GDPR: What to be aware of when recruiting customers for user research
The General Data Protection Regulation (GDPR) is a new data protection regulation coming into force in May 2018, and it will affect how all businesses process and store data. There is a lot to consider ahead of this regulation coming into force, and for a more detailed overview of what impact this may have on your business, we recommend going to the Information Commissioners Office website.
The following tips should be treated as a starting point to make sure you are acting responsibly if you want to recruit your own customers to participate in user research or usability testing.
This is a general rule for all research and testing, but it is worth highlighting in the context of user research with customers. It is important to clearly explain how you will be using your customer’s information if they are opting in to participate in research, and if you intend on passing their data to a third party for processing. You should also state who the third parties are and what processing will entail.
Ask your customers to opt-in
In the past, People for Research have been asked to recruit from a list of customers who have ‘opted in’ to take part in research as part of a marketing campaign. More often than not, people on this list didn’t realise what they were opting in to, or don’t even remember ticking that box.
Our recommendation based on the GDPR guidelines is to simply run a new campaign, with clear and specific details of what you want people to participate in, how they can be involved, and if working with an external recruiter, explaining their involvement to your customers. This may seem like extra work, but in the long run it will reduce time spent calling people who didn’t realise they opted in and have no interest in participating in your study. This is a more ethical and responsible way of involving your customers in user research and usability testing.
Manage opt-outs properly
Any communication that goes out to your customers should have an opt-out option; people have the right to withdraw consent at any point in the process. Above all, the opt-out option should be easy to do and to find, according to GDPR.
If someone decides they no longer want to receive communications, ensure that this opt-out is processed by all relevant internal teams.
Use a secure data transfer service
People for Research understand the importance of securely sharing and storing customer data. When actively recruiting from a client’s customer base, we use a secure data transfer service that encrypts information when sending it back and forth for review, instead of sending data over email. Plus we recommend anonymising personal data, and removing anything that is not explicitly required for the purposes of running the research session.
A GDPR must-have – informed consent
Make sure you give your customers the opportunity to participate based on their informed consent, this means they are happy with the terms of their involvement and what you will do with any information they share as part of a research or testing session.
This should be done as part of the recruitment process, not when they turn up to your office. Otherwise you may need to honour their incentive, even if they decide to not take part because the terms of their participation weren’t explained clearly to them.
Don’t forget about the non-disclosure agreement
Although this doesn’t relate directly to data protection, it is a more general document that should be used across all research and testing, it is easy to become complacent especially if you are just running a simple benchmarking study. However, the non-disclosure document (NDA) is not just for your benefit. It also confirms the intent of the research, and tells participants what they can and can’t disclose to other people outside of the research.
We have a dedicated process for recruiting customers and managing customer lists that has been developed following years of experience. To find out more about this service read our blog about recruiting from customer data.
— People for Research (@people4research) June 5, 2017
Recruiting from customer data
If you would like to recruit your customers to participate in research or testing, speak to People for Research for advice and guidance on the best way to do this. Get in touch on 0117 921 0008 or firstname.lastname@example.org.
About the author: Jess Lewes is the Director of Projects at People for Research, and is passionate about supporting the UX and market research community with high quality recruitment. She is also a source of knowledge for best practice in participant recruitment.
About People for Research: We recruit participants for UX and usability testing and market research. We work with award winning UX agencies across the UK and partner with a number of end clients leading the way with in-house user experience and insight.
Contact us for…
Pick our brains, we love chatting about people and how to find them.
Each brief is unique, for a cost for your particular brief, please contact us.
Viewing facility / usability lab
People for Research have a flexible lab space, with the ability to host usability testing, focus groups and in depth interviews.
- 0117 921 0008
People for Research
Queen Charlotte Street
91 Wimpole Street