Skip to Content Skip to Footer
The ‘Art’ and ‘Science’ of Complying with GDPR Consent within a Company

The ‘Art’ and ‘Science’ of Complying with GDPR Consent within a Company

Marketing News

woman's face covered by her hair

You’ve seen it before: the long form you must sign before partaking in a potentially dangerous activity, the checkbox at the bottom of an end-user license agreement before you can use a new piece of software, and the abundant documents that are part of every major monetary purchase.

These laborious practices are developed by corporations as reaction to a regulation, an issue or advice from a lawyer. Not surprisingly, associations are responding analogously to growing regulatory concerns such as ePrivacy, the General Data Protection Regulation and the California Consumer Privacy Act. To address the new regulations rapidly and efficiently, enterprises stick to the “science” side of consent collection while disregarding the “art” of the process. This is an important difference because customer consent is the crucial element that unlocks valuable conversation and insights that drive a more expressive exchange.

The ‘Science’ of Consent Collection

The technology, data and regulations surrounding the collection of data encompasses the “science of consent.” These components are well-defined, agreed across a company, heavily supervised, and can be eagerly reported both inside and outside the organization.

There is nothing characteristically wrong with viewing consent this way. However, by only approaching preference and consent management scientifically, enterprises are doing the bare minimum to comply with these regulations. A business simply adopting a technology doesn’t mean it fully considers customer and business needs or the intended spirit of the laws. A science-only attitude prevents organizations from benefiting from the best aspects of what consent management can offer.

In European countries, corporations are further along with the ideology of allowing patrons to provide consent. These organizations recognize in order to get a bigger take rate on collecting consent, they must marry preference with consent management to offer an attractive incentive. If there is no apparent value to the individual providing consent, why would they be eager to act?


By adding preference options to consent, businesses allow customers to be explicit with the types of communications, the cadence and the medium that they receive such communications. This improved specificity is a solid first step for initiating trust between companies and consumers, ultimately establishing and encouraging a long-term relationship.

To accomplish the maximum return on investment for focusing on mandatory compliance requirements, organizations should accentuate the “art” of consent and preference management. In doing so, preference and consent management drives original adoption and results in the best long-term benefit.

Firms that approach consent with the goal of sanctioning customer conversations focus on utilizing implementations that drive more specific preferences across business units, applications, products, communication channels and desired regularity. This long-term outlook leads to nourishing and profitable customer relationships. Dynamics such as timing, placement and design drive adoption by both the company and its customers.

Traits of implementing consent “artfully” consist of:

  • Consent Spot Collection: Rather than requesting consent through a singular checkbox or a long, wide-ranging form, consent is spread attentively through the customer journey. Consent and preferences are collected from the customer at points that are meaningful, such as registration, searching for new products, etc. Taking account of these instances increases the prospect the customer will not only understand what they are agreeing to, but also increase their willingness to provide consent.
  • Capability to Opt Down: Once consent is collected, institutions that think of consent in broader terms provide well-designed, personalized forms that allow customers to reduce the communications they are currently receiving. These forms should be easily manageable from any customer touch point. A refined opt-down method is a step toward turning a would-be total opt-out into a more useful and individual opt-in.
  • Hands-on Suggestion: According to customer behavior, lack of commitment with outbound communications or customer-driven actions, companies may offer options to current modes, frequency and types of communications. This prediction of a potential change in consent increases the possibility of maintaining some level of consent for continued communications.

Privacy technology must be contemplated with industry-specific and problem-specific best practice—for example, a financial services company needs the capability to collect consent across multiple channels, such as in-person interaction, while an e-commerce-only company does not. A general approach will fail and negatively impact a company’s consent collection proposals.

The most accurate way to combine the science with the art of consent and preference management is to assess implementations based on real-world use cases. Spending time on competitive websites, following the “unsubscribe” link in emails and studying customer engagement are some best practices. Merging this research with accepting why your customers provide consent in the first place and how they benefit from doing so over their relationship with your company is the foundation for a beneficial approach.

About the Author | Eric V. Holtzclaw

Eric V. Holtzclaw is chief strategist of PossibleNOW. He’s a researcher, writer, serial entrepreneur and challenger of conventional wisdom. Check out his book with Wiley Publishing on consumer behavior: Laddering: Unlocking the Potential of Consumer Behavior. Eric helps strategically guide companies with the implementation of enterprise-wide consent and preference management solutions.