Skip to main content

Follow best practices to build trust

People need to share some personal information with you to get the most value from your services and products. If you do not follow best practices to build trust, people will hesitate to share data with you. Their user experience will suffer, and you may lose a customer.

High-profile data leaks and new privacy regulations have made consumers more aware of the privacy risks associated with data sharing. People are also becoming more cognizant of their own rights when it comes to their data.

Some caution and restraint when sharing personal data is wise. However, it does create challenges for legitimate companies that need to process their customers’ personal information with every transaction.

People may be especially reluctant to share sensitive data on new platforms/apps. Even if you have a well-established company, you still need to make people feel safe when sharing information on your website or app.

What can you do to let people know they can trust you with their data? We’ve created a list of 7 best practices to build trust.

7 data collection best practices to build trust as a company

1. Establish authenticity with strong tools and partnerships

With so many services available, potential users may struggle to tell the difference between websites and platforms that have real value and the frauds.

To stand apart from the crowd:

Try to partner with established companies

Make sure you align your practices with the latest data privacy regulations by choosing reliable privacy management software

Let people know about it by describing the safeguards you have in place in your policies

Add a privacy request portal to your website so users can see you respect their rights as data subjects

Request portal

2. Only collect data you need, explain why you need it + how you will keep it safe

Don’t leave people wondering why you are asking for their data or whether it is safe to share it with you. If you have an app, platform, or website that requires people to input their personal data, make sure you:

Sprinkle brief educational content throughout your onboarding

Include images, GIFs, videos and FAQs as visual aids

If possible, make helpful info and policies available in additional languages

Anticipate questions and doubts people might have about your data collection practices and answer them in-line

When people understand how your service works and why they can be sure it is safe, they will feel more comfortable inputting their data, and they will have a better experience overall.

Only ask for data as you need it

Let people start using your app without creating an account or entering their name and personal information. Then, when personal information is needed for a certain function, explain why you are asking for it.

Explain why you need each bit of data

Tell people why they will get more value by connecting their email

Acknowledge security concerns, and point out safety features

Provide a link to learn more about security. This could be a video, an article, or just a pop up.

When you introduce new features, make sure you explain why they are safe and secure. And if when you add features to improve security and privacy, make sure you tell people!

PrivacyWallet security

Want more free data privacy tips?

Get the latest data privacy management news, trends and expert tips delivered straight to your inbox.

    3. Ask for consent at the right time, in the right way

    Whether you are simply asking employees or customers for routine personal information by email or asking users to allow your app to see their location, getting consent before collecting data is a requirement under most data protection regulations. But how you do so can either put your users at ease or on edge. Here are a couple of tips:

    Make your consent messages brief and clear. A long, inscrutable consent form full of legal jargon could make users question what they are really signing up for.

    Don’t ask the user for permission to access data until you really need it. Asking your users for permission too early or for too many things at once are common mistakes that could cause users to back out.

    Did you know that you and your team could be collecting personal data without consent, without even being aware of it. Take email as an example. When communicating with customers and employees, it’s not unusual to ask for or receive personal and sensitive data without a second thought. How can you make sure proper consent is obtained before accepting personal data people send you by email?

    Use a data sharing service for email to create a secure email practice

    With a service for data sharing via email, you can make your Outlook/Microsoft accounts safe to share data. The service enables you to send or request data securely to/from anyone in the world. When requesting data, you can quickly create a secure data request form to include in the message you are composing. It will be sent along with the customized consent you’ve created so that each time someone sends data back to you it will automatically come with consent.

    You can also use a secure upload point to get consent before accepting data people share with you. Add them to your website, for example, on your careers page to receive CVs; to your email signature, or anywhere else to create a safe spot for people to drop their data off. They will always be prompted to give consent before uploading their data to your encrypted folder that no one else can access.

    4. Send notifications, keep documentation

    Notifications keep users in the loop, documentation keeps you compliant. Each time someone shares data with you, make sure they get a success message. The message can includes a reminder about your company’s security. If there are wait times, let them know why. If they have to take additional action, tell them.

    Setup a service to handle personal data requests

    A request manager service can automatically notify the person when their privacy request is received. This is a requirement under some regulations, and it keeps people informed at all stages of the response process. A request manager can send your team notifications too, to remind you when a request is due; and it documents everything to demonstrate compliance with privacy.

    5. Options and data minimization empower the user

    The easier it is to share data with you, the less frustration for the user. However, ease and speed of sharing must come with appropriate controls to show users they are still in charge of what they share at every step. Here is a few tips:

    When you collect data, divide it into mandatory and optional categories.

    When you do ask for additional information, educate your users about why adding this optional information will improve their experience. Then let them pick and choose what they are willing to share.

    Let people try your products without creating an account if possible, with minimal data collected to get started.

    Use automated data discovery to find all the sensitive data your company stores. Track and evaluate your processes, decide what kinds of data you really need to collect, make additional data collection optional, and eliminate data you no longer need.

    6. Involve users in the design process.

    Whenever a company or a person hands their data over to you in order to use your website/app/platform’s services, to a certain extent they may feel they are losing control of that data.

    If your users do experience fear related to sharing their sensitive personal data at any point when using your services, consider what might be causing them to hesitate.

    However, using your imagination will only get you so far. Following these best practices to build trust can help, but testing is required to determine with any certainty how real users react to each of your screens.

    Best practices to build trust include listening to user feedback

    7. Offer support and resources.

    Make it easy for people to find all the help and resources they may need in one place that can be accessed right from your website or app.

    Be sure to include details about your security (encryption, passwords, access tokens, servers, etc.) and about your privacy management strategies.

    HelpCenter

    Use a HelpCenter to let people instantly access self-service support and quick troubleshooting for all your products. This is also a space to provide plenty of additional security information.

    Of course, everything you do to reassure users that their data is safe with you should be backed up with a real, solid plan to protect the data. Then, support your plan with the best privacy management tools.

    Would you like to learn more about tools that make it easy to follow best practices to build trust in your customers and keep up with privacy regulations at the same time?

    Sebastian Allerelli

    Governance, risk, and compliance specialist