Building Trust at Scale: Unlocking Salesforce’s Consent Management Model

‍

For any customer-facing organization, staying connected with customers, whether through phone calls, emails, traditional mail, or any other mode of communication, is critical for delivering great service and building lasting relationships. But in today’s privacy-conscious world, it’s not enough to just reach out. Every interaction must respect the customer’s communication preferences and comply with evolving data privacy laws. Smart outreach starts with consent, hence, a strong consent management model becomes imperative.

Organizations must have clear processes to capture, manage, and enforce customer consent across every channel. Without it, they risk facing compliance issues, damaging customer trust, or, on the flip side, missing out on valuable opportunities by limiting communication too much. 

Salesforce recognizes the growing importance of consent management and has invested significantly in developing a robust, flexible data model to support it. In this blog, we’ll explore the key features of Salesforce Consent Management and how they can be applied to real-world scenarios. But before we dive into the details, let’s look at a sample conversation between an agent from an organization called “Policy Hub” and one of their customers.

This sample conversation shows that consent management for customer communications is not simply a matter of “yes” or “no” to contact. Instead, it involves managing preferences with more granularity across multiple channels (such as phone and email) and different types of programs (like marketing campaigns and rate alerts). In this case, the customer has fully opted out of phone calls but has agreed to receive communications via email, but with specific conditions. Even within email communications, the customer has expressed a preference to receive rate alert emails, but has opted out of marketing emails.

Salesforce has identified the intricacies of consent management and has built a comprehensive consent management model that is capable of handling global consents as well as granular controls.

The Salesforce consent model is available in all editions. To enable consent model objects, navigate to Setup->Data Protection and Privacy, and ensure the below indicated setting is enabled.

‍

‍

Once this is enabled, you will be able to access all the consent management objects, and also a lookup field to Individual is automatically enabled on Lead, User, Contact, and Person Account objects.

Below is a sample Salesforce consent data model diagram. While there are many more objects, here we will cover only a subset of the objects essential to managing the communication consent of customers.

‍

‍

One significant aspect to note here is that these consent objects do not count against storage! Considering how Salesforce typically enforces strict storage policies, the free storage part is unusual, and this is perhaps a clear indication of Salesforce’s acknowledgement of the criticality of consent management and the large number of records that would be required to be created by organizations to effectively leverage their consent model.

Let’s go through each of these objects and see how they would be leveraged to manage consent for the Policy Hub use case we discussed earlier:

• Individual: This object typically represents the customer for whom the consent is being managed, in our case, Mr. George Thomas. All-or-nothing global-level consent settings are managed in the Individual objects, and there are multiple checkbox fields to record these consents.
• Contact Point Objects: The "ContactPointPhone", "ContactPointEmail", and "ContactPointAddress" objects represent the channels available to contact the customer. These objects are intended to store details specific to the communication channel, and not the consents or preferences of these contact points.
• Data Use Purpose: This indicates the reason or the program for which the customer has to be communicated. In our case, “Marketing” and “Rate Alerts” would be stored as Data Use Purpose records.
• Contact Point Type Consent: An individual’s consent to each data use purpose is stored here. In our case, the customer has completely opted out of all marketing-related communication, irrespective of the method of communication, which will be represented by a "ContactPointType" consent record with Individual=George Thomas, Data Use Purpose=Marketing, ContactPointType=Phone, PrivacyConsentStatus=Opt-Out.
• Contact Point Consent: This stores a more granular level of consent and represents the consent of each Contact Point to every Data Use Purpose. In our case, two sample records would be:
  
  • ContactPoint=gt123here@gmail.com, DataUsePurpose= Marketing, Privacy Consent Status=Opt-Out.
  • ContactPoint=gt123here@gmail.com, DataUsePurpose= Rate Alerts, Privacy Consent Status=Opt-In.

While they have a comprehensive data model at their disposal, organizations still need to capture and process consents. There is a managed package app available on App Exchange called Consent Capture - Flow Template from Salesforce Labs, which provides an intuitive wizard-based interface. It primarily consists of a flow template along with other components. The components can be used as is if they suffice your business needs. If not, since the source code is publicly available in this GitHub repository, it can be used as a good reference point for your own customizations. A sample process of leveraging the flow template for our use case is illustrated in snapshots below:

‍

‍

‍

‍

‍

‍

‍

‍

Salesforce has provided standard REST APIs that can be leveraged to create customer contact preferences. Let's create a new customer(Individual), the customer’s email(ContactPointEmail), and the customer’s contact preference for Marketing emails(ContactPointTypeConsent) with a single API call leveraging the Consent Write API.

‍

Through real-world scenarios, we’ve seen how nuanced customer preferences can be and how important it is to invest in a robust consent model. Salesforce’s consent model provides a flexible, scalable foundation to manage consent across multiple channels and purposes. With features like the Consent Capture managed package and the Consent REST APIs, organizations can implement a consent framework that is both user-friendly and regulation-ready.

Start small, but start now. The sooner you operationalize consent management in Salesforce, the sooner you unlock the benefits of compliant, respectful, and effective customer communication.

Too often, organizations see consent management as a burden and something that slows down communication. In reality, it’s an opportunity to listen, respect and connect as every customer choice tells you something valuable.

Consent management is the key to transforming compliance requirements into moments of connection. At Cloud Peritus, we know how to turn Salesforce’s tools into powerful systems that respect preferences and inspire trust. Let us help you build a communication framework that makes your customers feel valued, not just contacted.

Reach out to us for a quick free consultation on info@cloudperitus.com or check-out and avail our 5 year anniversary success guarantee offer HERE.