Ultimate data checklist for 2024: Optimise your digital investments through data collection

It’s no secret that in 2024, data remains the essential pillar for measuring and optimising your digital investments. Whether you’re looking to strengthen your RGPD compliance, optimise your data collection, guarantee the integrity of your information or refine your strategic analyses, this checklist will be your essential ally in maximising your digital investments in 2024.

1. Am I GDPR-compliant?

1.1 Importance of RGPD compliance in 2024

In 2024, RGPD (General Data Protection Regulation) compliance is more than ever at the heart of discussions, driven by the constantly changing economic and legal context and the risks associated with it.

RGPD compliance is an ongoing process. It requires constant attention and proactive measures to ensure that your company always meets the expectations of the Data Protection Authority (or the CNIL in France). In addition, the CNIL has published its 2022 / 2024 RGPD strategic plan, which focuses on three areas:

• Area 1: Promoting control and respect for people’s rights in the field
• Area 2: Promoting the RGPD as a confidence-building measure for data controllers
• Axis 3: Prioritise actions in response to the increasing use of personal data

This CNIL plan highlights the crucial importance of a proactive and strategic approach to data management. Your RGPD compliance not only serves to protect individual rights, but is also a real strategic lever for your business.

1.2 Key steps for successful RGPD compliance

1.2.1 Data identification

Data identification is the first step in the RGPD compliance process. It involves making an inventory of all the personal data held by your company and understanding how it is used. This includes identifying the categories of data processed and the categories of data subjects. It is also important to distinguish between types of authentication:

• Direct authentication (surname, first name, etc.)
• Indirect authentication (identifier, number, etc.).

Even pseudonymised data, resulting for example from a cryptographic hash of information such as IP address, user ID or e-mail address, is considered personal data and remains subject to the obligations of the RGPD.

The tools offered by the CNIL can help you at this stage, including model documents and their risk identification tool.

1.2.2 Protection of personal data

When it comes to protecting personal data, a number of measures need to be taken into account.

Firstly, it is necessary to define a clear, precise and easy-to-understand data protection policy. This policy must also be easily accessible to all users.

Secondly, mechanisms must be put in place to ensure data security. This includes data encryption, the use of firewalls and robust authentication systems. Our advice? Integrate “Server Side GTM” into your monitoring and analysis approach, using GA4 Server-side Tracking! This server-side tagging technique bypasses the limitations of browser preferences and privacy protection tools while guaranteeing user confidentiality. How does it work? GTM (Google Tag Manager) will first send the data to your server before transmitting it to GA4 (Google Analytics), thereby reinforcing the protection of the information collected.

Thirdly, as part of the protection of personal data, an action plan must be drawn up in the event of a data breach. This plan must include detailed procedures for identifying and reacting quickly to any breach, as well as for informing the people concerned.

Finally, respect for the rights of individuals is paramount. The RGPD guarantees a number of rights to individuals, such as the right to access their data, the right to correct it and the right to delete it. With this in mind, it is important to put in place effective procedures for responding to requests for access, correction or deletion of data, thereby ensuring full compliance with privacy protection standards.

1.2.3 Consent management

Consent management is an essential aspect of RGPD compliance. It involves collecting, monitoring and documenting users’ consent to the processing of their personal data.

• Consent must be free, specific, informed and unambiguous. It must be given by a clear statement, such as an affirmative action. Silence, ticked boxes or inactivity do not constitute consent.
• Documentation is also crucial. You must be able to prove that you have obtained RGPD-compliant consent.
• A consent management tool can help you automate this process, archive proof and make it easier to manage withdrawals of consent.
• Finally, consent must be easy to withdraw. Users must be able to withdraw their consent at any time, as easily as they gave it.

1.2.4 Managing individual rights requests

The management of requests for individual rights is a central point of RGPD compliance. It involves dealing effectively and in a timely manner with requests from individuals concerning their personal data. These requests may include access to data, rectification, erasure (right to be forgotten), but also the restriction of processing or the right to data portability.

It is essential to put in place a clear and structured process for responding to these requests. This may include:

• Identifying the claim: What right is being exercised? Who is the applicant?
• Verification of the applicant’s identity: to avoid any disclosure of data to unauthorised individuals.
• Response to the request: within one month, extendable to two months for more complex requests.

2. Am I collecting enough data?

2.1 Alignment with business objectives

The first step in assessing the amount of data collected is to carry out an in-depth analysis of business needs. Understanding your company’s specific objectives and the requirements of each digital action helps identify the types of data needed to measure your KPIs (no more, no less).

2.2 Customisation to target audiences

You may be wondering whether data collection should always be uniform. Although uniform data collection may seem preferable in certain contexts, such as for simplified global analyses, it is not always the optimal solution.

Indeed, it can be relevant to collect specific data by audience segment. For example, in the retail sector, understanding the buying preferences of different demographic groups can guide more effective marketing strategies. Similarly, when it comes to personalising online experiences, collecting segment-specific data can significantly improve user engagement.

Ultimately, for each demographic group or persona, it is important to determine the specific data requirements. By tailoring data collection to these particularities, you can create targeted and engaging campaigns, which will increase the impact of your marketing efforts.

2.3 Assessing the quantity required

As well as collecting data, a key step is to assess the quantity required for effective analysis. This phase involves determining the right balance between exhaustive data collection and the potential risk of information overload.

The idea is to adopt a measured approach based on the precise definition of the relevant criteria for the defined objectives. Rather than aiming for massive and potentially overwhelming data collection, we encourage you to specifically target the data that will add real value to your analyses. In other words, quality over quantity. This approach ensures that each piece of data collected is carefully selected on the basis of its significant contribution to the overall objectives.

2.4 Anticipating future needs

Effective data collection is not just about the present. It must anticipate future needs. This means identifying emerging trends and market developments, so that you can proactively adjust your data collection strategy.

3. Is my data clean?

3.1 Data quality control

The cleanliness of data is crucial to guaranteeing its reliability and usefulness.

3.1.1 Checking data accuracy

The accuracy of the information collected is not only essential, it is also the starting point on which any subsequent analysis is based. To guarantee this accuracy, our experts recommend the use of validation algorithms and data cross-referencing mechanisms. These tools are designed to compare the data collected with reliable sources, identifying any discrepancies or inconsistencies.

3.1.2 Completeness of information

It is essential that the data captured encompasses all relevant aspects, avoiding any gaps that could compromise the relevance of subsequent analyses. Automated verification mechanisms play an essential role in this process by actively detecting areas where information might be incomplete. These mechanisms can include auto-completion algorithms, alerts for missing mandatory fields, or consistency checks to ensure that all necessary data is present and consistent.

3.1.3 Format standardisation

The aim of standardising formats is to eliminate disparities by imposing a unified structure on all the data collected. This simplifies the analysis process by eliminating the barriers associated with disparate formats. The use of standardised protocols is recommended. This may involve adopting data representation standards, uniform naming conventions, or even the use of specific languages to describe the information. These practices ensure uniformity in the way data is expressed, making it easier to understand and manipulate.

3.3 Regular updates

In a dynamic digital environment, data is subject to natural ageing, which can compromise its relevance and accuracy over time. So it’s important for your business to update data regularly to ensure that it remains relevant.

Update routines need to be integrated into your operational processes, to ensure that data is regularly updated without disrupting day-to-day operations. These updates can be scheduled according to industry volatility or specific business cycles.

4. Do I understand my data?

4.1 In-depth data analysis

Fully understanding data goes beyond simply collecting information. It incorporates technical aspects for in-depth analysis, ensuring that the data collected is used optimally to make informed decisions and improve your customer knowledge.

4.1.1 Use of advanced analysis algorithms

Machine learning, predictive analysis and natural language processing are useful techniques if you want to take your data analysis to the next level in the long term. These algorithms can detect trends, predict future behaviour and extract valuable information from existing raw data.

4.1.2 Viewing data

In-depth analysis is enhanced by interactive data visualisation. Advanced graphical tools, such as dashboards, make it easier to understand patterns and relationships within the data. We recommend that you use tools such as Looker Studio, Hubspot or create your dashboards directly in GA4.

4.1.3 Integrating external data

A complete understanding of data often involves the integration of relevant external data, such as social media, market trends or demographics. This enriches your analysis and provides a more holistic view of opportunities and challenges.