GDPR — Look at Your New Experience Through User’s Eyes

This is not going to be another article to define GDPR, talk about legal ramifications, or tell you about timelines, because the new regulations have already taken effect. So if you don’t know those things…well, you’re behind the eight ball a bit. Instead, what I’d like to talk about is how to evaluate the quality of the experience associated with the changes that you’ve made.

Although GDPR has been a long time coming, business priorities or lack of clarity around how your specific business is impacted may have caused you to feel like you implemented GDPR changes in a rush, focusing on compliance rather than your audience’s experience. Now that your changes are done and you can breathe a sigh of relief, it’s probably a good time to think about how your changes impacted the user experience.

Modals and overlays
There can be sensitivity in UX best practices around modals and overlays, but there’s really no better way to follow GDPR compliance around cookie consent. If you have cookies on your site, you’ve probably recently added a persistent modal/overlay that remains on the top or bottom of every page until the user has accepted.

However, did you also review all the other pages and interactions on your site to ensure that you are not putting modals over modals or asking your audience to do too many things before they even get to see a page? Often, in the deeper pages within your site’s experience, there can be lesser or forgotten interactions that also prompt the user to do something prior to seeing the page. That creates fatigue for the user, who is thinking, “But I just want to find what I was looking for,” and may cause them to abandon.

Also, be aware of how any third-party tools or widgets behave. If a widget has its own dropdowns or modals, they could interfere with your modal’s interactions. Third party tools are a common cause of interaction issues because what lives inside a particular widget may not be included in your automated testing or the owner could make changes that don’t know are coming, especially if they have their own GDPR protections to consider.

Form design
Although GDPR provides more security to users, it doesn’t provide any additional motivation to complete long forms. Users who see a big form or many steps, even when some are optional, are more likely to abandon the form, even when it’s something that they want.  If you’ve added to your forms rather than redesigning them to comply, this is a good time to take a step back and re-evaluate.

Now that you have more “have-tos”, your “nice to haves” could be giving your users form fatigue. For example, if you’ve had to add several fields due to the guidelines around unbundled consent and now your user is selecting from 8 checkboxes instead of one, maybe “how they heard about you” isn’t quite as important as it used to be?  Also, if you are collecting optional personal information (though I hope you already cut this out while implementing your initial GDPR changes), removing those items now will reduce some of your data burden as related to collection and transparency.

Reducing confusion
With GDPR, clarity is key as your audience must truly understand how you intend to use their data at every collection point. Have you made your wording as clear as possible? For things that are inherently confusing or complex, what ways have you considered to simplify the message?

One way you can do this is by showing your audience an example of what they get by opting in to a communication. If you have templated drafts, this can be an easy way to create clarity and reduce confusion without a lot of scrutiny over the exact right words and descriptions.

Are there problems you can’t see?
This is an important time to monitor your analytics and data to compare against your pre-GDPR experience. While this article refers to some of the most common UX pitfalls, you may experience other issues with your implementation that are not so common. Your analytics can highlight where your audience is behaving differently than before.

Once you’ve identified any areas of concern and reviewed the associated pages/interactions, the issue still might not be clear. This is a good place to conduct a user test. Put the page in front of a small sampling of users and see where they get stuck and then ask them about it. Even when we know our audience well, there’s always something new that can be discovered from a user test. Testing is key to uncovering any problems that you and your team can’t diagnose directly.

Have you created more transparency or just more work?
Finally, once you’ve gone through some of the more common pitfalls of GDPR implementation, take a step back to consider the holistic changes to your experience. Ask yourself if you’ve provided your audience with more transparency by implementing your GDPR changes or just created more work for them.

While you may have added more clicks/fields to your experience, that work should feel like its building more trust between you and your audience. It should reinforce to your user that you are handling their data transparently and securely. If it doesn’t feel that way, if it instead just feels laborious or confusing, the intent of GDPR hasn’t been met. More importantly, you may be creating opportunity for your competitors if their methods of implementing GDPR have been more successful from an audience experience perspective.

Do you have concerns about the impact that GDPR has had or will have on your audience’s experience? Get in touch.