• Blog
  • Nov 30, 2021
  • By Cam Sivesind
First-, Second-, and Third-Party Data: It’s All Good Data, Right? Riiiight?

All data is not created equal, so it’s important to base your MarTech strategy on a compliant-focused, first-party data approach

The famous Abbott & Costello skit of “Who’s on First?” is hilarious, and it makes fun of the confusion caused when a fictional baseball team has a player named “Who” on first base, “What” on second base, and “I don’t know” on third base.

“Who is on third base?”

“I don’t know!”

“Wait, who’s on second?”

“No, who’s on first!”


“What’s on second!”

Surprisingly, the confusion and frustration that overcomes the questioning Costello is similar to what some marketers – and certainly many consumers – feel when the topic of first-, second-, and third-party data is brought up when it comes to marketing analytics and what types of data meets stiffening consumer privacy requirements.

Knowing the difference is no laughing matter. Before diving into defining each party’s data distinction, know that focusing on first-party data is the only surefire approach to keep your customers’ data compliant with regulator, browser, and enterprises’ own privacy and data governance policies.

From Worst to First

To fully understand the differences in each data type, we’ll start at the bottom – with third-party data, which is the “least privacy-compliant” when it comes to collecting and managing consumer data. Then we’ll work our way up through second-party data, followed by the most privacy-compliant type of data that can be gathered: first-party.

It should be noted that “privacy-compliant” does not always equal “safer” or “better,” at least when it comes to data enhancement and additional details on consumers and customers that can increase marketing effectiveness. But a lot can be done to safely gather trustworthy first-party data via identity graphing and other analytics tools.

Data Clean Rooms (DCRs) is a fairly new term. DCRS allow IT teams to house and make available the We’d be remiss to not bring up Data Clean Rooms (DCRs), which allow IT teams to house and make available the anonymous and first-party data needed to drive analytic software. DCRs are a topic for a separate article, but it should be pointed out they are a solution that allow IT departments to fully control data governance according to corporate policy while also enabling full analytic access through SaaS applications. 

Here’s our breakdown of first-, second-, and third-party data, and more:

Third-Party Data

Third-party data is any information collected by an entity that does not have a direct relationship with the person from whom the data is being collected. Typically, third-party data is collected from a variety of websites and digital platforms. That conglomeration of data is then aggregated by a third-party data provider to build a customer profile. Types of info: income level, gender, household data.

Third-party data is often referred to as data collected through third-party cookies, those digital web browser crumbs that leave a trail from the consumer to a website or brick-and-mortar store where they become customers by making a purchase. Those third-party cookies are what browsers and regulators are further restricting in an effort to protect consumer privacy.

Pros of third-party data: More data always adds value, so having access to additional data points that first- and second-party data can’t offer alone is a good thing. For now, third-party data can be purchased from a vendor that aggregates such data and it can help marketers reach a broader audience as well as likely prospects and potential new customers.

Example: A credit union branch seeks more customers to sign up for loans, savings, and/or checking accounts. With first-party data, it has access to consumers who have visited its website and opted to share their personal information with the credit union. By adding in third-party data to its analysis, the credit union could reach a broader population and target people who had recently searched for banks or credit unions within its zip code. This “scalability” from purchased third-party data can add a more detailed look into the target audience and expand its marketing reach.

Cons of third-party data: Regulators are clamping down on the use of third-party data in the name of consumer privacy and protection; and browsers are on board through discontinuing the use of third-party cookies. Safari and Firefox already limit their use, and Google plans to deprecate third-party cookies through its Chrome browser by the end of 2023. The above example of syncing third-party audience data with first-party data collected by the credit union will likely go away completely.

Second-Party Data

Second-party data is defined as data that users are not providing directly to a brand or business; rather the marketer is obtaining that data through a relationship with a partner business. The data is typically unique to the business capturing it from the secondhand party, as it is not readily available or applicable to other advertisers. But the data does not officially belong to the end-use business as they did not gather it directly from the consumer. This information truly is “second hand,” coming from various sources owned by the partner providing it. Types of info: partner purchases and site visits, shared IDs, ad exposure.

Pros of second-party data: Like third-party data, second-party data can enhance a company’s first-party data, including additional demographic, purchase history, website visits, time spent on websites, and more. Again, more data equals more-refined detail on customers or potential customers. In addition, the blend of first-party and second-party data can provide inspiration for creative, personalized campaigns that effectively target a focused interest group.

Example: If a winery is seeking to grow its wine club membership, purchasing customer data from a sister winery or from a wine publication – data that is first-party to the sister winery and wine publication, but second-party to the winery purchasing that customer data – can help identify additional wine enthusiasts who are likely interested in joining a new wine club.

Cons of second-party data: A company can control the quality of the data it collects as first-party data, but it cannot control the accuracy of the data collected second-hand through a partner or publisher selling the data. There is also no guarantee the data was collected ethically and meets the same standards of consumer privacy the company purchasing the data may have – and that regulators may require.

First-Party Data

First-party data is information that a company collects directly from its customers, site visitors, and social media followers – essentially anyone who left a direct footprint on their business doorstep and consented to providing their information. This type of data means the advertiser collected the data firsthand to use for retargeting, including data within a CRM, subscription data, social data, customer survey or feedback information, and data from actions made or interests expressed across a company website or app. Types of data: IP address, pages visited, anonymous IDs.

Pros of first-party data: First-party data is collected by a company or brand directly from its customers, so these are THE people the company is reaching and wants to reach more of. This data is most reliable. By making purchases, customers have established a degree of trust in their relationship with a brand, making them more willing to opt-in to future offers. From this data, marketers can retarget and nurture their existing customer base, as well as learn what characteristics its current customers have that can help with future marketing to new prospects. When a brand adds new products, it can serve up ads to its existing customers to entice them to buy more.

Example: A customized T-shirt business sells two shirts with funny sayings to a customer, logging that customer’s contact information in its CRM. As it adds more shirt designs with similar types of humor, it can target (retarget) marketing to that customer; or serve up ads on sites it knows that customer visited, hoping to catch the eye of consumers with similar likes and interests.

Cons of first-party data: The cons are limited. A company is collecting data directly from people who are interacting with them and made a purchase, showing enough trust to convert. If there is a negative, it could be that marketers can abuse that trust and over retarget or reach out too often to garner feedback and reviews, pitch additional products, or encourage a bit too strongly to “buy again.” Another limitation is that, without additional third- or second-party data, the scalability and extended audience reach is not as expansive.

Zero-Party Data

Another term added to the mix is “zero-party” data. It is defined as data that a customer willingly, and with proactive intent, shares with a business. Types of data: name, email address, order information.

Zero-party data is often used interchangeably with first-party data. The subtle difference is that zero-party data is indeed shared intentionally by customers via purchase intentions, personal context, communication preferences, and how the customer wants a brand to recognize them.

This entire topic of “first-, second-, or third-party data” is very applicable today because of the increased regulations coming from government and browser providers. At LeadsRx, we have made a conscious effort since our inception in 2015 to operate in a first-party data ecosystem. It’s the right thing to do, and we believe this approach will serve marketers AND customers well today and into the future.