The two targeting methods that Facebook still offers are focused on first and second party data. Facebook will continue to allow a marketer to segment based on the third-party data they excel at collecting (page likes, interests, etc. Facebook will also continue to allow sellers to use their own source data). Third-party data is data collected directly from users by one company and then sold or delivered to another company.
It is often sold in private deals, exchanges and social media and advertising platforms use it to improve segmentation. When you buy site audiences, CRM retargeting lists, site retargeting lists, etc. It basically means using someone else's third-party data for your own marketing. For example, if you want to be able to target people who read a specific publication, you can buy that publication's own data so you can market to those people in a different online context.
By collecting data from third parties, marketers gain access to information about consumers who may be interested in their products. It is rather a small group, but with a specific interest or behavior (for example, craft beer lovers or football fans who have been in the stadium of their favorite team in the last two weeks). A simple way to leverage third-party data is to work with a data provider to share similar audiences on your Facebook advertising profile. If you created an agreement outside of Facebook to share audiences with another company and then they shared with you a personalized audience that they collected directly, it would be considered third-party data.
Now is the time to have open conversations with your customers and make sure they understand the value exchange when they extend the privilege of sharing their data with you, as well as with any third party you share your data with. But how do you find those companies? One of the easiest ways to find a buyer or seller is through a third-party data marketplace, such as the Lotame Private Data Exchange (PDX), which connects both parties to allow third-party data transactions. From the point of view of the GDPR, both parties to a data exchange agreement are joint data controllers, which means that they have equal responsibility for the lawful processing of their customers' data. The CCPA is primarily designed to allow consumers to opt out of the sale of their data to third parties, so any company subject to the CCPA should carefully consider their position when it comes to using third-party data.
As with all other aspects of the GDPR (and post-Brexit, UK GDPR), the user must have freely consented to their data being shared, and both parties must have a legal basis for processing the data, which may be different for each party to the agreement.