We are exited to bring two new DSAR quality functions to PrivacyBox today. One of our customers had a problem where people were submitting data subject access requests (DSAR’s) with the wrong email address. The way PrivacyBox is set up is that the data subject must verify the email address used to submit the request. Obviously, if the you enter the wrong email address, the verification email will never reach your inbox. The privacy team is then left wondering whether they never verified the request, or if they had entered the wrong address. We want to minimise the risk that someone enters the wrong email address. A common way to do this is to have an email address confirmation field, but we feel that this is hampering the user experience and providing little value since most people will just copy and paste that email address into the confirmation field.

Good UX improves the quality of user input
Making sure the data subject enters the right email address is an important part of a web form quality check – but this is not easy!

Made a mistake? Cancel your request now

The first improvement we made was a “cancel” button on the “thank you page” after someone submits a DSAR. Previously we used to have a rather lengthy text explaining what’s next and so on. This text was based on the wishes of a lawyer, but UX research confirmed our suspicion that nobody ever reads that. Instead we now show the email address they have entered in a very visible way, and with a simple way to cancel your request if you entered the wrong address; simply click a cancel button.

Screenshot of PrivacyBox thank you message
The PrivacyBox thank you widget for data subjects after submitting a DSAR

If you have entered the wrong email address, simply click the cancel request, and the request will be cancelled. In the background it then adds a log item for the privacy team explaining that the DSAR was cancelled by the submitter, and it sets the status of the issue to “closed”, so that it does not clutter up the list of open issues the privacy team needs to take action on.

Did you enter a non-existing email address?

Sometimes people enter a non-existing domain. The UI check above can help here too. To make it even easier for the privacy team to stay on top of things, if a verification email fails permanently to be be delivered, we will add a private work log message that there was a permanent failure in email delivery. We have chosen not to automatically close the issue on failed email delivery, since the data subject may have provided other means of reaching them that are valid, such as a phone number or another email address.

Screenshot of work log from PrivacyBox
Work log example showing both a failed email delivery, and the automated private message added by the system on permanent email delivery failure.

How our email failure detection works

We use Mailgun as our transactional email provider. When they send an email that fails, they tell us about this failure by posting to a webhook we have set up on the PrivacyBox backend. We then compare the unique message-ID from Mailgun with a list of ID’s of sent verification emails. If there is a match, we will add a work log item to the issue.

Data flow diagram for email failure detection in PrivacyBox
DSAR verification email failure: how PrivacyBox uses Mailgun as a transactional email provider, with a webhook set up to monitor permanent delivery failures.

The webhook setup with Mailgun is an easy way to monitor for failures of critical emails. In combination with better UI elements for end users, this brings two new DSAR quality functions to PrivacyBox, that improves the user experience for both data subjects and the privacy team.

Leave a Reply