CDPs and CMPs: Better Together in Powering Your Data Privacy Efforts


With each day that passes, it seems like a new data privacy law pops up for consideration somewhere around the world. Much of this momentum was kicked off when the EU’s General Data Protection Regulation (GDPR) went into effect in May 2018. These privacy regulations introduced new consumer rights like Opt-In to data collection (GDPR), Opt-Out of the sale of data (CCPA), or the Right to Data Access and Erasure (CCPA and GDPR).

Like it or not, data privacy is a new part of customer experience. Your customers expect it, and if you don’t deliver a seamless privacy experience within your overall customer experience, they’ll likely move on to your competitor.

Today, we are going to focus on two key technologies that can work in tandem to support your brand’s data privacy efforts. Specifically Consent Management Platforms (CMPs) and Customer Data Platforms (CDPs). We will go over what each technology is, why it’s important to your data privacy strategy, and how they can help you build a data foundation that is automated, governed, orchestrated, and secured.

What’s a Consent Management Platform (CMP)?

A Consent Management Platform (CMP), is a solution that performs many tasks for data privacy initiatives. A critical function of a CMP is collecting user consent upon the Visitor’s arrival on the website, and then passing that data to downstream technologies. In a world where not asking (or giving the options) for data privacy preferences on the website is becoming extinct, a CMP serves as front-line software to manage data privacy preferences.

In 2020, every company with a digital property should have some form of consent management in place. While companies shouldn’t confuse consent with data privacy compliance, getting consent management in place is typically the first step on that journey.

What’s a Customer Data Platform (CDP)?

Let’s take a look at Gartner’s definition to answer this question, “A Customer Data Platform (CDP) is a marketing system that unifies a company’s customer data from marketing and other channels to enable customer modeling, and optimize the timing and targeting of messages and offers.”

Traditionally CDPs have been viewed as a way to unify customer data and create a customer profile that is kept current in real-time, allowing for an improved view of the customer to drive better marketing/CX and increase business agility. While this is all true, it’s not only marketers who benefit from a single view of their customer. Data privacy practitioners should also want a view of their customer data across every channel to more easily comply with emerging privacy regulations.

Where does a CDP fit in a data privacy initiative?

Acquiring consent is an important first step in a data privacy initiative, but managing a consumer’s identity, preferences, and attributes over time gives an organization the confidence it needs that its consumer data is accurate and trusted. Privacy offices can more easily respond to Data Subject Access Requests (DSARs) by having a single source of trusted data to refer to, and that reference is ideally in technology like a CDP, which is designed to unify all sources of consumer data.

These DSARs can cost companies time and money if each is handled manually. Gartner data shows that manually processing a single data subject request costs around $1,400 per request due to time and effort spent on manual processes. Even if a company processes only 100 data subject requests per million customer records a year, this means companies could spend upwards of $140K per million customer records simply due to inefficient workflows and lack of automated processes around customer data.

CDPs can help ensure that privacy preferences are met and honored throughout all channels by taking the role of a trusted repository of all consumer data, and manage the enrichment, activation, access, and erasure of that data over time. A CDP can also govern which technologies receive consumer datasets, and even more importantly, can be configured to orchestrate only the necessary volume of data that other technology destinations require, assuring the business that consumer data is being used on a “need to know” basis.

The management of the consumer data over time is important, as the CDP’s specific automation gives it the capabilities to constantly unify various identity data points and align the acquisition and storage of this identity as it changes.

With a data-first CDP, brands can supercharge their data privacy approach and increase efficiency because these types of CDPs focus on the consumer’s data profile and its subsequent movement to other service providers and third-party technologies

Better together – How does a CDP and CMP work together?

Combining a Customer Data Platform like Tealium AudienceStream CDP with a consent management platform allows brands to create:

  • A pre-designed workflow that complies with a privacy initiative’s data lineage requirements
  • Approved processes that match a legal team’s requirements with digital marketing requirements, assuring organizations of the state of their compliance controls.
  • A system of data accountability whereby technical controls fulfill the legal rights of consumers that expect the organization to abide by, whether those rights are part of a CCPA, GDPR, or another privacy strategy.
  • A future proof environment that allows organizations the agility to include or remove any technology in the integrated design, assuring the organization that it can respond to future privacy laws and new, more efficient, technology partners with minimal risk and cost.

Download PDF