First-Party Data and Content Marketing in the age of GDPR



  • As of today, Friday 25th May 2018, the GDPR will come into force. It has certainly kicked up a fuss. Let’s try to understand together what impact it will have on companies
  •  At this point, let’s identify which information will be easiest to handle in this new context of data management
  •  We know that first-party data are proprietary, so, if you know the exact collection methods, you will certainly be able to have control over them
  •  Offering a positive user experience with valuable content helps brands to create closer relationships with their reference audiences, which make themselves known more willingly
  • We have Content Intelligence (AI applied to content) that already collects analytical data, which do not represent an invasion of user privacy in any way. When the user chooses to reveal themselves as an individual (and CI, with prior informed consent, associates such data with a profile), it will be possible to offer them increasingly personalized customer experiences


GDPR: whatever does this strange acronym mean that everyone is talking about?


Today on 25th May 2018, the European General Data Protection Regulation enters into force, better known under the acronym GDPR.

Retroactive applications, multi-million fines, adaptations of all kinds on company channels, and alarmism: Is the situation really as tragic as it would appear?

In recent months, we have seen a proliferation of DEM, webinars, conferences and courses where we were forced to take stock of the meaning of this radical change with advice, directives and checklists in order to “comply”. All united under the cry of “GDPR is coming” to the extent that, a little bit longer and Game of Thrones could have adopted it as the new slogan for the house of Stark. In recent weeks, we have witnessed a genuine escalation of information which, due to its alarmist tone, risked blowing brands’ worries out of proportion rather than responding to their doubts.

We at have carefully studied the documentation that reached us and, in light of the new regulation, applied as of today with immediate effect in all EU member states, we have tried to give new context to data management. We have envisaged future scenarios that will be faced by proprietary data (first-party data) and data aggregated by third parties (third-party data) concerned with GDPR.


Managing Data: is First- or Third-Party better?


Bearing in mind that, in order to ensure compliance with the GDPR, companies must be able to demonstrate that they have obtained user consent to access their data and have clearly communicated the purpose of their use, organizations that, as data owners, have them stored “in-house” will find themselves in an advantageous position. This is because they are able to check the relevant management, archiving and protocol practices with greater ease.

Indeed, article 7 of the GDPR states, “Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data.” What does this mean? All consent must be documented as proof, meaning that it must be “filed” (and this also occurs retroactively), keeping track of who consented and when, what reasons were provided, how consent was requested, etc. To monitor the processing activities of personal data, the GDPR has introduced a specific tool: the Record of Personal Data Processing Operations. This is essential to guarantee company compliance with regard to personal data. Indeed, it must be placed at the disposal of the Competition Authority should it request it.

If we think about the drafting of the Record in its entirety and about the right that the user has to alter (correct personal data) or withdraw their consent, with the obligation to comply on behalf of data collection operators, this occurs much more easily in the presence of proprietary data (first-party data). Indeed, companies find themselves handling (and recording) data for which they are aware of the exact collection methods, meaning that their management and potential removal becomes much quicker and more controllable.

Instead, the case of third-party data is different. Transmitted by intermediaries (the so-called data brokers), they find themselves sharing different origins and suppliers. As much as they may try to involve all parties in a maintenance journey with potential removal on the user’s explicit request, it is not always possible to be able to control the quality of this information. Brands would, therefore, find themselves facing the digital equivalent of a black box and, with the risk of criminal sanctions linked to the GDPR, the aim is to seek maximum transparency.

Due to their intrinsic nature, first-party data lend themselves better to complying with the new regulation. Indeed, they are very valuable in terms of the quality and accuracy of the information released. This is because they are directly collected by the brand on its reference audience, which is engaged in a one-to-one interaction with the company and with the channels through which it communicates.

Not only this, but unlike third-party data that may be shared with different brands contemporarily, first-party data are proprietary information, belonging ONLY to the company in question. If I am the only one to own that set of data, then I have a competitive advantage over my competitors. Let’s also not forget that, since the data are yours, you know precisely where and when they were collected, and therefore, which are the most “recent”, or rather, those that are monitoring your audience live. Indeed, thinking about how fickle the consumer 2.0 is, it is better to be working with data on purchasing behavior that is updated in real time. Instead, often, third-party data, with all the sharing and purchasing processes that go alongside them, are already obsolete by the time they reach marketing teams.


Why focus on Content Marketing?


With the reduction in the unauthorized data collection market, brands can grab the bull by the horns offered by GDPR to start to propose quality content that encourages customers to go “in search” of the brands and make themselves known to them, rather than the other way around.

If you want the customer to come across your company during the course of their browsing, making them want to get to know it, you must manage to guide them through a positive user experience. This is possible by giving them valuable content, which is able to thrill and engage them. In this case, the relationship with the customer will emerge “strengthened” in which they will be offered a relevant customer experience. This is why trust will become part of brand interactions.

Indeed, thinking about the way in which the target audience is addressed with quality content will allow brands to build reliable and authentic relationships. Of course, the database may appear “reduced” at first glance, but brands would find themselves working increasingly with qualified or qualifiable contacts – the so-called quality leads – which is followed by the enormous opportunity for tailor-made profiling that leads to an increase in conversion rates.  

But let’s take a moment to clarify the situation. There is a strategy that already complies with the law because it collects data in an anonymous form without impinging on the user’s privacy in any way. This is Content Intelligence (CI) that is no more than Artificial Intelligence applied to content. The number of systems and solutions that adopt it is increasing constantly.

Try to think about an anonymous user who views the content you host on your brand’s owned channels, on which CI operates. CI, which manages to analyze and extract user interests from the use of content, provides anonymous data that are useful for statistical analyses to measure content performance or identify trending topics. This is valuable information to “hone” your content strategy and create quality content.

When the same user, with prior informed consent, reveals themselves and supplies some form of identity (making themselves known as an individual and qualifying themselves), CI associates the data “filed” up until then in anonymous form with a recognized profile. At that point, as soon as the user (from now on “person”) has chosen to place their trust in the brand, these same data are processed for a better profiling and, therefore, for the creation of increasingly personalized customer experiences.

This document is offered as a starting point. All indications provided must be considered in the state in which they are found, they do not claim to be complete and exhaustive. Content Intelligence Network and the author make no commitment or warranty of any kind, either explicit or implicit, regarding the accuracy, completeness and reliability of the information contained in this document.

Would you like to know more about how Content Intelligence works?
Read the book published by Wiley

Download the ebook