Objective
In SAP Customer Data Platform, customer data privacy is at the forefront of our data ingestion and activation process. Understanding and managing privacy and trust mechanisms are crucial for regulatory compliance and building customer trust.
This lesson focuses on the use cases, data governance, and enforcement of processing purposes, all integral to handling customer data responsibly.
In today's digital landscape, collecting and processing customer data is essential, not only for delivering products and services but also for ensuring compliance with regulations like the EU’s GDPR and California’s CCPA.
A business must have a reason to use and collect customer data. The reasons for processing data can be explicit or implicit.
Some reasons for processing customer data might be based on an explicit contract between your brand and the customers. Explicit processing occurs when there's a direct agreement, such as customers accepting website terms and conditions, or collecting a customer's consent to process their personal data as part of an App's terms of service and privacy policy.
In contrast, other reasons for collecting customer data may be implicit, where your company must process personal information to deliver its promise and fulfill its services. For example, storing a customer's home address for product delivery or processing identifying information, such as name or phone number, to provide a product warranty.
Let’s look at some examples.
In the above image, depending on the consents or agreements you receive from the customer, you can use a piece of customer data in your marketing system, but not in your Data Management Platform (DMP) systems. You may use some of the customer data in your segmentation and personalization system, but you don’t have the permission to use the customer location data in your Location-Based System (LBS).
Anytime you use any customer data in any of your channels, for instance receiving or sending customer data from or to any system, you must get consent, or greenlight, from the customer.
Customer data privacy in the CDP revolves around the Data Subject (the customer) and the purpose of processing their data. Every data processing activity must serve a purpose transparent to the customer. The CDP allows this purpose to dictate whether data can be stored and shared.
In the Customer Data Platform (CDP), processing purposes for customer data can be defined both dynamically and statically.
Dynamic purposes, part of the incoming event's data model, are attached to data events from source applications. These are logged in the customer profile along with status and timestamp information, maintaining transparency and compliance. The event purpose nodes are mapped to the data processing purpose section of the customer schema. For instance, when a sales transaction occurs, the processing agreement is linked to the event, leading to the purpose being logged with the customer's profile.
Static purposes, in contrast, are inferred from the event type, connected to implicit processing reasons like legal requirements. Each time such an event is ingested, the purpose is automatically integrated into the customer profile with an active status and the time of receipt into the CDP. The purpose is absorbed from the event type and does not require explicit transmission from the source application.
In both methods, the processing purposes are visible in the Trust tab of the customer profile, ensuring robust data privacy management and clear governance of data processing activities.
Data Governance in SAP CDP is about controlling how data flows within the platform and out to external applications. This governance is enforced by configuring processing purposes, which dictate how data can be stored internally and shared externally.
For inbound data governance, if an event doesn't contain the required processing purpose, it will be discarded. However, any processing purposes included in the event will be saved to the customer or group profile even if it's discarded.
For outbound data governance, profile or group attributes, activity indicators and segment membership are restricted based on the active processing purposes in a customer profile. This ensures that data like the first name, email, or device ID is only shared when it complies with the consented processing purposes.
Moreover, enforcement in CDP ensures actions like saving a customer activity or sharing specific data points are only executed if an active processing purpose exists. This is crucial for maintaining compliance and preserving data integrity. For example, a "page view" activity might only be saved if the customer previously agreed to it, and only necessary details are sent to supporting systems, such as customer service.
The Privacy and Trust mechanisms in the CDP ensures actions like saving a customer activity or sharing specific data points are only executed if an active processing purpose exists. This is crucial for maintaining compliance and preserving data integrity. For example, a "page view" activity might only be saved if the customer previously agreed to it, and only necessary details are sent to supporting systems, such as customer service.