At a Glance
UserTesting’s platform allows customers to record audio and video of test contributors interacting with websites, apps, prototypes, and other products. Occasionally, a test will require test contributors to log into an account or enter information into a form. To protect test contributors’ privacy, it’s important to be aware of Personally Identifiable Information (or “PII”).
Personally Identifiable Information (or “PII”) is data that could be used to determine the actual identity, and contact, of a specific living person.
Protecting the personal information of contributors is critical when gathering insights through testing. It is not only the right thing to do for contributors, but it also protects your company from possible non-compliance with the General Data Protection Regulation ("GDPR"). See this information page about UserTesting and GDPR. If your test might involve Protected Health Information (“PHI”), please review our article on collecting insights under HIPAA.
Click on the following header titles to skip to that section of the article:
The rule regarding prohibited PII is to never ask for it, even if your test asked for consent or you use the Blur Tool.
Examples of prohibited PII include, but are not limited to:
- Credit card numbers or credit card purchases
- Personal financial account numbers
- Passport numbers
- Car loan number
- Drivers license number
- Social Security number
- Account passwords
- Specific genetic information
- Biometric identifiers (e.g., fingerprints, voice prints, iris and retina scans)
- Health plan account or beneficiary numbers
The rule regarding permissible PII is that you should obtain contributors' consent to collect this information, usually via a screener question (for examples, see our article).
Examples of sensitive PII include, but are not limited to:
- Racial or ethnic origin
- Political opinions, religious or philosophical beliefs, trade union membership
- Data concerning health or a person's sex life or sexual orientation
- Data relating to criminal convictions and offenses
- Blur Tool: Depending on your internal policies and applicable data laws for collecting and handling personal information, you may want to use the Blur Tool for certain tasks that expose PII you want to protect.
- Health information: Medical information is considered Protected Health Information (PHI) and should only be collected if your organization has a signed Business Associate Agreement with UserTesting.
- Testing purchase transactions: UserTesting contributors should never be required to purchase anything while testing. If you have questions about how to test processes which include a financial transaction, visit our course.
- Testing social media: Social media feeds may contain the personal data of others that have not provided their consent to share such personal data. Ultimately, the best approach is to only enter engagements where you are processing personal data from the contributor participating in the test.
Follow these best practices when you run a test that may prompt test contributors to provide their PII:
- When requiring a test contributor to complete a form requesting PII, instruct them to enter false or “dummy” information that will not identify a specific individual.
For example: “Enter the email address = firstname.lastname@example.org and password = fake.”
- Never ask for social security numbers, medical records, or bank and credit card information.
For example: “Please use fake information like 5555-5555-5555-5555 Exp: 12/20”
- If your test requires test contributors to go through a complete checkout process, provide contributors with gift cards or gift codes in order to complete the checkout process without entering their own credit card information. For more guidance on testing purchase transactions, visit our course.
- If it’s necessary for a test contributor’s PII to be visible on the screen during a certain task, and your internal policies require you to protect this information, enable the Blur Tool to make the screen unreadable during that specific task.
- If you expect test contributors’ PII to pop up during the recording (such as notifications), please create screener questions to set expectations before the test starts.
For example: Create a screener saying, “This test requires you to disable notifications. Have you disabled all notifications on your smart device?”
- Yes, I have disabled notifications. [Accept]
- No, I do not wish to disable notifications. [Reject]
- If you are concerned that PII might inadvertently be provided by contributors during a test, consider a Live Conversation rather than an unmoderated test. During the test, you can manage the conversation to prevent sharing this information.
- Be mindful that personal information might also appear on the dashboard or other pages within logged in experiences. Review these pages as you plan a test and consider using the Task question and Blur Tool.
If these best practices will not be sufficient for your research needs, please contact the UserTesting Support team to discuss alternatives.
If it is determined that it is acceptable to record PII during your test, you will need to provide test contributors with a detailed explanation of what PII will be recorded, what it will be used for, and get their written consent before the start of the test.
It is best to add a question as the first screener, For example: “During this test, you will be required to enter your full name and home street address as part of a registration process. This information will only be used for the purposes of this test and will not be shared. Do you consent to providing this information?”
- Yes, I consent to providing my full name and street address to participate in this test. [Accept]
- No, I do not consent to providing my full name and street address to participate in this test. [Reject]
Need more information? Read these related articles.
Want to learn more about this topic? Check out our University courses.