Porsche Design SystemSearchNavigate to GitHub repository of Porsche Design SystemOpen sidebar
GuidelinesResourcesLegal
Forms Privacy and EU data protection guidelines We also have the responsibility to sign the consent form (Declaration of consent) in accordance with the EU data protection basic regulation (DSGVO) by using design guidelines and implement measures in such a way that consent is given by the user voluntarily. Studies show that especially when the user does not feel that they have control over their data or that the disclosure would have (or may cause) negative consequences they won’t share their data. Therefore, not only the benefits of data disclosure should be transparent to the user (for example the sending of an advertising brochure), but also the exclusion of possible risks (for example, that data will not be passed on to third parties for undefined purposes) and give a feeling of control. In principle, it is helpful for a successful implementation of the maxims to be oriented towards the function of the purpose statement: The purpose must allow users to understand the consequences of data sharing and handling for them. A successful implementation of the maxims therefore enables the users to effectively control the consequences indicated by the purposes. In the section Handle with care: Sensitive and personal data we already mentioned some guidelines about handling personal data. In this section we will give you a little more insights about all of the Privacy Principles. The Privacy UX Design Guidelines Principles are: Limitation A dialogue may only collect the data required for the specified purpose. Which and how much personal data may be collected therefore depends on how concrete (or how general) the purposes were expressed. If, for example, a data processor needs to know whether the user is already of age in order to release a service, this only requires the user to indicate the age of majority, but not the specific age. Selection and control The users must always be able to give (or refuse) their consent for each individual purpose. In doing so, they must actively decide to save data for a clearly defined purposes (so-called opt-in). The users must therefore take active steps to give their declaration of consent, for example by clicking a checkbox or toggling an online form. On the other hand, a ticked box does not require any active action by the users and does not provide a valid declaration of consent in the general view. If the data collection is to be based on the user's declaration of consent (and not another legal basis), the user must therefore expressly have agreed to this before the data may be collected. Because users evaluate the sensitivity of their data differently, they should always be given as much choice as possible (for example, how to contact the users). Explanation Can the user understand why which data is collected? Textual and/or graphic explanatory guides can be used for this purpose. In addition, added value should also be presented visually whenever possible. Putting things into context (explained in the next section) is another important strategy to make the collection of data "meaningful" for the user. At the very best, the user can also be informed about the extent to which the disadvantages feared by him with the data disclosure are already excluded, reduced or at least controlled by the data processor (i.e. the Porsche AG) due to the protective measures provided. Measures are, for example, the pseudonymisation of personal data, their encryption as well as technical-organizational access controls. Contextualisation of the consent Consent should preferably be obtained "just in time", i.e. at the time when it is necessary (but no later than at the time of collection of the data or at the time when data is processed for a different purpose than previously indicated). The justification for collecting and obtaining consent, both in terms of time, space and logic, should be sent directly and without interruption to be tied to each other. Controllability Dialogs should be controllable in order to make the flow of processes transparent for the user (for example, when entering data). There should be no dependencies and couplings between providing data or the booking of services. Instead, it should be possible to agree to each processing purpose individually. Users should be able to manipulate, terminate and resume processes at any time, even retroactively. An attractive controllability is especially important for mobile devices. For this purpose, the user must be provided with sufficient information for orientation and navigation. This also refers to accurate, friendly, and complete feedback in case of unexpected behavior or errors. Support Filling in fields or forms should always be supported as much as possible. This includes responsive design, error tolerances, auto-completion, search function (for example for dropdowns), logical (alphabetical) sorting, the use of common formats for for example date entries. Relationships can also exist across fields. Minimalism and continuity Dialogues and processes should have a clear overall structure and clearly distinguish individual topics or contents to separate them from each other. Visual and informational overload must be avoided. This prevents the user from being overwhelmed and gives a feeling of familiarity and security. Appreciation The consideration of correct salutations, titles and names, if necessary, is an element that creates trust and closeness. Individuality should be respected (for example no pressure to choose 'man' or 'woman' in a form field for gender selection). This also includes the possibility for the user to specify titles (for example Prof. Dr.). User testing These principles describe possible implementations of the consent form, which should enable the user to effectively control the consequences or risks associated with the disclosure of data. In order to ensure a successful implementation, this must be contextualised (i.e. tested empirically with users using the respective touchpoint). This does not only mean technical functional tests. Rather, it must be checked whether the concrete implementation of the principles really leads to the users' understanding of the consequences and risks of data disclosure and feel that they can be effectively controlled.
Global settingsThemeChanges the theme of the application and any Porsche Design System component. It's possible to choose between forced theme light and dark. It's also possible to use auto, which applies light or dark theme depending on the operating system settings automatically.LightDarkAuto (sync with operating system)DirectionChanges the direction of HTML elements, mostly used on<html> tag to support languages which are read from right to left like e.g. Arabic.LTR (left-to-right)RTL (right-to-left)AutoText ZoomChanges the text size and values with unit rem or em relatively. This setting can be defined in browser settings for any website or by an application itself on<html> tag. To achieve WCAG 2.2 AA compliance it's obligatory to support text zoom up to at least 200%.100%130%150%200%