Skip to main content
customer experience optimization

How to do customer experience optimization with user data

October 26, 2021
Reading time: 
15 minutes
Daniel Boltinsky
Daniel Boltinsky
Kameleoon, Managing Editor, North America

Mature data strategies let organizations that have them move from the most simple types of testing to the more advanced.

According to the latest research from Forrester, this leads to faster growth: Companies that harness and apply data and analytics to differentiate their products and customer experiences are forecast to grow 27% to 40% annually. That’s more than twice as fast as companies that don’t.

The problem is, too many companies don’t optimize as much as they should because they’re overwhelmed by data or believe that leveraging data for optimization is a risk.

If your company falls into this category, this guide will help you categorize your various user data and build a privacy-compliant governance strategy.

cx optimization


(A data governance strategy is an elaborate way of saying that you know which data you plan to use for what purpose, and how you plan to do it.)

What you’ll learn in this guide to data and customer experience optimization

  • The different types of data and why they matter
  • How to not feel overwhelmed by the volume and velocity of data you think you have to process
  • How to start optimizing with each type of data, so you can achieve business growth and hit your KPIs
  • It includes a helpful graphic to help you quickly determine how and what data you can use to improve conversions, engagement and revenue - no matter your industry.
A/B testing becomes overwhelming for companies because the things that seem the easiest are usually the least impactful. If you’re Google and you have an infinite sample, maybe you should test button colours, but otherwise, there are a thousand other things you can do. The big problem is, nobody’s really taught marketing teams what the effective mechanism is for identifying opportunities and then testing against that benchmark.
Ryan Koonce
Ryan Koonce
Founder, Mammoth Growth


1 How risky is doing customer experience optimization with user data

Too many brands don’t do customer experience optimization because they think data is risky.

The first thing you need to know is: Most data that you will use for A/B testing is not risky or sensitive at all. In fact, 96% of all data you collect on your customers on your website is completely anonymous.

It’s not covered by any regulations, because it counts as non-personally identifiable (PII) data. There’s no way anyone can tie this information back to the user’s identity. You can use the data to help you achieve your business KPIs without worrying about regulatory risk.

We will go over what you can do with non-PII data later in this article. But, here are a few examples of it.

  • Serve an optimized digital experience based on the type of device (mobile vs phone vs desktop) your customer is using
  • Find and fix points of friction based on how the visitor behaved on your site using on-site browsing history (scroll depth, engagement, time on page)
  • Serve personalized experiences to customers based on their acquisition source (social media, organic or direct traffic)


Does this mean that if the data is personally identifiable, you should not use it? Absolutely not. In fact, using personally identifiable data (PII) can be done with very little risk as well.

There are plenty of things we can do without PII, because we know things about the customer that aren't PII. I think the only time PII becomes a particular problem is when I’m truly going to try to do some kind of 1-to-1 optimization. What we’ve found is that so many companies are so far away from that and that there’s so many other opportunities, that it just doesn’t matter.
Ryan Koonce
Founder, Mammoth Growth

You can still use PII with very little risk by anonymizing it.

PII opens the door to dozens of targeting, testing and customer experience optimization techniques. It lets you run more advanced tests after you’ve already become familiar with basic A/B tests, multivariate tests, and other no-risk techniques we’ll go over in more depth below. These tests will help you be even more precise with your targeting and optimization, helping you create an even better customer experience.

A few pieces of PII on their own are not very sensitive. Because it's part of a network, an IP address alone does not reveal a user's identity. However, it has the potential to identify a user when seen beside other PII. Many companies use an IP address for "geolocation" to serve their customers better. It's how you see the restaurants nearest to you in Google, or see the results in your language. However, when combined with other kinds of PII like personal information on your CRM, it could reveal the user’s identity.

Companies do what’s called “anonymization” when working with PII.

Anonymization lets you use riskier types of data. Your personal information is identifiable data, but it can be separated from your identity with anonymization techniques e.g. data masking and generalization. If you want a deep dive into the specifics of anonymization, here’s a guide. Once the PII has been anonymized.

Basically, it comes down to knowing how and when to use anonymous and PII data. When you know how to do this, you have a data governance strategy that you can use to optimize, and grow!

using data for CX chart

2 The Customer Experience Data Risk Pyramid


Below are 3 types of data—anonymous, pseudonymized, and identifiable—and 7 optimization methods that leverage them, going from the least to most risky.

The different types of testing overlap. When looking at the Data Governance Risk Pyramid, it is important to remember that the techniques are not mutually exclusive. While A/B testing is at the bottom of the pyramid, the optimization techniques above it also use A/B testing. By being lower on the pyramid, the infographic reflects the idea that A/B testing is the foundation of the others. The techniques above often include the techniques below them, but this is not the case the other way around.

3 Anonymous data for CX optimization

On your website, 96% of visitors are anonymous, meaning that you cannot identify them and recognize them on their next visit. They generate “hot data”, covering everything they do when browsing. Normally this is anonymous unless the visitor is logged in (and consequently identifiable.)

You should use anonymous data because its low-risk, high-reward. As James McCormick of Forrester points out in the analyst’s “Adopt AI for Personalization Safely and Smartly to Win European Customers” report, “anonymized data such as visitor website behavioral data is relatively low risk to use.”

Here are some examples of anonymous data:

  • What people have people clicked on
  • The frequency of their clicks
  • Where they have come from (organic vs direct vs social media)
  • How much time they have spent on specific pages
  • How their journey has progressed through your site
  • Their search bar usage


According to a recent Forrester report, only 31% of healthcare organizations run A/B tests all the time, despite the fact they are an essential part of a strategy that makes HCOs 5x more likely to grow revenue.

Healthcare is a perfect example of a data-cautious industry, along with finance and insurance.

Being data-cautious, HCOs are afraid of using data to the point they neglect even the least risky types of testing, thereby falling behind new, digital-first platforms and startups who are not afraid to apply data-driven customer insights.

table using data for optimization

However, there’s so much you can do with anonymous data. Here are some examples:

Basic A/B Testing

A/B testing involves taking two or more variants of a feature or website and seeing which works best for different audiences and segments. A/B testing is a mature practice, and there are many A/B tests you could run without going anywhere near identifiable data.

  • Test on-page elements
  • Website headlines
  • Call-to-actions
  • Hero images
  • Pop-ups
  • Pricing offers
  • Lead capture: Forms are often the point of resistance that makes users bounce.
  • Input fields
  • Alignment
  • Field labels
  • Design
  • Accessibility
  • Device type (mobile vs. tablet vs. desktop)
  • Font sizes

Multivariate Testing

Multivariate testing simultaneously tests several elements of customer experience together. Compared to a classic A/B test a multivariate test allows a greater understanding of the reasons behind performance differences between different variations.

Here’s an example:

In an A/B test on your mobile site, a larger button may have generated more clicks than the smaller one. However, unlike your mobile site, your desktop uses a double-column layout. To conduct a multivariate test on the desktop site, you would want to test both layouts plus both button size variables.

This technique can calculate the combination of attributes that best achieves the desired outcome for each different customer segment.

Rules-Based Targeting

Rules-based targeting delivers specific content and experiences based on “business rules”—a term that can encompass any sort of criteria the marketer decides to use. With the addition of PII, rules-based targeting can become profile-based targeting. However, in its least risky form, you can optimize with rules-based targeting using entirely anonymous data.

  • New vs. returning visitors
  • Mobile vs. desktop
  • Android vs. iOS vs. Windows
  • Time on page
  • Scroll depth
  • Video engagement


For example, you could integrate a Google Tag Manager pixel once a user attains a particular scroll depth on a landing page. Knowing that a user understands your basic value proposition, you might decide to test a social proof-focused pop-up when they bounce, rather than an informational one.

4 Pseudonymized data for CX optimization

Pseudonymized data is a broad category. Essentially, it is any type of data where the company makes efforts to cloak personally identifiable information (PII). It includes:

  • Transaction history
  • IP addresses
  • Browser history
  • Posts on social media
  • Geographic information


Anonymization is a skill to mitigate the risks of using identifiable data, rather than a box to be ticked. An effective, experienced data scientist can anonymize personally identifiable data in a way that it cannot be linked back to the customer, significantly reducing your regulatory risk.

Techniques include character shuffling, encryption or character substitution.

Regulators will look at data on a case-by-case basis to determine whether it fits the definition of PII. However, it is clear that companies must ask for users' consent when using PII, whether it is pseudonymized or not, for marketing purposes. In other words, regulatory requirements apply to pseudonymized data.

It comes down to legal liability. I think people are comfortable doing as much as they can in terms of data collection as long as it fits within the confines of not running the risk of getting sued. When it comes to PII and PHI, is there is a list of 14 different information. Part of the way I approach being cautious is and being protected as a business is validating what happens if this data gets released into the world. In my opinion, you can collect as much data as you want about a user, as long as you’re legally equipped to do so.
Austin Kueffner
Austin Kueffner
Partner, Data and Analytics Intelligence, Outliant

Pseudonymized data will not give your organization an entirely different set of tools than you have with just anonymous data. However, those who already have A/B testing and experimentation programs can extend their capabilities to more advanced techniques by adding pseudonymized data.

For example, you should already be proficient in rules-based targeting to do profile-based targeting. Contextual targeting makes little sense if you’ve never run A/B tests.

If you have pseudonymized data, here’s what you can do:

Product/content recommendations

Whereas with anonymized data only, you are limited to in-session behavioural data, pseudonymized data allows you to apply historical behavioural data and product affinity data to make your recommendations even more effective.

Say you own an online sneaker store. With the former type of data only, you would be limited to recommending socks to people who are spending a lot of time in the socks section of your footwear site. In the latter, you could immediately recommend socks to those looking for socks elsewhere online (when using 3rd party cookie data, for example) or to return customers who previously bought socks on your site.

Contextual targeting

You do not always need personally identifiable information to discover context—for example, one can place an ad for new car accessories on an article entitled “When to get a first oil change” because that the context is clear—the reader probably bought a car recently and will likely need accessories.

However, pseudonymized data allows you to target people based on their physical location and other related factors like weather and driving time. If your store sells winter tires, you can use contextual targeting to advertise to users in Canada who are commuters.

Profile-based targeting

In this case, you will need to use some PII, whether anonymized or not, to build and identify customer profiles. This includes age, last transaction, and propensity to act.

Note that profile-based targeting—not to be confused with basic customer profiling—is a relatively advanced technique. It involves calculating and targeting the experiences (e.g., ads, content, and products) most likely to result in a positive outcome (e.g., click, conversion, and revenue), and discovering the segments based on profile data that are more likely to convert.

6 Identifiable data for mature CX optimization programs

If you’re asking about how to use identifiable data for marketing, you’re probably not ready.

Identifiable data refers largely to customer and user information that you have in your CRM, or transactional data. Here, PII is readily available.

Use identifiable data later on. Organizations starting out on their data governance and optimization journeys should focus their efforts on leveraging anonymous and pseudonymous data.

However, identifiable data becomes indispensable for organizations that perform advanced algorithmic personalization. That’s because algorithms require large amounts of customer data to work. Connected with a company’s CRM, these algorithms and programs will have access to sensitive information which the organization must manage.

Remember: Data governance is just a fancy way of saying that you know which data you plan to use for what.

To leverage algorithmic methods, an organization must know in advance which kinds of user data it plans to use for what kind of marketing. That way, when collecting the data, they can ask for consent, so that only that subset can be used by the algorithm for certain tests. However, data-compliant tools—like Kameleoon—can help you algorithmic testing without the risk. 

Once you’re ready to apply identifiable data, you can do:

Omni-channel optimization

As Forrester writes, omni-channel optimization “uses open AI platforms that can ingest and calculate many types of engagement data (e.g., behavior, product, context, and profile) to output advanced predictive analytics used for targeted one-on-one experiences—this is a next-generation practice that is only starting to be more broadly adopted.”

The fear of testing things tends to be unfounded. Sometimes, people don’t want to have their ideas challenged. Sometimes, people want to move ‘fast’. To which I’d argue I’d rather be right, and know my efforts are truly working, than be "fast"
Shiva Manjunath
Shiva Manjunath
Senior Strategist, Speero

7 Is it dangerous to use 1st, 2nd, or 3rd party data for customer experience optimization?

Your data governance strategy will probably include 1st party data. Any information you obtain about users on your own website is 1st party data, as well as information you personally obtain by form, email or even phone conversation—because you collected it yourself. If you sell that information to another company it becomes 2nd party data. 3rd party data refers to data sold by vendors who collect, recycle and sell millions of people’s data through giant marketplaces and platforms.

Until recently, many businesses have been able to commercialize customer data without much oversight. But regulations are changing as customers rightfully begin to understand that their consent and any data they supply is theirs unless agreed otherwise.

There are two issues at play: privacy and consent. Imagine how bad your day would be if everyone saw all of your pharmacy bills, or if criminals forged your identity to commit fraud. Anonymization techniques can prevent this, saving you both harm and embarrassment, and they are therefore mandated by many new regulations.

Why 2nd and 3rd party data are riskier

Regulators also make the argument that, on principle, companies should not be able to collect, use, and profit off of your personal information without asking you first. They also require your consent. Since no one would ever consent to their data being passed around, 2nd and 3rd party data are becoming harder to use while companies are increasingly focusing on 1st party data. However, even with 1st party data, companies still need to respect privacy and consent. HIPAA, GDPR, GLBA, and CCPA are the different regulatory frameworks for different regions and industries governing what this entails.

Respecting consent and privacy usually means some combination of anonymization techniques and consent forms in your customer experience optimization.

While running a business, you will collect both non-personally identifiable and identifiable data from users and customers. That’s because a customer will, at some point, provide their credit card information, name, address, and email—a very sensitive set of data. You will also have their on-site behaviour, and possibly their behaviour on other sites with 3rd party cookies.

A user who did not purchase anything would have provided the least amount of PII. Someone who registered on the site or filled out a form provided some 1st party data.

There is a risk spectrum for the kinds of information you can and cannot use for marketing. As a marketer who wants to start optimizing, you must create a data governance strategy that considers the kinds of data you need in order to run different types of tests.

8 Conclusion: Towards a data governance strategy for improving customer experience 

By building a more mature governance strategy, you can stop being overwhelmed by data and move from the most basic, least risky types of testing to the more advanced.

According to Forrester, customer privacy is a top challenge when using data to inform great CX for 33% of banking, investment, healthcare and insurance organizations. However, this is simply the other side of the coin of having more data than they know what to do with. 29% of firms also cite that data materializes too fast for them to manage.

Once you know what data enables which customer experience optimization methods, you can decide how to collect it in accordance with security and privacy regulations.

If this guide showed you anything, it’s that data does not need to be overwhelmingly complicated.

Any organization that invests in data skills, processes, and the right tools can start optimizing and not be left behind by digital-first leaders who make data-informed CX the foundation of their growth.

To find out how Kamleoon can help you optimize your data, book a free demo call now.

Topics covered by this article
Daniel Boltinsky
Daniel Boltinsky
Kameleoon, Managing Editor, North America