing how to personalize without compromising privacy is critical to doing business in today’s world. Users increasingly expect personalized experiences, and this gives brands an unprecedented opportunity to deliver outstanding experiences while also building users’ trust. Keep reading for our top tips on staying compliant while capitalizing on the some of the latest personalization techniques to improve customer experiences.

Be Aware of Privacy Laws

The number of digital data privacy laws is increasing. It’s important for companies to stay abreast of the changes and ensure they remain compliant – and this is especially true when it comes to personalization.

While it’s possible to perform the data capture and usage required for personalization without violating any privacy laws, there are important cautionary measures businesses should take before proceeding with a personalization program. Here are some of the questions to consider before getting started:

  • How will you capture the data you need to drive personalization?
  • What aspects of the experience will you personalize, and how will you deliver that personalization?
  • Will you use other platforms and/or vendors to implement the personalization?
  • Is your consent management properly configured to provide users choice in regards to privacy of their data?

Answering these questions will help you understand where you risk non-compliance and where you need to take extra time to check and mitigate those risks. While CX consultants are aware of privacy laws and provide best practices, we always recommended consulting with your legal team to make sure you’re in compliance with all relevant privacy laws.

Is Personalization Possible without Third-Party Cookies?

Third-party cookies commonly allow advertisers to know what other sites users are browsing and what they do on those sites. This data is then used and sold to build audiences that have historically been used for marketing purposes, including on-site personalization. Data from this method of collection is traditionally leveraged from a DMP (data management platform). This is increasingly considered an invasion of the user’s privacy, and laws are now in place to provide users with more control over third-party cookie tracking.

In response, companies are enacting policies to remove this functionality from their sites. Google began blocking third-party cookies from Chrome starting in Q1 of 2024, with plans for complete removal in the future. Apple has allowed users to block cookie usage in Safari since 2013 and made it the default setting in March 2020.

With the removal of third-party cookies, companies have less access to user data without involving the user directly, leaving many to question whether personalization is possible at all. Luckily, the answer is a resounding yes: you can absolutely personalize the user’s experience without third-party cookies – and you don’t need to break any privacy laws in the process.

In our view, personalization programs developed without third-party cookie data have an even greater opportunity for success and accuracy! Let’s take a look at the different methods available and why they have such a high potential for impact.

Method 1: Personalization Through First-Party Data

As a user browses through and interacts with your site, you can collect first-party data revealing information like which pages they visited on your site, which forms they submitted, or which buttons they clicked on. This data can all be used to personalize the customer experience as the user continues to navigate through the site – or when the user comes back to the site another time.

Personalization doesn’t always require information directly tied to a specific user. In fact, you can use anonymous user behavior to drive in-session personalized content throughout your website or application. This can be accomplished using data points like the user’s device type, general geographical area, and user journey metrics (such as what pages they viewed, forms they submitted, or functionality they interacted with).

Customer Journey and Personalization Example

Let’s use a vineyard website as an example. While visiting the website, a user might view a page with information about wine and cheese pairings, click through to another page about interactive vineyard tours, and then click on a link for directions to the vineyard. Based on these actions, we can reasonably assume the user is interested in visiting the vineyard and would also like to know more about how to choose wine and cheese pairings.

Armed with all of this information, we can then personalize the user’s experience by serving them a relevant CTA box or popup on the next page they visit – in this case, relaying information about upcoming wine and cheese pairing classes at the vineyard.

Depending on your settings and tracking capabilities, you may be able to take the personalization a step further, using the customer’s past purchase data to show tailored content. Continuing with the example above, let’s assume the user purchases two tickets to the wine and cheese pairing class. The user returns to the site two days after the event – a good sign that they had enjoyed their experience and want to engage more. With this in mind, you can then serve the user a CTA or popup with information on additional events such as a romantic couples’ dinner at the vineyard or a class on proper wine storage.

Many website CMSs (content management systems), such as Sitecore, have add-ons or built-in capabilities for this kind of personalization. There are also numerous personalization and testing platforms, like Adobe Target, Optimizely and Dynamic Yield, that can help you with personalization efforts.

Method 2: Personalization Through Zero-Party Data

Once a user directly provides information about themselves or creates an account on your site or app and logs in, you’ll have access to data provided directly by the user. This type of data is called zero-party data, and can include information ranging from user preferences and settings to volunteered information such as company or preferred store location. With authenticated experiences, you can even use account IDs to connect the user to their specific journey while keeping their identity anonymous.

When you personalize experiences with zero-party data, you can go much deeper while still staying compliant with privacy laws.

Personalization through Zero-Party Data Example

For this example, let’s consider a sporting goods website. First, a user visits the website and logs in. We now know this person’s account ID is 16890, their preferred store location is in Oxnard, California, and their preferred activities are hiking and beach sports. Equipped with this information, we can tailor the user’s experience on the site every time they log in. This is the perfect opportunity to provide information on sales and events at the Oxnard store location, recommend products for hiking and beach sports, and dynamically serve CTAs based on where the user left off when they last logged in.

Leveraging Voice of Customer (VoC) Data

Voice of the Customer (VoC) data is a type of zero-party data suited for deep personalization. This data results from the customer telling you what they want directly, and it can come from a variety of sources including polls and surveys completed via website, app, or email – or even from direct interactions and interviews with your customers. Using VoC, you can ask the customer exactly what they want to see, what topics they’re most interested in, and more.

With direct feedback from the customer, you can reinforce your efforts to find common themes for anonymous personalization or supplement existing zero-party data to create a deeper customer profile. As with other zero-party data, VoC data – when done correctly – has the potential to enrich your personalization efforts without violating your customer’s privacy.

voice of customer survey example

In a real-world example of VoC data in action, BlastX Consulting deployed a survey to users of the Take Me Fishing™ website, the consumer-facing brand from the Recreational Boating and Fishing Foundation. This survey asked the user what content they were most interested in. Based on the results of the survey, we enabled personalized content and more targeted SEO efforts that drove key blog article page-views up by 301% and conversions from a key page up by 213%.

BlastX Consulting’s voice of the customer efforts allowed us to have a better understanding of our user’s wants and needs. Personalizing our homepage to promote relevant articles gave our customers what they wanted to see, creating a better customer experience while driving more conversion opportunities.

– Charles Neville, Sr. Manager of Digital Operations, Recreational Boating and Fishing Foundation (RBFF)

You Don’t Need Third-Party Data to Gain Conversions

When you take full advantage of first- and zero-party data, you no longer need to rely heavily on third-party cookies to personalize the user’s experience. In addition, your ROI on personalization efforts increases. Third-party data tells you a lot about what users did on other websites and is then aggregated and sold by vendors that collect this data. However, first- and zero-party data comes directly from a customer’s experience with your brand on your website, app, or other touchpoint.

While third-party data can help you understand and reach your users, it can be misleading. As indirect data, it introduces new variables and questions. For example, will the user behave the same way on your site or with your products as they do on other sites? Direct data sources are always more trustworthy and reliable than indirect data sources. When you make the switch to direct, first- and zero-party data, you ensure greater success in your efforts and ROI.

Start Personalizing Your Customer Experience Today

Personalization is a great way to create outstanding, tailored customer experiences that strengthen your brand’s relationships with its customers. From anonymous user behavior to zero-party data to VoC data, opportunities for personalization abound.

Personalization and privacy are two sides of a delicate balancing act; make sure in all cases to speak with your legal team, document a thorough privacy policy, and if recommended by your legal team, functionality for users to opt in or opt out.

If you’re ready to implement a new CX strategy for your organization, you can fly solo – or you can work with our experts. We’re here to help you chart your path to delivering stellar experiences for your customers. Reach out to BlastX Consulting today!