Is it any surprise that two in three consumers don't trust companies with their data?

After years of breaches, abuses and accidents, 68 percent of adults surveyed in the U.S. and the U.K. told identity management firm Gigya that they're concerned with how companies manage their personal information.

Unsurprisingly, data incidents take a toll on customer loyalty. Security firm Gemalto found last November that 70 percent of consumers would stop doing business with a company that suffered a breach. For most people, the security of their personal data is too important for second chances. 

Firms that follow a few simple rules not only reduce the risk of losing loyal customers; they actually stand out on the basis of better data management.

1. Don't overreach.

Who hasn't downloaded a weather app that suspiciously asks for access to the phone's contacts? While 86 percent of U.S. and U.K. marketers try to collect everything they can about their customers, the dirty secret is that between 60 and 73 percent of data gathered by enterprises never makes it into an analytics feed. 

Ben Cockerell, vice president of marketing at declared data platform Jebbit, argues that marketers' "everything and the kitchen sink" approach risks compromising their customer experience. "Marketers have been hoarding data to find what might be useful, instead of directly collecting what they probably know is most valuable," Cockerell says. "In an era of data breach and misuse, this has to change." 

To promote that change, Jebbit has developed a Consumer Data Trust Index revealing which brands are the most credible based on 10,000 survey responses from U.S. consumers. Brands that top the list, like Visa and Amazon, do collect consumer data, but they limit themselves to information needed to provide more personalized service. 

2. Show that you're serious about security.

To earn consumers' trust, don't just put data security controls in place; share them with the wider world. "You already have a website, so use it to educate people on your security measures," suggests Brad Thies, data security expert and principal at Barr Advisory. "You don't have to give away the recipe to your secret sauce, but do pull together a whitepaper outlining your services and tying them to best practices."

To protect cloud data, Thies suggests a four-pronged approach. First, multifactor authentication prevents breaches by requiring would-be hackers to obtain not just a password, but also a phone or token device. Second, patch management systems stop malware from exploiting known vulnerabilities in software. Third, personalized credentials help companies hold employees accountable for breaches their behaviors may have enabled. Finally, master key safeguards ensure that the decryption key doesn't fall into the wrong hands.

3. Never share or sell data without consent.

This past June, Apple changed its App Store rules to crack down on a tactic that marketers have used for years: sharing or selling the data of friends or contacts of the person who provided it without those peers' permission. The practice is what previously put Facebook into the national spotlight when a contributing developer surreptitiously gave data on millions of Facebook users to political consulting firm Cambridge Analytica. 

Although companies that sell users' data may technically have sought their permission, users don't always see it that way. "I suspected this stuff was going on, but this is the first time it's been plainly exposed," filmmaker Richard Perry told The New York Times shortly after Facebook's data-sharing scandal broke. "It seems so malicious, and Facebook seems so complicit all the way up and down, like it doesn't care about its users."

4. Make it worth their while.

Just because consumers don't want to share all their data, however, doesn't mean they can't be convinced to share some of it. A Deloitte study found that 79 percent of respondents were willing to share certain data if it clearly benefited them. Consumers reward brands for delivering personalized experiences, which must be built around personal data.

"Collecting consumer data helps [brands] know each customer more individually and treat them that way," Jeff Tanner, director of Baylor University's "Business Collaboratory" and professor of marketing, said. Companies that do so can "craft offers that increase purchase rates at higher margins while also delivering better value to the customers because they're getting things they want," he explains.

Companies that deal in consumer data have a special obligation to their users. A carelessly exposed bank account isn't the same as a product defect: Only one has the potential to ruin someone's financial life or lead to legal trouble. Consumers don't want to deal with companies that take information of that weight without asking, without reason or without delivering value in return. Frankly, can you blame them?