Data collection and trust
Most people know that they need to share some personal information with you to get the most value from your services and products. However, high-profile data leaks and new privacy regulations have made consumers more aware of the privacy risks associated with data sharing, and more cognizant of their own rights when it comes to their data. They may be especially reluctant to share sensitive data on new platforms/apps.
Some caution is certainly justified, but it creates challenges for legitimate companies that need to process their customers’ personal information with every transaction. Even if you have a well-established company, you still need to make people feel safe when sharing information on your website or app. If people hesitate to share data with you, their user experience may suffer, and you may lose a customer.
What can you do to let people know they can trust you with their data?
Here are 7 best practices to build trust as a company:
1. Establish authenticity with strong tools and partnerships
With so many services available, potential users may struggle to tell the difference between websites and platforms that have real value and the frauds.
To stand apart from the crowd:
Try to partner with established companies
Make sure you align your practices with the latest data privacy regulations by choosing reliable privacy management software
Let people know about it by describing the safeguards you have in place in your policies
Add a privacy request portal to your website so users can see you respect their rights as data subjects
2. Educate and inform users about security and new features
We love innovation, but without a proper introduction, your novel concept may send some skittish users retreating back to the familiar. When people understand how your service works and why they can be sure it is safe, they will be happy to use it and feel more comfortable inputting their data when needed. Make sure you:
Sprinkle brief educational content throughout your onboarding
Include images, GIFs, videos and FAQs as visual aids
If possible, make helpful info and policies available in additional languages
Anticipate questions and doubts people might have about your data collection practices and answer them in-line
An example from our PIM app:
PrivacyWallet users can start using the app without creating an account or entering their name and personal information, but to find companies that have their data, they must connect an email address.
How can people be sure it is safe?
We show them why they will get more value from PrivacyWallet by connecting their email
We acknowledge security concerns, and point out the PrivacyWallet’s safety features
We provide a link to learn more about security (this could be a video, an article, or just a pop up)
How we highlight new security features
This year we introduced an ultra-private, zero-knowledge environment. Zero access = 100% privacy for the user because no one else can access their personal data from the app.
We’re proud of our security, and we take every opportunity to educate our users about it. Has your company implemented new security and compliance measures that you can share with users before asking them to input their personal data?
3. Ask for consent at the right time, in the right way
Whether you are simply asking employees or customers for routine personal information by email or asking users to allow your app to see their location, getting consent before collecting data is a requirement under most data protection regulations. But how you do so can either put your users at ease or on edge.
Here are a couple of tips:
Make your consent messages brief and clear. A long, inscrutable consent form full of legal jargon could make users question what they are really signing up for.
Don’t ask the user for permission to access data until you really need it. Asking your users for permission too early or for too many things at once are common mistakes that could cause users to back out.
Did you know?
You and your team could be collecting personal data without consent, without even being aware of it.
Take email as an example. When communicating with customers and employees, it’s not unusual to ask for or receive personal and sensitive data without a second thought.
How can you make sure proper consent is obtained before accepting personal data people send you by email?
Our secure email data sharing add-in for Outlook/Microsoft accounts with customizable consent forms. You can open it in a new message anytime to send or request data securely to/from anyone in the world. When requesting data, you can quickly create a secure data request form to include in the message you are composing. It will be sent along with the customized consent you’ve created so that each time someone sends data back to you it will automatically come with consent.
You can also use TrustedLinks to get consent before accepting data people share with you. Add them to your website, for example, on your careers page to receive CVs; to your email signature, or anywhere else to create a safe spot for people to drop their data off. They will always be prompted to give consent before uploading their data to a TrustedLink encrypted folder that no one else can access.
4. Send notifications, keep documentation
Notifications keep users in the loop, documentation keeps you compliant.
People want to know they are on the right track. Each time someone shares data with you, make sure they get a success message that includes a reminder about your company’s security. If there are wait times, let them know why. If they have to take additional action, tell them.
Our request manager. It automatically notifies a person when their privacy request is received (a requirement under some regulations) and keeps them informed at all stages of the response process. It sends your team notifications too, to remind you when a request is due; and it documents everything to demonstrate compliance with privacy.
5. Options and data minimization empower the user
The easier it is to share data with you, the less frustration for the user. However, ease and speed of sharing must come with appropriate controls that show your users they are still in charge of what is shared at every step.
When you collect data, divide it into mandatory and optional categories.
When you do ask for additional information, educate your users about why adding this optional information will improve their experience, then let them pick and choose what they are willing to share.
Let people try your products without creating an account if possible, with minimal data collected to get started.
Use DataMapper to find all the sensitive data your company stores. Track and evaluate your processes, decide what kinds of data you really need to collect, make additional data collection optional, and eliminate data you no longer need.
6. Involve users in the design process
Whenever a company or a person hands their data over to you in order to use your website/app/platform’s services, to a certain extent they may feel they are losing control of that data.
If your users do experience fear related to sharing their sensitive personal data (or sensitive company data) at any point when using your services, your team should consider what might be causing them to hesitate.
However, using your imagination will only get you so far. Testing is required to determine with any certainty how real users react to each of your screens.
7. Offer support and resources
Make it easy for people to find all the help and resources they may need in one place that can be accessed right from your website or app.
Be sure to include details about your security (encryption, passwords, access tokens, servers, etc.) and about your privacy management strategies.
We use our HelpCenter to let people instantly access self-service support and quick troubleshooting for all our products. This is also a space where we provide plenty of additional security information.
Of course, everything you do to reassure users that their data is safe with you should be backed up with a real, solid plan to protect the data, and supported by the best of privacy management tools.
Would you like to learn more about tools that can help you keep up with current privacy regulations and earn the trust of your customers at the same time?