Database marketing outsourcing is a strategic transaction for retailers. This type of outsourcing can facilitate the integration of diverse marketing channels e.g., web, social media, catalog and in-store sales) and enable more targeted and effective marketing to consumers.
Database marketing encompasses a potentially broad array of services, including:
- Implementation and hosting of a CRM database marketing solution;
- Data cleansing, matching, updating and enrichment;
- Data licensing;
- Data mining and analytics/reporting; and
- Campaign management and analysis.
This is the second of two articles highlighting some key business and legal considerations in these transactions. In the first article I discussed scope, sizing and pricing considerations. In this article I will discuss performance and data considerations in connection with database marketing outsourcing.
Performance Considerations
There are a variety of different measures of supplier performance depending on the specific services to be provided by the supplier and the supplier’s solution for providing those services. Typical service level measures include the following:
Solution Availability – This service level measures the availability of the components of the supplier’s database marketing solution that are to be accessed and used by the customer in connection with the services, such as reporting datamarts. Similar to traditional IT measures of system availability, this service level holds the supplier accountable for the solution being available to the customer’s authorized users without material degradation in performance during scheduled hours of operation (excluding scheduled maintenance windows). The supplier is responsible for the application, infrastructure and network elements of the solution managed by or on behalf of the supplier. Availability is normally in the 99.0 – 99.5% range.
Database Update Processing – Database marketing services typically involve the supplier updating customer data through cleansing, appends, enrichment and refreshes in accordance with a defined schedule. As a result, there should be one or more service levels that measure the supplier’s successful completion of the scheduled updates in a timely manner. This service level is typically measured either as the percentage of scheduled updates that are completed on time during the measurement period (e.g., monthly or quarterly) or in terms of a permitted number of misses over the course of a contract year. This service level is important in ensuring that the most up-to-date information about consumers is used in designing and implementing marketing campaigns and strategies.
System Response Times – This service level measures the response time of the supplier’s system to queries executed by the customer’s marketing department or other users. Because queries can vary considerably in terms of complexity, it is necessary to either classify queries by their complexity level (e.g., high, medium and low) with different response times for each classification or pre-define a limited set of common queries that the customer wants to measure (e.g., shopped in the past 12 months, generation of do not mail list) with a specified response time for each query. Failure to meet the required response times for a specified percentage of queries can trigger a service level failure or, alternatively, trigger a severity 1 or 2 incident which needs to be resolved within the required resolution time.
Marketing Campaign Execution – If the services include marketing campaign support, customers may want to include service levels that measure the supplier’s timely completion of its responsibilities in connection with the campaigns. For example, the service level could measure the delivery of fulfillment files to direct mail or email vendors in a timely manner. The service level measure will need to be defined based on the specific roles and responsibilities of the supplier and customer in executing marketing campaigns.
Incident Management – In addition to the measures described above, there should be a set of incident management service levels that measure the supplier’s effectiveness in responding to and resolving issues that adversely impact the services. Similar to tradition IT measures, incidents are classified by severity level based on the impact to the customer’s business and the services.
Key Stakeholder Satisfaction Survey – While the quantitative measures of supplier performance described above address many important aspects of the supplier’s performance, they do not capture all aspects of performance that are critical to a successful relationship such as the quality of individuals assigned to the customer’s account and the flexibility and customer-focus of the supplier in addressing service and change requests. It is not uncommon for a customer to be unhappy with the supplier’s performance even though the supplier is consistently meeting the quantitative measures of performance. As a result, we recommend that customers negotiate a service level that provides for a quarterly evaluation by key customer stakeholders (e.g., CMO, CIO) of the supplier’s performance. A modest portion of the supplier’s fees should be at risk each quarter if it fails to achieve an acceptable score. Because stakeholder satisfaction is a subjective measure, the first reaction of many suppliers is to resist such a measure. With some effort, however, suppliers can often be persuaded that this is a rationale contract management tool which if used correctly can also benefit them by providing frequent and candid feedback on their customer’s perception of their performance.
Data Considerations
Database marketing services involve suppliers managing sensitive consumer data on behalf of the customer. Data typically comes from two sources: (1) the customer’s database containing consumer contact, demographic and transactional information which is to be hosted and maintained by the supplier and (2) the supplier’s (and/or a third party’s) databases of consumer contact and demographic information that are to be used to improve the accuracy and enrich the customer’s database. As a result, there are several dimensions to addressing data related issues ranging from data license rights to data protection to the return of customer data at the end of the outsourcing contract.
Licensing of Supplier Data – Customers should give careful consideration to the terms of any data licensed by the supplier in connection with database marketing services. If customers anticipate using any supplier furnished data in connection with co-branding or joint marketing with business partners, they will need to secure express license rights for those activities. In addition, suppliers typically license their data for specified terms (e.g., annual) that expire at the end of the services relationship. However, portions of the data licensed from the supplier may include updated consumer contact information (e.g., new postal or email address, new telephone number) that will be integrated into the customer’s consumer records. This information cannot readily be removed from those records and it is not realistic to expect customers to revert to a consumer database with outdated information. As a result, customers should secure unlimited perpetual licenses to such data. To the extent that the customer’s license to any data furnished by the supplier will terminate at the end of the services relationship, the supplier should be required to remove such data at no additional charge to the customer without adverse impact to the returned data.
Supplier Use of Customer Data – The outsourcing contract for database marketing services should include appropriate restrictions on the supplier’s use of the customer’s data. As a general matter, suppliers should agree to use customer data solely for the purpose of providing services to the customer. Suppliers may request the right to use de-identified, aggregated data for various purposes such as making improvements to their services generally and for research and publishing on industry trends. Before granting this right, Customers are advised to carefully consider whether any of the proposed uses of this data could potentially reveal sensitive competitive information and to prohibit those uses. For example, if customer is dominant in a particular industry segment, the supplier’s publication of trends in that segment could provide competitors valuable information about the customer’s performance.
Protection of Customer Data – The consumer data hosted and stored by the supplier in a database marketing service contain highly sensitive personally identifiable information. As a result, customers should secure strong contractual commitments from the supplier regarding the protection of that information. These commitments should include:
- a comprehensive security program that complies with all applicable data privacy / security laws and regulations and satisfies the customer’s internal security policies;
- ISO 27001 certification;
- annual SOC 2, Type 2 reports, including prompt remediation of deficiencies indicated in the reports;
- data encryption;
- customer approval of supplier facilities used in delivering the services; and
- prompt notice and full cooperation in addressing any security events.
If the supplier will not agree to unlimited liability for breach of its security commitments, the limitations on liability should provide for a significantly higher cap on liability than the normal cap for performance failures. In addition, the supplier should be responsible for all reasonable costs incurred by customer in addressing security breaches, including investigation, forensics and legal costs; regulatory fines and penalties; and call center and credit monitoring costs.
Return of Customer Data – When the outsourcing contract with the supplier comes to an end, the customer will need to migrate the consumer data hosted by the supplier to another database marketing solution. The outsourcing contract should include commitments from the supplier to assist the customer with this transition. This should include a commitment by the supplier to return all of the customer’s data in an industry standard format (e.g., delimited ASCII), together with configuration descriptions and other documentation relating to the data. Absent these commitments, the customer may find that there are significant operational and financial hurdles in attempting to terminate its relationship with the supplier or negotiate favorable renewal terms.