How do retailers balance personalisation and privacy to win trust while increasing revenue?

‍

Research highlights for time-pressed retail leaders

Personalisation and privacy are often framed as a trade-off: “use more customer data to make experiences more relevant” versus “use less data to reduce risk.” Current evidence suggests the better framing for retailers is trust-led growth: design personalisation around customer control, clarity, and fair value exchange, so customers opt in willingly and stay engaged longer. This matters because consumer expectations for relevance are high, but tolerance for “creepy” or inaccurate personalisation is low. A large global study by BCG found that around four-fifths of consumers are comfortable with personalisation, yet two-thirds report at least one negative personalised experience that led them to disengage.

Trust is now directly connected to commercial outcomes. PwC’s global Voice of the Consumer Survey 2024 reports that data protection is the leading factor influencing consumer trust (83%), and that a large majority (80%) want assurances their personal information won’t be shared.  In Australia specifically, the OAIC’s Australian Community Attitudes to Privacy Survey 2023 highlights a trust-and-understanding gap: only around two in five feel organisations are transparent, 58% say they don’t understand how their information is used, and 84% want more control and choice.

Meanwhile, the “cookieless future” is no longer just a single browser deadline—it is a broader shift driven by browser defaults, user choice, and policy. WebKit’s documentation explains that Safari’s tracking prevention includes full third‑party cookie blocking by default under Intelligent Tracking Prevention (ITP), with third‑party cookie access only possible via mechanisms like the Storage Access API.  At the same time, Google’s public updates show Chrome’s path has changed: Chrome is maintaining its current approach to third‑party cookie choice, while Google is also retiring multiple Privacy Sandbox technologies due to low adoption and continuing others such as CHIPS and FedCM.

Revenue upside is real when personalisation is done well, but so is downside. McKinsey reports that personalisation often drives 10–15% revenue lift (with a wide range depending on sector/execution) and that faster-growing companies drive more of their revenue from personalisation than slower-growing peers.  BCG adds that personalised offers can generate materially higher ROI than mass promotions, and that convenience- and relevance-driven personalisation can lift conversion and cross-sell rates substantially (depending on use case).  The conclusion is that the goal is not “more personal data” but better, permissioned data used in ways customers consider fair.

‍

What the evidence suggests about first-party data, consent, and the cookieless future

A practical way to “win trust while increasing revenue” is to treat privacy as part of the product experience, not just a compliance task. The evidence breaks down into four connected realities.

First-party data strategy is becoming the economic centre of retail growth. Consumers are signalling they will share data when the benefit is obvious and the handling is responsible. PwC describes an emerging “social contract” where consumers share information for value (for example, promotions and perks) and notes that loyalty programmes are becoming a primary engine of customer data for many companies.  BCG’s research also positions first‑party data (transaction and engagement data collected directly from customers) as the “lifeblood” of personalisation efforts.  Practically, this pushes retailers toward building durable, permissioned identity and measurement capabilities across owned channels (store, ecommerce, app, email/SMS, service, and loyalty) rather than over-relying on third-party tracking.

Consent-aware personalisation is not optional if you want durable growth. In Australia, the OAIC explains that consent is generally required in higher‑risk situations such as collecting sensitive information or using/disclosing personal information for a secondary purpose.  The OAIC’s broader guidance also reflects a data-minimisation expectation: organisations may only collect personal information that is “reasonably necessary” for their functions or activities (with additional limits around sensitive information).  This legal baseline aligns with the commercial reality in ACAPS 2023: customers increasingly want real choice and clearer explanations.  The practical implication is that retailers need personalisation systems that can gracefully degrade based on consent state—still delivering a good experience without coercive “take it or leave it” data capture.

The cookieless future is better understood as “less trackable by default,” not “cookies end on a date.” Safari’s WebKit documentation states that ITP blocks third‑party cookies by default and describes how third‑party cookie access can only be granted through specific APIs.  On the Chrome side, Google’s public “Update on Plans for Privacy Sandbox Technologies” (Oct 17, 2025) says Google will continue supporting some technologies with broader adoption (for example CHIPS and FedCM), while retiring others (including Topics, Protected Audience, Attribution Reporting API, and IP Protection) due to low adoption and ecosystem feedback.  The UK CMA-focused progress reporting also records Google’s April 2025 position: maintaining the current approach to third‑party cookie choice and not rolling out a new standalone prompt, while re-evaluating the role of remaining Privacy Sandbox APIs.  The executive takeaway is that retailers should build measurement and audience strategies that assume reduced cross-site signal quality over time (through browser controls, OS changes, consent choices, and shifting platform capabilities), even if some cookies still technically exist.

Transparency is increasingly a growth lever, not a cost. ACAPS 2023 shows transparency and comprehension are weak: only two in five feel organisations are transparent, and over half do not understand how their information is used.  PwC’s survey reinforces that data protection is a top trust driver.  And customer trust is connected to how retailers deploy AI as well: Salesforce’s “State of the AI Connected Customer” report highlights a trust decline and shows that 42% of customers trust businesses to use AI ethically (down from 58% in 2023), alongside increased customer protectiveness regarding personal information.  Transparently explaining “what we collect, why, and what you get in return” becomes a commercial differentiator because it increases opt-in rates, reduces complaints, and protects customer lifetime value.

A final constraint executives should keep visible is the cost of privacy failure. IBM reports a global average cost of a data breach of 4.4M USD in 2025  and 4.88M USD in 2024,  turning privacy and security from “risk management” into a margin issue. In Australia, OAIC reporting shows breach notifications remain high: July–December 2024 had 595 notifications, with 1,113 total notifications in 2024, and 69% attributed to malicious or criminal attacks.  In parallel, Australia’s privacy penalty regime increased significantly, with maximum civil penalties for serious/repeated interferences with privacy reaching the greater of $50 million, three times the benefit obtained, or 30% of adjusted turnover, as described in Australian government legislative documentation and OAIC guidance.

‍

Draft article copy for publication

The copy/paste article below intentionally includes no links or citations, per your request. A separate, editor-friendly evidence list (with sources) appears in the next section.

Title (SEO-friendly question):

How can retailers balance personalisation and privacy to win trust while increasing revenue?

Retail leaders are being pulled in two directions at once. On one side, customers expect retail experiences that feel relevant: the right products, the right offers, the right channels, and less wasted time. On the other, customers are increasingly wary of how their personal information is collected, shared, and used—especially as data breaches and AI-driven decisioning become daily news.

This tension is often described as personalisation versus privacy. In practice, the retailers that grow sustainably treat it as personalisation with privacy—using trust as the mechanism that unlocks both customer relationships and revenue.

This article unpacks what that means in plain language and provides a practical model for building a first‑party data strategy, delivering consent‑aware personalisation, preparing for the cookieless future, and using transparency as a growth lever.

Personalisation and privacy (plain-language definitions)

Personalisation is any deliberate effort to tailor an experience to an individual or a segment based on information about them or their context. In retail, that might include product recommendations, tailored promotions, personalised search results, reorder prompts, local store stock visibility, or a service agent having relevant context when a customer asks for help.

Privacy is the customer’s ability to understand and control what happens to their personal information—and the retailer’s responsibility to handle that information safely, fairly, and for clear purposes. Privacy isn’t just a legal box to tick. It is part of the customer experience: it answers questions like “Why are you asking me this?”, “What do I get out of it?”, “Who will see it?”, and “Can I change my mind later?”

When personalisation is built without privacy, it can feel intrusive. When privacy is designed without value, it can feel like friction. Winning strategies treat trust as the bridge.

Why “personalisation vs privacy” is the wrong battle

Many organisations still operate as if there are only two options:

1. Personalise aggressively to lift conversion and average order value, then deal with privacy concerns later, or
2. Minimise data use to reduce risk, accepting less personalisation and slower growth.

There is a better option: design personalisation around customer choice and a fair value exchange. That approach produces a self-reinforcing cycle: customers opt in, data quality improves, experiences become more relevant, and customers stay engaged longer—lifting lifetime value while reducing compliance and reputational risk.

The flywheel works only if each step is credible. If the customer cannot see the value, or cannot control the relationship, the loop collapses.

First-party data strategy: build a trustworthy data asset (not a bigger database)

A first‑party data strategy is the plan for collecting, connecting, and using data from your direct relationships with customers. For retailers, the strongest first‑party signals typically come from:

• Purchase and basket history (in-store and online)
• Loyalty programme participation and preferences
• Digital behaviour on owned channels (site, app, email, SMS)
• Customer service interactions and feedback
• Returns, exchanges, delivery preferences, and store fulfilment choices

A common mistake is to treat first‑party data as “anything we can capture.” A better approach is to treat it as a product with a quality standard: only collect what you will genuinely use to improve customer outcomes.

A practical first‑party data strategy usually includes five building blocks.

A single customer view across channels (without forcing a single identity)

Retailers often have fractured data: ecommerce knows the customer’s browsing behaviour, stores know the transactions, service teams know the complaints, and marketing knows who opened what email. That fragmentation creates bad personalisation—like promoting an item a customer already returned, or recommending products that contradict stated preferences.

The goal is not to “track everything.” The goal is to create a reliable, governed view that connects what should be connected (for example, loyalty ID to POS to ecommerce) while respecting consent and allowing customers to engage anonymously when they want to.

A clear “value exchange” for every data collection moment

Ask: when we request email, phone number, date of birth, location access, or preferences, can we answer in one sentence what the customer gets in return? If the answer is vague (“marketing updates”), trust will be low. If the answer is specific (“digital receipts, easier returns, and tailored specials on items you buy”), opt-in tends to rise.

Data minimisation and purpose clarity

Build your data model around specific use cases. For example:

• If the use case is “faster checkout and easier returns,” you may need a stable identifier, receipts, and purchase history.
• If the use case is “relevant product recommendations,” you may need browsing and purchase signals plus basic preference settings.
• If the use case is “local availability and fulfilment choices,” you may need store location data and delivery preferences.

Data that doesn’t support a customer benefit becomes risk and cost: it adds security exposure, creates governance work, and makes transparency harder.

Security and resilience as part of the growth strategy

First‑party data is valuable, which means it attracts attackers. Retail leaders should treat privacy and cyber controls as revenue-protecting capabilities. If a breach forces customers to reset passwords, distrust marketing, or abandon a loyalty programme, the long-term cost is not just the incident response—it is customer lifetime value and brand equity.

Measurement that still works with less cross-site tracking

As third‑party tracking becomes less reliable, retailers need durable measurement approaches. That typically includes stronger first‑party event capture on owned channels, better consent-aware analytics, incrementality testing, and a clearer separation between customer experience metrics (conversion, retention) and ad-platform-reported metrics.

Consent-aware personalisation: make permission a design input, not an afterthought

Consent-aware personalisation means your personalisation engine respects what the customer has agreed to—and is built to operate well even when consent is partial.

Three design principles make this practical.

Make consent choices meaningful and easy to manage

Customers should be able to say “yes” to helpful experiences without being forced into blanket consent. For example, a customer might be comfortable with personalised product recommendations on your website but not comfortable with third-party advertising offsite. Your systems should be able to reflect that choice, not just capture it in policy text.

A preference centre is not only a compliance artefact; it is a retention tool. When customers can change their minds, they are less likely to churn completely.

Use “just-in-time” explanations at the moment of value

Generic privacy policies are not where customers make decisions. Customers decide when they are asked for something. For example:

• “Turn on location to see stock in your nearest store and get same-day options.”
• “Save your sizes to make checkout faster and improve fit recommendations.”
• “Share your birthday to get a birthday offer (optional).”

This turns privacy from a legal disclaimer into a clearer experience.

Match the personalisation intensity to the sensitivity of the data

A simple rule: the more sensitive the data and the more surprising the use, the higher the bar for transparency and explicit opt-in.

A helpful mental model for retail teams is a “personalisation ladder”:

• Level 1: Contextual (no identity needed). Examples: trending items, in‑session recommendations, location based on store chosen manually.
• Level 2: Recognised (basic identity). Examples: saved basket, reorder prompts, tailored onsite offers for loyalty members.
• Level 3: Predictive (behavioural models). Examples: next‑best‑offer, churn risk messaging, dynamic pricing experiments.
• Level 4: Deeply personal (sensitive categories or inferred attributes). Examples: health-related inferences, children-related targeting, or highly specific profiling.

As you climb, consent must become more deliberate, and transparency must become more specific.

The cookieless future: what it really means for retail growth

The phrase “cookieless future” is misleading if it makes leaders think this is only about whether a browser supports cookies. The bigger change is that cross-site tracking is becoming less dependable, even when some cookie mechanisms remain.

For retailers, the durable implications are:

Shift from rented audiences to owned relationships

When acquisition relies heavily on third-party signals, performance can be volatile. A first‑party approach shifts investment toward assets you control: loyalty, subscriptions, app adoption, CRM quality, and onsite experience.

Invest in privacy-safe collaboration for measurement and partnerships

Retail media and brand partnerships increasingly require ways to collaborate without exposing raw customer data. Approaches like clean-room style collaboration and aggregated reporting are becoming more common because they allow insights and measurement while limiting data leakage.

Strengthen onsite and in-app personalisation

As offsite signal quality degrades, the best personalisation opportunities move toward places you directly control: product discovery, search, recommendations, and service experiences. These are also the places where the value exchange is easiest for customers to understand.

Make your experience resilient even when consent is “no”

Retailers should assume a meaningful portion of customers will decline certain forms of tracking. The question becomes: does the experience still feel high-quality? Designing for “no” (and still delivering convenience) is a competitive advantage.

Transparency as a growth lever: turn privacy into a customer experience feature

Transparency increases revenue when it reduces fear and increases participation. When customers understand how data will be used and can control it, they are more likely to opt in to experiences that drive value—especially loyalty experiences.

Five practical transparency moves that drive both trust and performance:

Explain your data use in customer language, not legal language

Replace abstract terms (“process”, “legitimate interests”, “third parties”) with concrete examples (“we use your purchase history to suggest refill items; we do not sell your personal information”).

Tie every permission to a benefit

If you ask for a permission, show what improves. This is especially effective for in‑store experiences: digital receipts, faster returns, and personalised offers for frequent categories.

Show customers what you know (and let them correct it)

A “your preferences” view—sizes, favourite store, preferred categories—builds confidence because customers can see and edit what drives the experience. It also improves data quality.

Offer timed controls and reminders

For example, allow customers to pause personalisation for a period, or remind them annually what choices they’ve made. These small signals communicate respect—and reduce the feeling of being watched.

Prove restraint

Customers notice when retailers ask for too much data too early. Delaying requests until the benefit is relevant can improve opt-in rates and reduce drop-off.

A practical playbook for executives: what to decide in the next 90 days

To move from debate to execution, leadership teams can focus on four decisions.

Decide the personalisation use cases that matter most

Pick 3–5 use cases that directly tie to revenue and customer value (e.g., personalised offers for loyalty, better search and recommendations, post‑purchase replenishment, store fulfilment personalisation).

Decide the minimum data needed—and the consent model for each use case

For each use case, specify: data inputs, sensitivity level, consent requirement, and fallback experience.

Decide how customers will control their experience

Define the preference centre and the “just‑in‑time” notices that will appear at key moments.

Decide the trust metrics you will track alongside revenue metrics

Revenue outcomes (conversion, AOV, repeat rate) must be tracked alongside trust indicators (opt-in rate, unsubscribe rate, complaint rate, data access/deletion requests, and customer trust survey signals). If you measure only revenue, teams will over-collect data. If you measure only compliance, teams will under-invest in customer value.

Conclusion

Retailers do not need to choose between personalisation and privacy. They need to choose between short-term optimisation that erodes trust and a trust-led growth model that earns permission, improves data quality, and builds durable revenue.

The winning approach is simple to say and disciplined to execute: collect less but better first‑party data; personalise only with clear consent; design for a world with weaker third‑party signals; and treat transparency as part of the product experience.

‍