Making Data Protection Customer Friendly, With Beyond Encryption

Data protection is often something people feel they have to get past rather than something that helps them feel safe. Cookie banners, long forms, and dense notices can make privacy feel like a hurdle instead of part of being supported. That disconnect creates problems for trust, confidence, and customer experience.

To explore how organisations can change that story, our consultants Catarina Santos and Caine Glancy joined Beyond Encryption for a discussion on what customer friendly data protection looks like in the real world. Between them, Catarina and Caine deal with hundreds of frontline queries every month, giving them a unique view of the challenges people face when trying to exercise their rights or understand what is happening with their data.

You can watch the full conversation on the Beyond Encryption site, where the video, transcript, and extended insights are hosted.

Why Customer Friendly Data Protection Matters

Public attitudes to data protection have shifted in recent years. People are more aware of the risks, more likely to act when something feels wrong, and more comfortable asking questions about how their information is used.

This is not a rejection of data protection. It is a sign that people want clarity, control, and reassurance.

In the discussion, Catarina explains that the biggest challenge is often how organisations frame privacy. Many organisations have strong principles written into their governance, but these ideals rarely translate into the customer experience. People see the rules as barriers rather than as protections designed for their benefit.

Taking a customer friendly approach means bringing the principles of UK GDPR to life in a way that feels fair, transparent, and easy to follow. It supports trust and strengthens wider expectations under regimes such as the Consumer Duty, where clear communication and effective support are central to good outcomes.

Turning Privacy Information Into Something People Can Use

One of the clearest reflections on the session is that traditional privacy notices no longer meet people where they are. A single, static page full of legal language does little to support understanding.

Catarina and Caine discussed practical ways organisations can make privacy information easier to use, such as:

• Breaking information into clear layers rather than presenting everything at once
• Writing notices in plain, accessible language
• Using short ‘just in time’ explanations at the moments people are about to provide their data
• Testing drafts with real users instead of relying solely on internal teams
• Presenting information visually, whether through icons, dashboards, or step by step summaries

These approaches reflect guidance from regulators on transparency and accountability, but more importantly, they reflect what people need to feel informed and comfortable.

What Frontline Queries Tell Us About Real Life Challenges

While Catarina works closely with organisations on governance and design, Caine’s role on the support desk gives a direct view of the issues people face every day.

Patterns in queries reveal more than confusion. They often highlight where a process, training approach, or communication has broken down. Repeated questions about retention or rights might indicate unclear messaging, while frequent concerns about access or marketing preferences may point to a system that is nudging people in unexpected directions.

By treating support queries as valuable feedback, organisations can improve their transparency, strengthen their governance, and reduce friction for customers and colleagues alike. It is a practical form of data protection by design and default: listening to the people who rely on your services and acting on what they tell you.

Handling Breaches With Care and Clarity

The conversation also explored how to communicate with people when something goes wrong. Breach notifications can be some of the most sensitive interactions an organisation has with its customers.

People affected by a breach may be anxious, frustrated, or worried about the consequences. A slow or overly legalistic response can deepen those concerns.

Catarina and Caine emphasised:

• Communicating quickly and clearly
• Explaining what has happened and what is known at the time
• Setting expectations on next steps
• Using language that supports understanding rather than obscuring it
• Recognising the emotional impact of the incident

Done well, breach communication can help preserve trust even in difficult circumstances.

Culture, Champions, and Keeping Privacy Alive

Policies are important, but culture is where data protection becomes part of everyday practice. The session touched on the value of data protection champions, who act as embedded points of awareness within teams. Champions help spot issues earlier, raise questions before they escalate, and keep privacy considerations visible between audits or training cycles.

This cultural approach aligns with wider shifts in public expectations around AI, profiling, and digital decision making. People want to know how technology affects them, and organisations that stay close to those concerns build stronger, more resilient trust.

About Beyond Encryption

Beyond Encryption is a UK based organisation specialising in secure digital communication. Their work focuses on helping businesses protect sensitive information in a way that feels straightforward for users. The company develops tools that make it easier for people to share and receive information securely without navigating complex processes or technical barriers.

They take a people centred approach to security design, aiming to make trust and privacy feel intuitive rather than complicated. Their team is based in Hampshire and brings together specialists in cybersecurity, usability, and digital communication.

Beyond Encryption also operates as a certified B Corp, meaning they build their products and services with wider social and environmental considerations in mind. Their focus on ethics and transparency shapes how they approach digital trust, communication, and identity.

You can learn more about Beyond Encryption and watch the full episode on their website:
Learn More

Watch the Full Conversation

The full interview between Beyond Encryption, Catarina, and Caine is available on the Beyond Encryption blog, along with further insights and practical examples.

To watch the episode and explore Beyond Encryption’s work on trusted digital communication, visit their site here:
Listen to the Full Episode Here