Managing contact consent in Dynamics 365 Real-time Marketing

As of October 2023, Dynamics 365 Marketing has been rolled into Dynamics 365 Customer Insights and will now be sold as one product that focuses on real-time customer engagement. All new purchases of the newly unified Dynamics 365 Customer Insights will default to real-time marketing, but the outbound marketing area can be purchased as an attachment.

With this update to the application, Microsoft has placed real-time marketing abilities at the forefront of the new Dynamics 365 Customer Insights application. And even within this investment into real-time engagement, they continue to emphasize their commitment to data security and protections. Marketing consent is a crucial practice to ensure that your marketing ends up in the right hands and follows best practices to aid your sender reputation and prioritize your recipients’ data protections—how their data is collected, where it’s stored, when it’s used, or if it’s even collected in the first place.

Microsoft has placed data security at the top of their priorities across all business application offerings, and one of the ways they do that is by emphasizing opt-in consent in Dynamics 365 Customer Insights (the application formerly known as Dynamics 365 Marketing) to keep your marketing efforts in line with your recipients’ content preferences. Both you and your recipients benefit from a privacy-first approach to marketing. After all, nobody wants to receive clutter in their inbox, and you likely don’t want your email analytics to take a hit send after send.

And even more important, depending on where you’re located and where your clients or contacts are located, there are data protection laws you must adhere to. You may have heard of GDPR (or General Data Protection Regulation) that went into effect in 2018 within the EU. Other data protection laws include CAN-SPAM for email marketing in the US, and CASL in Canada. The details of these regulations are readily available online, so if you haven’t already, be sure to familiarize yourself and your marketing team with the laws you must follow depending on your and your clients’ locations. Consent management in D365 will help you adhere to whichever laws you must follow.

The general best practice is that all contacts must opt-in to receive marketing communications from you, but that they also have the ability to easily opt-out and revoke this consent at any time. So, how is marketing consent established, and how does Dynamics store it?

Establishing and Managing Consent

The easiest way to start this topic is to start by examining contact records in Dynamics. When you navigate to the Details tab on this contact, you’ll see a few things that relate to sending marketing materials. Under this “Marketing” panel there’s a field for Marketing Materials – and this is either set to Send or Do Not Send.

Consent preferences are also stored in the “Data Protection” panel. There’s a field here that indicates the type of consent they’ve given as it relates to their willingness to receive certain kinds of marketing from you, a few important fields indicated if they’re a child and if so, has their parent or guardian given consent on their behalf, and if they’ve allowed you to track certain behaviors as they relate to their interactions with the marketing materials you send.

There are quite a few important fields under the “Contact Preferences” panel, but the Bulk Emails field is the most important one as it relates to sending out marketing materials in Dynamics, since it ultimately decides if you can or cannot send them marketing materials. If it says “Allow,” then you’re in the clear. If it’s set to “Do Not Allow,” then they’ll be excluded from actually receiving anything, no matter how many segments or lists you put them on. And if, at any time, a contact decides to opt-out or remove their consent, this is one place where you could manually take care of that.

But one thing to keep in mind is how consent is stored vs. how it’s actually applied, or how you’re actually allowed to interact with each contact within the bounds of their consent they’ve given (or that they haven’t given to you).

Because Real-Time Marketing operates on the contact level, all consent information is stored per destination, per channel—so a contact’s email address or phone number is the contact point and is the destination for each message you send out. This is known as “Contact point consent” in Dynamics 365. Using Contact point consent, your contacts can opt-in at different consent levels for each of their email addresses and phone numbers, meaning they can choose to receive marketing emails, but may not be interested in receiving text messages from your organization.

Another benefit of contact point consent is that it allows for real-time marketing to orchestrate journeys across any entity and enforce consent for leads, Customer Insights profiles, contacts, and any other entity.

Compliance Profiles

Each contact’s consent preferences are stored in what’s called a “Compliance profile,” which allows you to split up consent preferences across different lines of business or brands you offer if your company operates in several regions with different addresses for your regional offices, or even between GDPR-specific guidelines for EU-based contact as well. Each brand or region would have a unique preference center, and each has a set of purposes associated with it that's specific to it. Each message (for example, email or text message) is tied to a single preference center and an associated purpose.

You can access compliance profiles by navigating to the pop-up menu in the bottom left corner to open up “Settings” then head to Compliance profiles under the “Customer engagement” section.

From there, you can click on +New Profile to create a new profile with a preference center. Each consent profile should be considered the consent hub for each of your different businesses, your different regional or global offices, different brands in an umbrella company, etc., and you’ll need a physical company address to enter for each profile.

You can use existing consent profiles to create new ones with “previously captured consent” – which is helpful for bulk-creating consent profiles for GDPR compliance, for example. Once you’ve created a consent profile, you can apply it to a consent record.

There are a few ways to establish the real-time marketing consent level for each individual contact phone number or email address. First, you can manually add in consent records for emails and text messages. You’ll select either “Email consent” or “Phone consent” from the top action bar and fill in the window with the email address or phone number, their consent status (to allow emails, text messages, and tracking), the reason for changing—either granting or revoking—consent, and if needed, who requested this change. There’s also the option to create custom consent records, which has the same setup questions as adding email and text message consent.

The second way you can gather consent records is by importing settings from an Excel file. Select “Import from Excel” in this action bar and then upload the file. You can also import a CSV or XML file. Tip: We find that CSV files work a little better when importing from Excel!

The third way is to load the consent from records already stored in your Dynamics 365 Marketing contacts. Note that this only loads in contact records used in the outbound marketing area of D365. Only one email address per contact will be brought it, and the “Allow bulk email” field is the only relevant field you’d need to fill out.

Consent Purpose and Enforcement

Once a contact’s consent has been established, there are three different ways to go about enforcing it across various marketing purposes. In this case, a purpose is defined as the specific reason for which consent is collected.

There are three consent purposes to be aware of in Real-Time Marketing. The first one is Commercial Emails. These are emails that are sent to further sell your organization’s offerings, so really, any standard marketing materials that you’d send out in a customer journey. On the other hand, Transactional Emails are emails that must be sent after a transaction has occurred—something related to a monthly bill, or an order confirmation email with a receipt—these are emails that a customer would need to receive whether or not they’ve opted in to receive additional marketing materials from you.

Keep in mind that new emails you create are by default set to commercial, and therefore, will only be sent to recipients that have opted in to receive marketing emails. You can always adjust that in the email settings once you’re working in the email builder.

You can also create Topics to define more granular subcategories of these two types of messages and then edit the preference center similar to a subscription center in Outbound Marketing.

Tracking Consent is the third and final purpose, which essentially keeps track of each contact’s opt-in status to certain activities or behaviors. This keeps track of things like email opens and clicked links. The Consent Tracking purpose is still subject to the two Enforcement models.

There’s the Restrictive model, which states that only contact points (again, those are email addresses or phone numbers) that have opted-in to receive their respective communications may receive marketing materials for their purpose. The Non-Restrictive model states that contact points with either opted-in or “not set” consent records (like a first-time recipient) will receive communications for their purpose. And lastly, the Disabled model means that the communications for this purpose aren’t checked for consent and sent to the entire audience. Note that at this time, all SMS and custom messages are subject to the Restrictive model, so all contacts must opt-in to receive these messages.

Consent Methods—Email, Phone, and Custom

Now, back to establishing consent. You can establish email, phone, and custom consent for each email address, or phone number you use to reach your contacts. They each operate similarly, and all of them will require you to select a Consent Profile, Purpose, and Opt-in or Opt-out value. Really, the only thing that differs is if you’re using an email address or a phone number.

When viewing an Email Consent record, there are ways you can get granular when keeping track of each contact’s specific preferences. You can use the “Value” and “Reason for changing” dropdown menus to identify if a contact has specifically opted in, opted out, or has not yet set their consent level.

This isn’t a required field, but you can also keep track of the specific reason they opted out, or what kind of material piqued their interest in opting in. You can see if they’ve opted in via a landing page or event record, or the reason why they opted out.

The last button in the top action bar worth mentioning is “Load Consent” – which allows you load in existing consent records associated with contacts you have stored in Outbound Marketing. Only one email address per contact will be brought it, and like we mentioned earlier, the “Allow bulk email” field is the only relevant field that’ll get pulled in.

It’s important to take consent seriously and stay current on your consent records and compliance. The general best practice is having your contacts opt-in to receive your marketing communications, with a clear and easy way to opt-out at will. Dynamics 365 helps you achieve this while complying with the consent laws of your region.

We’re happy to further discuss real-time features or outbound features in Dynamics 365 with you!