In recent years, the way marketers acquire, store, and utilise data has gone through a fundamental transformation. The initial gold rush of every datapoint being up for grabs ended exactly four years ago when, in May 2018, GDPR became official here in the UK. At the same time, customers were already becoming more aware and wary about sharing their information, and scandals like Cambridge Analytica brought spotlights onto the matter.
On the technology side, we saw a transition from the DMP to the CDP approach. For some, DMPs represent the wild west of third-party cookies, with very little regulation about consent or access for the customers. Now, the platform everyone talks about is the CDP. The focus has changed, the customer has gone from being the amalgamation of third-party, unregulated data, to being a empowered and consenting owner of the first-party data they allow brands to store for the purpose of serving them.
You see, this shift is not just about how we approach data in a post-GDPR landscape. It’s also about how consumers are becoming increasingly aware of their privacy rights, which in part gives them the right to access or delete their personal data (i.e., the right to be forgotten). What was previously the odd data deletion request is growing into a task that can not only be time-consuming, but that needs to be done carefully at the risk of facing substantial penalties and fines.
Consequences of Siloed Data
“The cost of processing Data Subject Requests [has] more than doubled.”
— DataGrail
A 2022 survey by DataGrail reported that “the number of Data Subject Access Requests (DSARs) nearly doubled year over year” and that at the same time “the cost of DSARs more than doubled.” It stands to reason that this trend may continue, and what might currently go under the radar as a simple annoyance may quickly become a thorn in the side of many unprepared businesses.
In recent years, the way marketers acquire, store, and utilise data has gone through a fundamental transformation. The initial gold rush of every datapoint being up for grabs ended exactly four years ago when, in May 2018, GDPR became official here in the UK. At the same time, customers were already becoming more aware and wary about sharing their information, and scandals like Cambridge Analytica brought spotlights onto the matter.
On the technology side, we saw a transition from the DMP to the CDP approach. For some, DMPs represent the wild west of third-party cookies, with very little regulation about consent or access for the customers. Now, the platform everyone talks about is the CDP. The focus has changed, the customer has gone from being the amalgamation of third-party, unregulated data, to being a empowered and consenting owner of the first-party data they allow brands to store for the purpose of serving them.
You see, this shift is not just about how we approach data in a post-GDPR landscape. It’s also about how consumers are becoming increasingly aware of their privacy rights, which in part gives them the right to access or delete their personal data (i.e., the right to be forgotten). What was previously the odd data deletion request is growing into a task that can not only be time-consuming, but that needs to be done carefully at the risk of facing substantial penalties and fines.
“UK businesses spend, on average, £1.59 Million and 14 person years annually processing DSARs.”
— GRC World Forums PrivSec Report
Recommendation for DSARs Cost-Reduction
To avoid being sucked down an expensive and arduous DSARs rabbit hole, we recommend completing a customer data audit before it becomes an issue. For example, look at how access requests are handled in practice, how complete they are, how right to be forgotten is managed (including in the context of back-ups), and how opt-outs are stored for the purpose of future exclusion. These are just a few examples of legally grey areas, which, when combined with data silos, could cost dearly.
The heydays of cheap data and few responsibilities are indeed over. Marketers need to ensure their data is centralised and democratised so that it is comprehensive, joined up and easily accessible to reduce any avoidable costs of data deletion and access requests.
Get in touch to learn how Plinc can help you join your data together, providing you with a consolidated Single Customer View that is accessible across the business.
Blog posts

See Beneath the Surface: Turning Segmentation into Strategic Intelligence
Segmentation isn’t just for targeting. When used to surface behavioural insight, it reveals where value is created, what predicts loyalty, and how CRM can…

Become a Customer Economist: Why CRM Should Speak in Value, Not Volume
CRM is often rich in insight but fails to speak the business’s language. Reframing performance in terms of customer value is key to influencing strategy…

From Batch to Precision: Winning the Relevance War Without Burning Out Your Base
Batch campaigns create CRM fatigue fast. Shifting to precision targeting protects customer value, boosts engagement efficiency, and builds sustainable…

Prove It or Lose It: Why CRM Needs to Speak in Revenue, Not Reach
CRM teams are under pressure to prove commercial impact. Without uplift measurement and control groups, incremental revenue stays invisible and influence…

Sound the Alarm: Why CRM’s Data Problem Is a Strategic Problem
Inaccessible data continues to limit the impact of CRM. Yet when it’s reframed as a commercial issue rather than a technical one, it opens the door to…

From Execution to Influence: Why It’s Time for CRM to Take the Lead
Introducing Plinc’s Strategic CRM Playbook: From Execution to Influence. Discover why CRM is poised to lead with insight, value, and influence in today’s…