Redesigning Data Privacy Controls — A Startup's Journey from Toggle Overload to Contextual Control

Tech · 6 min read

Redesigning Data Privacy Controls — A Startup's Journey from Toggle Overload to Contextual Control

Covela's early approach was checkbox-heavy: a single privacy center with dozens of toggles around telemetry, model training, data retention, and integrations. Usability testing found that users skimmed and guessed, often leaving defaults unchanged or contacting support for clarification. The product team moved to a principle: surface privacy choices where they matter, not in a single burying ground.

Designers introduced contextual prompts at the point of data collection—e.g., a clearly worded consent card before sending logs to an improvement model, and an in-line toggle when enabling an integration that shares customer data. Each prompt included a short, plain-language explanation of purpose, trade-offs, and the immediate effect of enabling or disabling the control. For power users, an 'advanced preferences' hub remained, but it was now curated and linked from relevant features.

The contextual approach produced a 34% increase in informed consents for product-improvement experiments and cut privacy-related support tickets by 22%. Legal and engineering collaborated to ensure prompts linked to auditable policies and that opt-outs propagated to downstream systems. Covela's experience shows that embedding privacy decisions into user workflows—coupled with concise explanations—improves transparency and reduces friction for both users and internal teams.