Key Takeaways | Trends in Customer Data Acquisition and Use for Alcohol Companies

During this webinar, our experienced privacy and cybersecurity lawyers joined our alcohol regulatory team to review how alcohol companies should be thinking about and maximizing their data. They shared innovative marketing strategies and addressed privacy and cybersecurity considerations from an alcohol commercial side.

Key takeaways included:

1. Keeping ahead of supply chain cyber threats: In the continually evolving cyber threat landscape, organizations must remain vigilant not only about the security of their own data and systems but also about the key vendors and suppliers within their supply chain. Trusted business partners with access to your systems can serve as an attack launch pad and cause business disruption if their own systems are breached. Alcohol companies should ensure that key supply chain agreements contain robust cybersecurity provisions, including the ability to audit provider systems. They also should map out contingencies for supply chain disruption based on cyberattacks, make sure there are appropriate controls in place to reduce the risk of attacks, evaluate applicable insurance coverage and update incident response plans to address this contingency.
2. Using data you have collected: Internal decisions about how to use data you have collected should be made with the involvement of key stakeholders from business to IT and from legal to leadership. Have conversations with these critical stakeholders regarding the operationalization, design, cost and potential roadblocks associated with new data use or collection. Not all new data collection and use is a bad thing, but it is important to do it in the right way and with appropriate messaging to consumers. Data can be valuable if companies maintain compliance on the front end to ensure the relatively unlimited use of data post-acquisition. It is critical to think through the entire process from start to finish before launching a new data-driven initiative.
3. Leveraging personal data for marketing: Set clear marketing objectives and determine how data can help you achieve those objectives. Identify what data you need, whether that data needs to be identifiable and how long you need to keep the data to achieve your marketing purpose. Also, consider how you are going to source your data and ensure that you have the rights and control you need to use that data for your own marketing purposes.
4. Being transparent: Once you have clear goals for how to use data, make sure you understand the rules and responsibilities around the use of data—particularly personally identifiable information. Always be transparent about your collection, use and disclosure of data, and keep your privacy policies up to date.