Back to Blog
GDPR and user research
Ayda is a research operations platform that automates and streamlines 92% of the tasks typically carried out by researchers - all while staying GDPR compliant and helping you do the same.
GDPR is one of the touchiest topics in research. As user researchers, the responsibility does not entirely sit with you, but it is important to understand what GDPR is and how that will affect the research you do.
What is GDPR and why is it important:
GDPR is the General Data Protection Regulation that governs the processing of personal data and sets privacy, data-protection, and security standards. While GDPR was not specifically created to regulate user research data they have become increasingly intertwined which is why it’s essential for researchers to understand how it effects their work.
Personal data is defined as data from which someone can be identified – for example a name, address, date of birth, IP address etc. Researchers have to manage user data and details they collect to make sure they are protecting participant privacy and complying with GDPR. Participant personal data can be found in your interview recordings, notes, forms etc.
Things to look out for:
There are a few main things that need to be taken into consideration when looking at how GDPR intersects with user research. While it is not a law that was created specifically for research, it does affect the way data is handled within the research space.
Firstly, the definition of ‘personal data’ used in GDPR is quite broad. This means it could impact more than you would originally think. It’s definitely worth keeping an eye on what data you are collecting and how easy it is to identify the participant from that data.
Secondly, GDPR has very strict rules about informed consent. Just in-case consent wasn’t already stressful enough!
Last, but definitely not least, GDPR has created stronger requirements for documentations and auditing. Make sure you’re talking to your legal teams about how you can insure you’re documenting every step of the way to the best of your ability.
How to stay compliant:
Staying GDPR compliant is one of the most important things you can do as a researcher. Here are our top 5 tips on how to do that:
Here are some resources that might be helpful if you want to learn more about GDPR and its impact on user research:
What is GDPR, the EU’s new data protection law?
Managing user research data and participant privacy
GDPR and research – an overview for researchers
Get onboarded with Ayda
Book a 20 minute call with a member of our team to supercharge your user-research