Industry Insights

Crownpeak Acquires Evidon for Compliance & Monitoring Tools

Crownpeak, the cloud-based Digital Experience Management (DXM) platform provider, announced that it has acquired Evidon, a privacy compliance company based in New York for a deal estimated to be worth $50 million. Evidon provides enterprise companies with patented, SaaS-based solutions for consent, monitoring, and compliance covering the digital ecosystem. The acquisition is expected to complement Crownpeak's platform by monitoring the complex digital marketing ecosystem to ensure control and transparency throughout the digital supply chain.

Speaking to CMS-Connected, Tim Vollman, CEO of Crownpeak, commented on what Evidon will bring to Crownpeak: "The addition of Evidon’s leading consent and monitoring products perfectly complement Crownpeak’s position in the industry, further scaling our expertise in digital governance. Many of our global customers, in particular those in highly regulated industries, are looking to automate the digital compliance process. With the addition on Evidon, we can now provide an end-to-end, solution by combining Evidon’s products into the Crownpeak digital experience platform.”

Considering the coming deadline for compliance with the EU's General Data Protection Regulation (GDPR) which takes effect in May 2018, there has lately been increasing interest in regulation technology companies. With this acquisition, Crownpeak will expand its Digital Quality Management offering as Evidon’s platform is adding new monitoring and consent solutions. On that note, Vollman told CMS-Connected: “Given the widespread anxiety among global companies facing a fast-approaching deadline for complying with the General Data Protection Regulation (GDPR), we believe Evidon’s solutions will help enhance the value of what Crownpeak offers." On top of the risk of facing a potential 4% fine of global revenues, when you also think of the fact that the average cost of a data breach is $4 million, and 70% of data breaches are caused by internal employees, Evidon’s patented consent and monitoring technology that Crownpeak is integrating to its platform is becoming essential for websites and applications to comply with privacy laws and programs around the world.

Industry’s First Commercial-Grade GDPR Solution

Evidon is known mostly as one of the organizations that issue licenses for Digital Advertising Alliances' AdChoices icon which is an answer to the Federal Trade Commission’s call for “clear and prominent notice” of targeted advertising. By clicking on the AdChoices icon, web users are directed to pages explaining behavioral targeting, with an option to opt-out of this kind on targeting. More importantly, the announcement of the acquisition came shortly after Evidon launched its Universal Consent Platform which the company bills it as the first unified solution to help organizations achieve compliance with both the European Union’s General Data Protection Regulation (GDPR) and evolving ePrivacy Regulation (ePr or “Cookie Law”).  The vendor also stated that beta code will be available in the third quarter of 2017, and production code will be available in January 2018. Here are some benefits of the Universal Consent Platform:

  • A layered, user-centric experience, empowering the user to choose between top-level such as the single acceptance and deep-dive information such as a drill down screen with individual consents on how their data is collected and used.

  • A simple and effective interface for exercising Personal Data Rights, such as the “Right to Be Forgotten”

  • Easy Integrations with middleware API’s and first-party data sets to achieve comprehensive transparency and user control

  • Robust insight into a company’s digital supply chain, essential for effective Privacy Impact Assessments and Vendor Governance

  • Single-tag implementation across platforms and geographies with language customizations in over 50 languages

For now, the target audience for the platform is content managers for mobile apps and desktop/mobile web sites, however, CEO and co-founder Scott Meyer told MarTech that his company is also looking at applying the platform to other devices, such as voice-based agents like Amazon’s Alexa or smart car dashboards. Competitors TrustArc and OneTrust also have GDPR offerings, Meyer noted, adding that his company has about 90 percent of market share for solutions offering compliance with the Cookie Law.

Digital Quality Management

As a provider of the only cloud-first DXM platform to feature built-in Digital Quality Management (DQM), Crownpeak has been doing a lot of work in terms of data quality management. The digital quality management capabilities were added to the platform through the acquisition of ActiveStandards but now DQM became one of the core services that comes with the product because the vendor sees policy compliance as crucial. Therefore, their offering ensures that all legally mandated content is present on their customers’ sites, including data protection, privacy policies, terms and conditions, intellectual property protection and corporate disclaimers while maintaining brand style and the editorial standards.

The days of single channel user engagement are long gone as we have seen a revolutionary change in how people interact with computers. Forrester estimates global organizations have an average of 256 digital touch points across their organization. Just even managing those touch points is not an easy task, let alone making sure to deliver compliant and consistent experiences across them.  Today, for instance, we, as consumers, are already obsessed with our mobile devices, while also slowly falling for conversational systems such as Amazon’s Echo Alexa, Google’s Home, Apple’s Sri and such – not to mention table stakes like social media, mobile apps, and wearables. With these many channels and devices available, it has become overwhelming for brands to be concerned about their ability to impose effective quality control across all its content touchpoints. On top of these, now most of them are also tasked with addressing GDPR obligations. Gartner predicts that by the end of 2018, more than 50 percent of companies affected by the GDPR will not be in full compliance with its requirements. When we put all of these together, Crownpeak’s focus with its Digital Quality Management platform is helping its customer ensure multi channel compliance with quality and compliance requirements and rules.


Whether it’s GDPR, PIPEDA, ePrivacy Directive or AdChoices, digital businesses must keep their sites, apps, and ads in compliance with complex and ever-changing privacy laws and programs across the world. Tomorrow’s survivors will be the ones who empower their customers with their personal information, provide an access to the information they hold about them and are specific on how they use the data. Therefore, after the acquisition of ActiveStandards back in 2016, Crownpeak’s new investment in the Digital Governance space will provide its current customers with a competitive edge. After all, regardless of what the GDPR dictates, there is an obvious correlation between greater revenues and consumer trust. From the business perspective of the acquisition, though, Crownpeak’s customer base will reach to more than 500 enterprises.

On the other hand, according to Forrester, 77 percent of consumers have chosen, recommended, or paid more for a brand that provides a personalized service or experience so the real question is how do businesses get consent without destroying the user experience?

Venus Tamturk

Venus Tamturk

Venus is the Media Reporter for CMS-Connected, with one of her tasks to write thorough articles by creating the most up-to-date and engaging content using B2B digital marketing. She enjoys increasing brand equity and conversion through the strategic use of social media channels and integrated media marketing plans.

Featured Case Studies