Introduction

As businesses continue to collect and utilize customer data to power their marketing efforts, obtaining, managing, and enforcing proper consent is crucial. This is important for complying with various privacy laws and regulations and maintaining trust with customers. This document will explore the importance of granularity in a consent strategy and how Lytics can assist in the consent management process. We will cover best practices to consider and provide guidance on where to get started. The following four steps will be outlined:

1. Data Collection: How to collect consent adequately from disparate sources consistently.
2. Profile Materialization: How to flexibly surface the state of consent to individual user profiles.
3. Segmentation: How can the required consent rules be enforced when driving downstream campaigns?
4. Maintenance: How to ensure that your consent strategy scales and flexes to your ongoing market conditions without fail?

By following these steps, businesses can establish a solid and effective consent management strategy that respects customer privacy and builds trust.

Data Collection

To maintain compliance with data privacy regulations, businesses need a clear and flexible path for collecting consent data. Lytics offers a range of SDKs and data collection APIs to support this effort. When approaching consent data collection, it is essential to consider the following:

• The source of the data and any inherent limitations. Can it be real-time, or does it need to be batch?
• The granularity of the consent. Is this a simple boolean, on or off, or is this something more granular, like opting into a particular communication method?
• Additional context related to the consent that may be important for your needs. Are there specific forms that are being consented to or a unique source?

To address these considerations, Lytics has developed a suggested schema to get you started. Of course, this can always be customized via Conductor to meet your specific needs.

Data Structure

Effective consent management requires a comprehensive set of properties that can be deployed to ensure compliance and maintain customer trust. These properties should cover various aspects of data collection, storage, and usage and provide businesses with the tools to manage consent-related data effectively.

Examples

📘

We are here to help!

Consent is not a one size fits all scenario. Each customers data and business goals are unique. Before deploying any of the following examples it is always recommended to consult with your Technical Account Manager or a Solutions Architect.

Lytics deploys a flexible data model, and though the following is not representative of every method of collection, we've highlighted two working examples leveraging our available SDKs as a baseline:

Collecting Consent via the Web: Lytics JavaScriptTag

jstag.send({
  "event": "form-submit",	
		"consent": {
      "purpose": "global",
      "location": "Portland, OR",
      "documents": ["generic-submit-form"],
      "consented": true
  	}
})

Collecting Consent via Mobile: Lytics iOS SDK

Lytics.shared.consent(
  name: "consent-1",
  identifiers: AnyCodable([
    "userid": "my-fake-userid-1234"
  ]),
  attributes: AnyCodable([
    "firstName": "Kevin",
    "lastName": "McCalister"
  ]),
  consent: AnyCodable([
    "documents": [
      "terms_jan_2023",
      "sharing_policy_jan_2023"
    ],
    "location": "Chicago, IL",
    "consented": true
  ])
)

📘

When using Lytics SDKs, you do not have to include date within the data passed in the consent event. The timestamp of the consent event can be used to create the field and mapping for the date of consent.

Profile Materialization

Building from the collection strategy outlined in Collecting Consent Data, we must determine how to materialize the consent-related data we've just collected to user profiles for segmentation. This can be achieved in a variety of ways. Regardless of the approach, however, it is essential to consider the level of granularity of the consent.

Granularity

When collecting consent from users, obtaining granular consent for each specific use of a customer's personal data is an important consideration. Granular consent means that customers are provided with a clear understanding of the exact purposes for which their personal data will be used and can choose to consent or withhold consent for each specific use case.

For example, a business may seek granular consent from a customer to collect their email address and use it to send them promotional emails but not to share the email address with third-party partners for advertising purposes. This approach allows customers to make more informed decisions about how their personal data is used and provides greater control over their privacy.

Obtaining granular consent not only requires careful planning and clear communication with customers about the specific use cases for their personal data but also a rock-solid means for enforcing an individual's consent wishes across all future touchpoints.

Schema

Enforcement begins by ensuring consent wishes are accurately materialized on each user's profile. This is done by first defining consent-related attributes to be used in segmentation.

Field Definition

When defining profile fields, there are two primary considerations. What type of field should be used, such as a string or a map and how do you want to handle data merging when profiles are stitched?

Field Type

Merge Operator

Type String
Because consent is something that may change for a consumer over time, the values must represent the most recent data. As such, the latest merge operator is always recommended. This means that as additional data is stitched to a user profile, the most recent events that are mapped to a field will win.

Example String

Type Map
For a more complex or granular consent strategy, the map field type can be very helpful in accurately managing consent. As such, the merge merge operator is always recommended when trying to keep the key-value pairs up to date to the most recent consent state. This means that as additional data is stitched to a user profile, the most recent events that are mapped to a key-value pair will win.

Example Map

Mapping Definition

Mappings are then leveraged to determine how data from any number of streams map to the defined field. In the example below, we take a simple approach to map the boolean value of true or false to the consent field if the consent is related to marketing-consent.

Though this is one elementary example, the same practice can be replicated to ensure a consent attribute has the status, timestamp, and context of any important policies or sources for segmentation.

Example

Segmentation

Businesses can better understand their customers and create more effective campaigns by breaking down audiences into smaller, more targeted segments. Here we will discuss best practices for constructing "building block" audiences related to consent that can then be leveraged in campaign audiences. This progressive approach ensures consent rules are enforced while minimizing ongoing maintenance overhead.

Building Blocks

Building Block Audiences provide the perfect means to maintain consent-related rules and extend the ruleset to all campaign audiences. The number and these audiences will depend on the granularity of your consent strategy. Still, as a basic example, we recommend creating both a "has consented" and "has not consented" counterpart for each level of consent.

This can be done simply through the GUI for our powerful segmentation engine, as shown below:

Campaign Segments

Once you have the necessary building blocks constructed, you can quickly integrate that rule set into your campaign audiences again through the GUI for our segmentation engine. The example below outlines a use case where you want to target high-value users who have opted in.