Who doesn't know it? On every website on the WWW, you get annoyed over and over again with cookie settings: “Would you like to share your personal data to improve our offerings? Or do you just want to allow the necessary cookies? “This is annoying and users usually try to quickly click through the settings because they actually wanted to read or shop.
Of course, the operators of the websites do not want to scare off their customers, but they have no choice by law. Large companies are faced with further challenges. In addition to the settings for their websites, companies also keep personal data in connection with their services and products. Companies must therefore offer additional options for their customers to get an overview of exactly what data they use for what purpose. You are required by law to give the customer the opportunity to reject these uses.
Starting point
Now you could say: “It's no problem at all. We simply display all data uses on your company website in a very sterile way and that's it. ”
You can do that, but what happens if the customer cancels their services by disclosing their data usage or — even worse — doesn't want anything to do with the company anymore? In times of digitization, in which companies are financially dependent on digital services that a customer explicitly selects and pays for, this would be the absolute “worst case.”
At this point, I would like to bring an example into play to explain the connections a bit more clearly. I use a great idea from my colleague Carolin, who likes to explain her API management solution to the”Mom-and-pop shop” used as an example.
Aunt Emma is said to be the “large company” here that is confronted with the challenge of disclosing data uses from its customers and at the same time would like to retain its customer base.
Aunt Emma finds herself in the following conflict:
Aunt Emma would like to have satisfied customers who place their trust and continue to buy the products they have purchased so far in their shop. Customers should also buy new products from time to time. In doing so, Aunt Emma would like to know the buying behavior of her customers more precisely so that she can specifically improve her products and then offer them accordingly. In addition, it would also like to generate more revenue by using new, “smart” services (e.g. delivery services with an online ordering system). And when it comes to all these points, Aunt Emma must not lose sight of the legal situation either.
So how can you give customers more control over their data, make their use of data transparent and create trust at the same time?
Unfortunately, the answer is not as simple as the question itself and is therefore a combination of several factors that must work together here: This includes legal framework, an understandable user interface and also the reliability of the system that will display the data and its use.
Legal aspects
When concluding contracts and also during the contract period, there are different Additional agreements for the collection and use of personal data decided. These can be, for example:
The services must be described in detail and the user must be able to unsubscribe or select the services. In addition to the services, the terms of use must be confirmed. Approving the services alone is not enough.
With Aunt Emma, it is possible to order goods by telephone, which the answering machine picks up. To do this, Tante Emma needs the consent of her customers that their voice may be recorded for the purpose of the ordering process.
Within companies, there are their own managers in the legal department who deal exclusively with these topics and they must always be on board with such projects.
In summary, it can be said that all relevant data must definitely be collected — regardless of how many different systems are affected. If one of the systems is not connected and the data is missing in the end, this will not create any confidence-inspiring feelings on the part of the customer.
A “trustworthy” user experience
The customer should be able to access their data and their use via a website. So it's already clear that this doesn't have to be done separately, but integrated into the existing customer portal. In any case, this again entails technical integration challenges. But how do you gain trust through a user interface?
There are various studies on this, but important factors are usually
Aunt Emma has gotten into the habit of watching her customers and questioning them politely so that she gets to know their preferences and habits. But she is a very reliable woman who doesn't share her information with anyone. Customers are therefore very happy to sign when they have to confirm that their voice is being recorded by telephone for the purpose of an order process. Aunt Emma is very attentive and trustworthy and that is why customers are happy to choose other additional functions.
Bernd can also tell Aunt Emma that she should stop putting bread on him in the morning. He wants to choose for himself which type to buy every morning. He therefore has a very easy way to opt out of his previous additional attention.
These factors should definitely be implemented by a UX team. The practice (ROI analysis for UX and prototypes) shows that it pays off to go into user tests with prototypes before starting development and collect feedback there. This gives the company the opportunity to capture the feeling of its customers directly and to design the final application accordingly.
In addition to UX, it is also important to describe the benefits of the individual services to the customer. Especially when canceling the service, it should be reminded again of the loss that would result if the service is no longer available to the customer.
The path to a trustworthy UI will require higher costs than you might initially realize. The cost-benefit factor for the company must therefore be examined in detail so that the financial profit is clear in the end.
robustness
In addition to legal requirements and visual design, the system behind it is of course also in high demand. In addition to the services, privacy policies must be confirmed. Approving the services alone is not enough. In the best case scenario, however, these two pieces of information are also stored in different systems within the company. This then complicates the retrieval and logical combination of this information. As a result of the different systems to be integrated, you usually end up with a colorful bouquet of network requests, which must be sequenced and aggregated as effectively as possible. For now, that sounds quite logical and not exciting. But when you look at it in detail, you have a few challenges to overcome here. The login tokens must first be validated and user data extracted so that the personal data can even be obtained from the systems. Some system requests depend on previous answers from other systems. What information do I actually need from all the answers for the UI? What is the best way to structure them? And what do I do if one of the systems in the data flow is not responding? How do I even deal with long requests because the systems are not from the current age?
Despite high complexity, the application must always react and display data. In addition, the application should behave sensibly even in cases of errors and the error messages displayed must not shake the customer's trust. Here is a small example of an error message that illustrates the difference quite well:
Versus
If you look at all of the above points, it quickly becomes clear that you have to put in a lot of brainpower here too in order to be able to provide meaningful concepts and ultimately solutions.
In the end...
In today's world, privacy and trust are becoming increasingly important. Many companies are realizing that investments must now be made in these topics in order to retain their customer base in the long term. And the chances of acquiring new customers are also increased.
Through this blog entry, you have the opportunity to guess that the concept of a privacy center for a company is very diverse and also challenging. Maybe you could get some inspiration for your own concepts.
