Data Privacy and Security


First(-Party) and Best: How GDPR is reshaping AdTech and transforming the way we think about data

Matt McRoberts By Matt McRoberts Jun 26, 2018

Last month saw a major milestone: full enforcement of the EU’s General Data Protection Regulation (GDPR). We’ve all been hearing a lot about how it empowers consumers and how it affects brands. But there’s another side to this story—what it means for AdTech and MarTech.

Over the past twenty years, we’ve watched AdTech grow into a major force when it comes to audience acquisition and retargeting. Companies looking for easy ways to engage prospects and customers beyond their owned properties built marketing strategies around ad networks and exchanges, betting that the AdTech ecosystem could support their acquisition goals, engagement, and LTV pressures over the long haul. With the advent of GDPR, that bet’s looking riskier.

“AdTech is built on a foundation of trading and selling aggregated third-party data from a variety of sources—many of them unknown to the marketers leveraging them,” says Myles Kleeger, president and chief customer officer (CCO) for Braze (formerly Appboy). “That data frequently changes hands between parties multiple times throughout the process and often isn’t tied to explicit permissions, which is a serious issue in our post-GDPR world.”

GDPR significantly expands privacy rights for the individuals covered by the regulation, making informed consumer consent and transparency around how personal data is used more important than ever before. Companies that fail to comply with GDPR can face fines of up to 20 million euros or 4% of global revenue, whichever is higher. We’ve already seen AdTech firms exit the European market, citing concerns about GDPR compliance and its impact on their business models, and there’s reason to expect that trend to continue.

What does that mean for brands?

“The future of marketing is reliable, accurate, GDPR-compliant first-party customer data,” Kleeger says. “With GDPR in place, brands that depended on third-party data provided by AdTech partners are feeling increasingly cautious and leery about that relationship, and are starting to shift energy and resources toward marketing activities built around first-party data.”

Instead of building campaigns around third-party data that may or may not be GDPR-compliant, it’s time for companies to invest more seriously in MarTech solutions that make it possible to acquire actionable information that consumers actively choose to share. By using MarTech to support the collection of first-party data on customers and prospects through owned platforms like apps, websites, and beyond, brands can continue to support effective acquisition, engagement, retention, and retargeting campaigns on owned and paid channels—from push notifications and emails to programmatic and SEM. It’s smart, it’s effective, and it respects both GDPR and the consumers that the regulation is built to protect. That’s a strategy that’s built to last.


Matt McRoberts

Matt McRoberts

Matt McRoberts oversees all Braze programs related to the company's technology and agency partnerships, among other responsibilities. His passions include wrestling, hip hop, and, of course, classic 1980s coming-of-age film Vision Quest.

Related Content

Data Privacy and Security

Apple's Privacy Manifests: What They Mean for User Privacy and Customer Engagement

Read More

Navigating Quebec’s New Privacy Law

Read More

Embracing Privacy-Conscious Customer Engagement in a Fast-Moving World

Read More

How Transparency Can Help Consumers Understand the Balance Between Privacy and Personalization

Read More