Who Owns Your Customer Data?
The tech and service-ops decisions — data ownership, storefront, fulfillment — behind a durable US presence.
You own your customer data only when the durable first-party record — email, consent status, full order history — lives in a database whose credentials you control, not a distributor's account, a marketplace's wall, or an agency's login you cannot export. At the DTC-Amazon-retail seam, whoever holds that record holds the brand's future. Most market-entry arrangements quietly take it from you.
This is the question underneath every other decision in your US operating stack. Not "which email tool" or "which 3PL" — those are downstream. The real question: when a US consumer buys your alcohol-free aperitif for the first time, does a record you own come out the other side? For most European brands, the honest answer at launch is no — and by the time they notice, the audience they paid to acquire belongs to someone else.
Nick saw both sides of this at Boisson. As the largest US non-alcoholic retailer, Boisson was the channel sitting between hundreds of brands and their drinkers. He watched which brands treated that relationship as a data-capture opportunity and which treated it as a sale — and, years later, which of them still had a business when a channel shifted underneath them. The ones that kept their customer kept their future. This guide is the map of how they did it.
Key Takeaways
- Data ownership is a control question, not a tooling question. You own the record only if you hold admin credentials to the database and can export every customer on demand. Access is not ownership (Avenor operating thesis).
- Amazon does not give you your customers. The marketplace owns the buyer relationship and hands back anonymised order data; direct marketing to Amazon buyers requires opt-in through a channel you control (Amazon Seller policy).
- Wholesale builds volume, not audience. In distributor-and-retailer sell-through the end drinker never transacts with you, so no first-party record reaches you unless you engineer a capture point on-pack or at sampling.
- DTC-first is the audience-ownership strategy. Online non-alcoholic sales grew roughly 208% year-over-year (Pinky Beverages), and a direct store is the one channel where you own the record by default.
- GDPR discipline is a US advantage. An EU-compliant consent-and-export stack clears CCPA/CPRA and the newer state acts with margin — the work is adapting opt-out mechanics, not rebuilding (California Privacy Protection Agency).
- The riskiest clause is the one you skip reading. In whose name the Shopify, Klaviyo, and ad accounts are registered decides who owns the audience if the partnership ends (Avenor launch practice).
- Owned audience is what recurring revenue is built on. You cannot run subscription or repeat-purchase economics against customers whose contact details you do not hold.
Table of Contents
- What does it mean to "own" your customer data?
- Where does customer data leak in a US launch?
- Why does this matter more for a European brand?
- Which operating-stack decisions protect ownership?
- The consent layer: running one record across two jurisdictions
- What this pillar covers
- FAQ
What does it mean to "own" your customer data?
Ownership means the durable first-party record — email, consent, order history, shipping address — sits in a database whose admin credentials you hold, and that you can export in full to any other tool tomorrow. Anything short of that is access, which a vendor can revoke, price up, or wall off the moment your interests diverge from theirs.
The distinction sounds pedantic until it costs you a business. Three things must be true at once for a record to be genuinely owned:
| Test | Owned | Merely accessed |
|---|---|---|
| Credentials | You hold the admin login to the account | A partner or agency holds admin; you have a user seat |
| Export | You can download the full customer list, unmasked, on demand | You can view but not export, or export is contractually restricted |
| Consent | The opt-in record travels with the profile and is portable | Consent lives in a platform you cannot leave with the data |
Most founders assume they pass all three because they "have a Shopify store." But if that store was opened in a partner's name, or the Klaviyo list is administered by an agency whose contract does not grant export, the founder holds a seat, not the keys. It surfaces at the worst time: a partnership sours, a fee negotiation turns hostile, and the audience you spent six figures acquiring is behind a login you do not control.
The mental model every serious DTC operator uses: your owned audience is the only asset that survives a channel shift. Platforms change algorithms, marketplaces change fees, distributors get acquired. The email list, the consent record, and the purchase history are the compounding asset — the through-line that lets you relaunch on a new channel without starting from zero. We treat that asset as the real point of a US launch in Owned Audience and Recurring Revenue for Non-Alcoholic Brands.
Where does customer data leak in a US launch?
Customer data leaks at three predictable seams: the distributor account that captures the wholesale buyer instead of you, Amazon's customer wall that returns anonymised orders, and marketplace or agency intermediation where the login sits in someone else's name. Each seam is invisible until you try to remarket to customers you assumed were yours.
These are not exotic failure modes — they are the default outcome of the most common US entry structures, each leaking in a different way.
Does a US distributor capture the customer instead of you?
Yes — in the wholesale model the end drinker transacts with a retailer, who bought from a distributor, who bought from you. Three parties sit between your brand and the person drinking it, and none of them is contractually obliged to pass a first-party record back up the chain. Wholesale builds shelf presence and volume; it does not, on its own, build an audience you can email.
This is the structural reality of US beverage distribution. Even where sub-0.5% ABV products sit outside the formal three-tier alcohol system, the sell-through pattern is the same: producer to distributor to retailer to drinker. The distributor owns their retail relationships; the retailer owns their shopper data. You get depletion reports and reorders — how much sold, never who bought. To recover a first-party record from wholesale you must engineer one deliberately (an on-pack QR to a registration hub, a sampling program with email capture, a loyalty tie-in), and even then capture rates are a fraction of DTC.
Why doesn't Amazon give you your customers?
Because the buyer is Amazon's customer, not yours. Amazon returns order data with the contact details masked or omitted, and its policies prohibit using order information to contact buyers for marketing outside Amazon's own channels. You can sell enormous volume on Amazon and finish the quarter with almost no owned audience to show for it.
Amazon is best understood as paid discovery with high intent and zero brand loyalty — a consumer searching "non-alcoholic gin" is ready to buy but has no allegiance yet. The strategic error is treating Amazon revenue as equivalent to DTC revenue. It is not: one builds an asset you own, the other rents you a transaction. The fix is a hand-off — an insert, a QR to a first-purchase offer, a freshness registration — that migrates the Amazon buyer into a channel where you own the record. We treat Amazon as a discovery layer that must feed owned capture, a distinction developed in How to Launch a Non-Alcoholic Beverage Brand in the US.
How does agency and marketplace intermediation quietly take ownership?
Through account registration. When an agency or market-entry partner opens the Shopify store, the Klaviyo account, or the Meta and Google ad accounts in their name for convenience, they become the legal account holder. Your customer list, pixel data, and ad-learning all accumulate inside logins you do not control — and recovering them at the end of the relationship ranges from awkward to impossible.
This is the most avoidable leak and the one founders discover latest, because everything works fine while the relationship is good. The damage only appears at separation. The safeguard is boring and non-negotiable: every revenue-critical account is registered to your entity, with you as the admin, before a single dollar of spend or a single customer flows through it. An agency should hold a user seat you can revoke — never the keys.
Why does this matter more for a European brand?
Because you are entering the US from a standing start, with no local sales team, no existing retail relationships, and a launch budget you cannot afford to spend building an audience that ends up owned by someone else. For a European brand the owned first-party record is not just an asset — it is the only piece of the US operation that is unambiguously, portably yours from day one.
An established US brand has other equity to fall back on: broker relationships, shelf history, regional loyalty. A newly landed European brand has none of that — only whatever it can capture directly. That raises the stakes on every leak above, and it meets two European-specific realities.
First, distance amplifies dependence. Operating the US from Paris, London, or Copenhagen, you lean harder on partners on the ground — a 3PL, an agency, a market-entry firm. Each is a potential account-registration leak, and you are less able to spot a problem forming from four thousand miles and six time zones away. Make ownership explicit in every contract before signing, rather than policing it after.
Second — the quiet advantage — your GDPR-native habits are worth more in the US than most European founders realise. Explicit consent, documented lawful basis, data minimisation, and export-on-demand are already baked into how a compliant EU brand operates. That discipline clears the US state-privacy bar with room to spare, and it means the record you capture is clean: consented, portable, durable. The brands that struggle treat US launch as a reason to abandon EU rigour. Keep it — it is a moat. The full operating-and-finance context sits in Non-Alcoholic Brand US Operations and Finance.
Which operating-stack decisions protect ownership?
Four decisions, made before launch, determine whether you keep your customer: register every revenue account to your own entity, make DTC the channel where the owned record is created by default, engineer a capture hand-off from every borrowed channel, and write export rights into every partner contract. Get these right at setup and ownership takes care of itself; get them wrong and no amount of later effort fully recovers the leaked audience.
Here is how the decisions map to the stack you will actually build:
| Decision | The wrong default | The ownership-protecting choice |
|---|---|---|
| Account registration | Partner opens accounts in their name "to move faster" | Every account registered to your US entity, you as admin |
| Channel priority | Wholesale or Amazon first for fast volume | DTC first to establish an owned record, then expand |
| Borrowed-channel capture | Treat Amazon and retail as terminal sales | On-pack QR, inserts, sampling capture that migrate buyers to owned |
| Contract terms | Sign the standard agency or partner MSA as-is | Explicit export rights, admin access, and data-return-on-exit clauses |
| Data architecture | A pile of disconnected tools per channel | One unified profile store you control (Shopify + Klaviyo, or a CDP) |
The DTC decision is the load-bearing one. Direct-to-consumer is the single channel where you own the record by default — no intermediary to negotiate it back from. It is also, not coincidentally, the fastest-growing channel in the category: online non-alcoholic sales grew roughly 208% year-over-year (Pinky Beverages). Building DTC first is both a demand-proving strategy and the audience-ownership strategy. The mechanics — Shopify as foundation, Klaviyo as the owned-record system — are in Building the DTC Stack for a Non-Alcoholic Brand and How Shopify Works for Beverage Brands.
Once the record exists, retention turns it into recurring revenue — flows and lifecycle sequences that only work because you hold the contact details, covered in Email and SMS Retention for Non-Alcoholic Brands. And acquisition spend must run through ad accounts registered to you, or you leak the pixel-learning too — the angle threads through Paid Acquisition for Non-Alcoholic Beverages: Meta and Google.
The consent layer: running one record across two jurisdictions
Owning the data is only half the job; owning it compliantly across two legal regimes is the other half. A European brand selling into the US operates under both GDPR for EU residents and a growing patchwork of US state privacy laws — and the trap is running two disconnected consent silos instead of one portable record that satisfies both.
The good news is directional: GDPR is the stricter regime, so an EU-compliant foundation generally clears US requirements. The California Consumer Privacy Act as amended by the CPRA, plus the newer state acts, lean on an opt-out model — the consumer can demand you stop selling or sharing their data — where GDPR uses opt-in. A stack built for opt-in consent already exceeds the opt-out bar; what changes is the mechanics you expose to the user.
| Dimension | EU (GDPR) | US (CCPA/CPRA and state acts) |
|---|---|---|
| Consent model | Opt-in required before processing | Opt-out; "Do Not Sell or Share My Personal Information" |
| Cookie banner | Prior consent, granular categories | Notice plus opt-out mechanism, honour Global Privacy Control |
| Core rights | Access, rectification, erasure, portability | Know, delete, correct, opt out of sale/share |
| Practical posture | Strictest baseline | Generally satisfied by a GDPR-grade stack |
The operational goal is one consent record per customer that carries its jurisdiction and its opt-in/opt-out state with it — so the same profile behaves correctly whether the person is in Lyon or Los Angeles. Running two silos guarantees drift, and drift is where compliance failures and lost records both live. The cookie-and-consent mechanics, banner by banner, are the subject of the dedicated spoke below.
What this pillar covers
This cornerstone is the thesis for the US operating stack: control the customer relationship or forfeit the brand's future. The spoke guides below go deep on each decision the thesis implies. Where a guide is not yet published, the link is marked and will resolve as the pillar fills in.
- CDP vs Klaviyo for Alcohol-Free Brands — when a well-configured Klaviyo is enough to hold your unified record, and when channel sprawl means you have outgrown it and need a dedicated customer data platform. [INTERNAL-LINK-TBD: cdp-vs-klaviyo-alcohol-free-brands]
- The Shopify App Stack for a Beverage Brand — the apps that layer onto Shopify for subscriptions, reviews, and loyalty without fragmenting the customer profile across a dozen disconnected databases. [INTERNAL-LINK-TBD: shopify-app-stack-beverage-brand]
- Cookie Consent: US vs EU for Beverage DTC — the banner, the Global Privacy Control signal, and the single-record consent architecture that keeps one profile compliant on both sides of the Atlantic. [INTERNAL-LINK-TBD: cookie-consent-us-vs-eu-beverage-dtc]
- A 3PL Rate Card, Torn Down — how your fulfilment partner touches the customer record at the shipping-and-returns seam, and the line items that decide whether that data flows back to you. [INTERNAL-LINK-TBD: 3pl-rate-card-beverage-teardown]
- Ocean vs Air Freight for Imported Beverages — the landed-cost and lead-time trade-off that sets how fast you can restock, which in turn sets how confidently you can run the acquisition that fills your owned audience. [INTERNAL-LINK-TBD: ocean-vs-air-freight-imported-beverages]
The pillar sits underneath the broader strategy in Owned Audience and Recurring Revenue for Non-Alcoholic Brands, and connects to the finance and operations reality of running the US from abroad in Non-Alcoholic Brand US Operations and Finance.
FAQ
What does it actually mean to own your customer data?
Ownership means the first-party record — email, consent, full order history — sits in a database whose admin credentials you hold and can export to any tool. If it lives inside a distributor's account, a marketplace, or an agency login you cannot export, you have access, not ownership. The test: could you leave that vendor tomorrow and take every customer with you?
Does Amazon give me my customers' contact details?
No. Amazon owns the buyer relationship and returns anonymised order data — at most a masked contact for logistics. You cannot market to Amazon buyers without their opt-in through your own channel. Treat Amazon as paid discovery that must hand off to an owned capture point, or the customer is Amazon's.
If a US distributor sells my brand, whose customer is the drinker?
The distributor's, then the retailer's. The end drinker never transacts with you, so no first-party record reaches you unless you engineer one — on-pack QR, sampling capture, a loyalty tie-in. Wholesale builds volume and shelf presence; it does not build an audience you can remarket to. That is why DTC-first exists.
We are GDPR-native in Europe. Does that help or hurt in the US?
It helps. GDPR discipline — explicit consent, documented lawful basis, export on demand — is stricter than most US state laws, so a compliant EU stack clears CCPA/CPRA and the newer state acts with room to spare. The work is adapting mechanics (US opt-out versus EU opt-in) and running one consent record across both jurisdictions, not two silos.
What is a CDP and do we need one at launch?
A customer data platform unifies every first-party signal into one profile you control. Most brands do not need a standalone CDP at launch — a well-configured Shopify plus Klaviyo already holds the unified record. You graduate to a dedicated CDP when channels multiply past what an email platform can stitch, a trade-off covered in the CDP-versus-Klaviyo guide above.
Who owns the data if a market-entry partner runs our US launch?
You should — and the contract must say so. Ask three questions before signing any partner or agency: In whose name are the Shopify, Klaviyo, and ad accounts registered? Can you export the full customer list on 30 days' notice? Do you keep admin, not just user, access? If any answer is no, you are renting your own audience.
In our Boisson years, the brands that made us nervous were the ones treating a strong retail placement as the finish line. A national chain slot feels like arrival — until the reorder softens, or the category reset drops you, and there is no owned audience to pivot to because every drinker you sold to belonged to the retailer. The brands we watched last were unglamorous about it: they captured emails at every sampling, ran a real DTC store next to the wholesale push, and could name their best customers. When a channel moved, they moved with it. That is the whole game, and it is a setup decision, not a rescue.
Written by Nick Bodkins, co-founder of Avenor, the US market-entry partner for overseas non-alcoholic beverage brands. Nick previously founded Boisson, the largest US non-alcoholic retail and e-commerce platform. Connect on LinkedIn.
- What does it actually mean to own your customer data?
- Ownership means the durable first-party record — email, consent status, full order history, address — sits in a database whose admin credentials you hold, portable to any tool. If the record lives inside a distributor's account, a marketplace, or an agency's login you cannot export, you have access, not ownership. The test is simple: could you leave that vendor tomorrow and take every customer with you?
- Does Amazon give me my customers' contact details?
- No. Amazon owns the transaction and the buyer relationship. You receive anonymised order data and, in some programs, a masked contact for logistics only. You cannot email Amazon buyers directly for marketing without their opt-in through your own channel. Treat Amazon as paid discovery that must hand off to an owned capture point — an insert, a QR code, a warranty registration — or the customer is Amazon's, not yours.
- If a US distributor sells my brand, whose customer is the drinker?
- The distributor's, and then the retailer's. In the three-tier-adjacent wholesale model the end drinker never transacts with you, so no first-party record reaches you unless you engineer one — on-pack QR, sampling capture, a loyalty tie-in. Wholesale builds volume and shelf presence; it does not build an audience you can remarket to. That is why DTC-first exists.
- We are GDPR-native in Europe. Does that help or hurt in the US?
- It helps. GDPR discipline — explicit consent, a documented lawful basis, data minimisation, export on demand — is stricter than most US state laws, so a compliant EU stack clears CCPA/CPRA and the newer state privacy acts with room to spare. The work is adjusting mechanics (US opt-out banners differ from EU opt-in) and running one consent record across both jurisdictions rather than two silos.
- What is a CDP and do we need one at launch?
- A customer data platform unifies every first-party signal — web, email, Amazon hand-off, retail sampling, subscription — into one profile you control. Most brands do not need a standalone CDP at launch; a well-configured Shopify plus Klaviyo already holds the unified record. You graduate to a dedicated CDP when channels multiply past what an email platform can stitch. We cover the trade-off in the CDP-versus-Klaviyo guide.
- Who owns the data if a market-entry partner runs our US launch?
- You should — and the contract must say so in writing. Ask three questions before signing any partner or agency: In whose name are the Shopify, Klaviyo, and ad accounts registered? Can you export the full customer list on 30 days' notice? Do you keep admin, not just user, access? If the honest answer to any is no, you are renting your own audience.