Skip to content

Top GCs Share Their Strategies for Partnering With Marketing on Consumer Privacy Issues

Consumer data and privacy issues are top of mind for GCs, but marketers often control that data. Here’s how GCs can partner with marketing effectively.


  • Team L Suite

Career & Brand Building

Featuring Insights From:


  • Ami Rodrigues

    Head of Global Privacy
    Under Armour
    Ami Rodrigues, Head of Global Privacy, at Under Armour
  • Julia Shullman

    General Counsel and Chief Privacy Officer
    Julia Shullman, General Counsel & Chief Privacy Officer, at Telly
  • Andy Dale

    General Counsel & Chief Privacy Officer
    Andy Dale, GC and Chief Privacy Officer, at Open AP

As a GC, compliance with consumer privacy and data regulations is top of mind. But the team that controls all of that data is typically marketing — a team that may not be living and breathing the ins and outs of privacy law like you are.

So, building a relationship with the marketing team is crucial. But where do you start? Who do you speak to? And how do you get them to understand (and care about) the major privacy issues that could potentially affect your company?

We sat down with three GCs who have effectively built bridges with the marketing teams at their companies: Ami Rodrigues from Under Armour, Julia Shullman from Telly (formerly at TripleLift), and Andy Dale from OpenAP (formerly at Alyce).

Here are their tips for building a great relationship with your marketing team and using that as a foundation to partner on privacy issues.

Key Takeaways:

  • Create ongoing touch points across the marketing organization, not just with the CMO.
  • Understand the marketing tech stack from top to bottom, including every third-party tool and vendor used, to identify potential risks.
  • Work together with marketing to create documentation for customers, vendors, partners, and more.

Get Marketing on Your Side

“Right when I join a company, marketing teams are some of the first that I’m meeting with, particularly from a privacy perspective, because they hold the keys to so much data, and I want to establish from Jump Street that we’re partners,” says Dale.

If you don’t already have a recurring touchpoint with marketing, set that up now.

While you should definitely have conversations with leaders, such as the CMO, you should ideally be speaking with people at every level (“You need to have touch points, especially in a startup, with most of the marketing team,” adds Dale.) Establish what marketing is doing now and what their goals are for the future. The goal in these conversations is to identify what specific privacy issues might affect the business and where the privacy gray areas are within your company, and to help marketing understand those issues.

To do this effectively, it’s helpful to emphasize that you’re there to help them, not get in the way — and that handling customer data isn’t just a compliance issue, it’s a business strength. “There’s tremendous benefits of first party data to marketing but also within privacy. If you have a shared ethos of, what does it mean to be consumer-centric, that’s where you have your values and goals aligned to ensure the consumer is at the center of what you’re trying to do,” says Rodrigues.

One great tactic for getting marketing on your side is by working with them to create customer-facing documentation (like blog posts, support articles, or videos) that address how your company addresses consumer data and privacy. “Actually help them get out ahead with a narrative around privacy (and potentially security) and why it’s so important to your business, not just from a compliance perspective, but also from a go-to-market,” says Shullman

Once you’ve built rapport with marketing, it’s time to take it to the next level and scale your relationship with documentation, processes, and key privacy stakeholders. Read our post on launching a privacy program to learn more.

Demystify Your Tech Stack

Do you know what products and services your marketing team uses and how your customer data flows between them? Marketing teams tend to stitch different solutions and technologies together, and as a GC, it’s important to understand what they’re using and why, as well as any risks that exist.

A great start is by holding a session with marketing to map out every single point in a customer’s journey, then get behind the business use-case for each system in place.

Depending on the type of work you’ve done before, you may even have recommendations for systems that will help the marketing team better achieve their goals while reducing risks. “We can be much more than the attorney,” says Dale. “Definitely in the startup world, and even in bigger companies, marketing teams need that recommendation.”

Remember, the way customer data flows through your company has long-term effects, such as your company’s value during an acquisition event or IPO. Make sure your marketing team knows that their actions can have long-term effects on your organization’s success.

Build Processes for Vendor Vetting

Ideally, you want to get to a point where marketing is thinking through any privacy risks before the end of the vendor selection process. To get your marketing team there, you’ll need to teach them how to spot any potential privacy red flags by asking questions before they get into vendor conversations such as:

  • Where is the vendor located?
  • What is the use case for your customer data?
  • Will there be any additional data ingestion beyond the business use case?

One way to do this without creating much friction is by creating a document that they can refer to during the vendor selection process. You can also have quarterly or bi-annual meeting with marketing where you review how they should go about addressing top privacy concerns. Rodrigues notes that she likes to have an annual refresher training for procurement and commercial teams so they can spot issues early on in vendor conversations.

If your company is a vendor, you should have plenty of materials in place (decks, one-pagers, etc.) that lay out your positions on privacy and data protection. And it should be clear to your team how and when to distribute these materials to a client.

A good way to start these materials is by looking at any frequent RFI and RFP questions you’re getting, then expand your content library from there. Above all, any documentation you create should be the end result of a longer process that you’ve gone through to fully flesh out your privacy program.

Becoming a partner with your marketing team is a long-term process that will pay dividends multiple times over as your company grows. Getting them to think of you as a partner rather than just a lawyer is pivotal for ensuring that you work together successfully.

Want to learn from other GCs about staying ahead of global privacy changes? Apply to become a member of The L Suite today.

About The L Suite

Called “the gold standard for legal peer groups” and “one of the best professional growth investments an in-house attorney can make,” The L Suite is an invitation-only community for in-house legal executives. Over 2,000 members have access to 300+ world-class events per year, a robust online platform where leaders ask and answer pressing questions and share exclusive resources, and industry- and location-based salary survey data.

For more information, visit