Customer Loyalty Hinges on Trust in a Privacy-First Era

While brands are chasing customer data to deliver more value, consumers are drawing firmer privacy boundaries, according to the PwC 2025 Customer Experience & Loyalty Survey.

Results show a personalization paradox where 53% of consumers say it's worth sharing data if it smooths the customer experience (CX) and feels mutual. Yet 93% said they would lose trust if a brand mishandled their personal data.

Executives are misjudging consumer sentiment: PwC found that nine in 10 believe customer loyalty is rising, but only four in 10 consumers agree. Many customers will share basic data to streamline their experience. That openness, however, drops sharply when the information becomes more sensitive, such as biometrics or real-time location.

George Korizis, PwC’s Customer Strategy Partner, says the story is not just about customer data. Privacy is now a loyalty trigger, and brands are walking a tightrope to design personalization that is empowering rather than invasive. Mishandle the balance and loyalty evaporates.

The PwC survey revealed that trust is now table stakes for loyalty, and data can fuel a better customer experience. Bridging this gap requires more than a new loyalty program — especially in a volatile economy and with the rapid rise of AI. It takes the ability to anticipate, design, and deliver the desired experience in real time, every time.

The disconnect between how executives perceive loyalty and how consumers experience it often stems from brands over-relying on data in ways that feel intrusive rather than helpful.

"The key isn’t more data, but smarter, more respectful use of it. The future of loyalty will depend on how well companies orchestrate experiences across their ecosystems — what we call the experience supply chain," Korizis told CRM Buyer.

Understanding the Privacy Factor

Brands that collaborate across the supply chain to deliver value and consistency will close the loyalty gap faster than those that try to own it outright. Consumers increasingly expect personalization that respects their boundaries, Korizis insisted.

He explained that privacy-first personalization means using data with intent and permission, giving customers control, visibility, and tangible value in return. In practice, it looks like experiences that remember preferences without overstepping boundaries.

"For example, an airline offering tailored upgrades based on travel habits rather than tracking unrelated behavior. It works best when it’s built into the entire experience supply chain so that every link, whether it’s the data, content, or service, operates transparently and consistently."

Beyond discounts, the exchange should deliver something of greater value. He suggested proactive service, time savings, or relevant recommendations that make life easier. When a brand anticipates needs and removes friction, it shows it is listening, not just marketing.

Mapping the Customer Loyalty Gap | Q&A

We asked Korizis to expand on the hidden issue underlying changing privacy concerns and their impact on brand loyalty, and share his insights on what brands must do to make the data exchange feel truly empowering and valuable to consumers rather than merely transactional.

CRM Buyer: How should brands redesign the consent mechanism and communication to successfully build trust and gain permission without causing an immediate loss of loyalty?

George Korizis: When brands seek access to highly personal data like location or biometrics, the conversation must start with why and stay contextual. According to our survey, willingness to share intimate data is strikingly low: only 17% of consumers are comfortable sharing their current location, 7% their facial recognition data, and just 4% their fingerprint data. That means permission must be explicit, and the value exchange unmistakable.

Consent should focus on four fundamentals: state the benefit in plain language, explaining why the data is needed and how it enhances the customer’s experience; limit use to the stated purpose; provide easy, ongoing controls that allow customers to adjust or revoke consent anytime; and show clear safeguards that demonstrate how data is protected and who has access.

Clarity at the point of collection isn’t optional. It’s a non-negotiable requirement for long-term loyalty.

What is the most common yet avoidable "mishandling" mistake that instantly triggers loyalty evaporation?

Korizis: Even one misstep can undo years of goodwill. It is critical not to use data beyond its intended shared purpose. To close this gap, companies should audit the alignment between purpose and permission in their customer data platforms, keeping only what’s needed for defined use cases and removing or anonymizing the rest.

They should also strengthen governance and preference management. Our survey found that only 17% of executives currently use a preference-center system — a critical adoption gap that, when closed, can significantly increase customer trust.

Companies should prove both protection and value by pairing consent logs with visible, in-experience benefits that remind customers why sharing their data was worth it.

How will a privacy-first approach fundamentally change the design, currency, and value proposition of the next generation of loyalty programs?

Korizis: The next generation of loyalty will hinge on trust and transparency, offering value through tailored experiences, not just points. We’re shifting from the old model of collecting maximum data for minimal reward to earning permission through relevance.

What will replace the old model of collecting maximum data for minimal reward?

Korizis: Future programs will emphasize experiential value over points. They will use guided onboarding, proactive service, and recognition across channels, while ensuring transparent data exchange using narrow, consented data for clearly explained benefits.

They’ll also shift to a behavior-based design, rewarding observable loyalty such as repeat choice, referrals, and incremental spend rather than vanity signals. A privacy-first approach will make customers feel like participants in the relationship, not products within it, setting a new standard for loyalty built on mutual value.

What organizational or operational shifts must a chief customer officer (CCO) implement to ensure that data is treated across all departments as a protected customer asset, not a mere exploitable corporate resource?

Korizis: Switching mindsets is as much a cultural transformation as it is a technical one. CCOs and customer experience leaders should embed data ethics and empathy into every team, from marketing and product to service and analytics, so that trust becomes a shared responsibility across the organization.

Operationally, that means creating shared incentives for trust, making privacy and consent adherence key performance indicators for all teams. It also means embedding data ethics into design reviews, requiring purpose and permission checks before launches, and training teams to focus on the “minimum effective data,” prioritizing high-impact, low-intrusion inputs for personalization.

What new key performance indicators (KPIs) or metrics should brands be tracking to measure their success in building data trust and loyalty?

Korizis: Traditional metrics like CSAT and NPS don’t fully capture the impact of trust in a privacy-first world. Companies should track behavioral outcomes such as repeat purchase rate, share-of-wallet lift, and customer lifetime value.

It also means measuring consent health, including growth in opt-in rates and how often customers actually use preference settings, which remains a major gap given the low adoption of preference-center systems today. In addition, companies should monitor AI impact by comfort segment to ensure automation enhances, rather than erodes, customer loyalty.

Closing Thoughts

Korizis stressed the idea that privacy cannot be treated as a compliance checkbox. It's a new pillar of the experience supply chain and a brand differentiator.

PwC's survey shows that consumers reward brands that protect their data and use it responsibly. By embedding privacy and data ethics into every interaction, companies can transform regulation into reputation and trust into growth.

In a privacy-first marketplace, loyalty follows the brands that prove they can be trusted with the moments that matter.