GDPR Signup Flow Optimization

Case Study

THE Travelzoo website serves as a hub for millions of users around the world to find and purchase the best travel, entertainment, and lifestyle deals online. Users can sign up for a free account to become members and receive exclusive content.

Project Overview

Due to new GDPR laws being passed in the EU (2018), Travelzoo was no longer allowed to send marketing emails to new members from the EU as a condition of membership. Users had to be given a choice during the sign-up process to receive marketing emails or not. The initial implementation of the new GDPR signup flow had unfortunate affect, resulting in a serious drop-off in members who subscribed to emails, a significant distribution channel for Travelzoo’s deals. A solution had to be implemented quickly to restore subscribing memberships to prior levels.

Time frame: 1–2 weeks

The Team

  • CEO
  • Head of Product
  • Head of Marketing UK
  • Senior Product Designer (Me)
  • Web Dev Team

My Role

  • UX/UI Design
  • Interaction Design
  • Rapid Prototyping

The Challenge

The initial implementation of the new GDPR signup flow on EU website editions was legally compliant, but resulted in an alarming decline in email subscribers, negatively affecting Travelzoo’s businesses in the region. The change was also bad for new members who signed up but missed or skipped the initial chance to receive deal alerts by email.

We had to find a solution that would convert new members into email subscribers as before GDPR, without making opt-in be the default option nor adding any more complexity to the signup flow.

Research & Discovery

The initial GDPR signup flow introduced an email consent checkbox on step 1 that was unchecked by default to be in compliance with the law:

Initial GDPR signup form with subscribe checkbox
Initial GDPR signup form with subscribe checkbox

Unfortunately, most users did not tick the checkbox when signing up, and therefore, not subscribing to our email newsletters. According to user research, “people tend to accept defaults as a recommendation, effectively choosing not to choose.” That most likely explains what happened and gives us an idea of how to solve our problem.

Design Iterations

With input from the team, I produced several signup flow variations based on research, competitive analysis and direct instructions from our CEO.

First, I received some hand-sketched wireframes from the Head of Marketing …

… from which I created a first round of high-fidelity mockups:

V1 and V2 flows are more supported by user research for having no default option to (not) subscribe, guiding the user to make a conscious choice instead. The difference between the two flows is when the user is prompted to make that choice: either later in their confirmation email, or immediately after signing up with their email or Facebook. As for the visual UI of the subscription options, finding the right balance between highlighting the opt-in option(s), while still providing a clear opt-out option, would be key to a successful design solution.

V3—a flow with an opt-in checkbox—is a version our CEO requested. As can be seen, it has some issues that would prevent it from being a viable solution: default opt-out, complexity, and user-unfriendliness.

Round 2:

Round 2 is similar to round 1 but with more aggressive visual styling to encourage opt-in. There are other dialogs throughout the flows that attempt to motivate users who have chosen opt-out to change their minds and opt-in instead.

Round 3:

In round 3, we were able to get agreement from our CEO that V3 is not the better solution, so it was removed. Otherwise, some adjustments were made to the messaging on the other flows.

I prototyped the two remaining flows in InVision to demonstrate the user experience to the team and do some quick internal user validation. It helped us get final approval to build one of the flows.

In the final flow, we decided to simplify the subscription options and remove as much technical complexity as possible in order to get it released as quickly as possible. New users would be required to confirm their email before being able to access any “locked” deal, but they can simply choose to opt-in or opt-out of email subscriptions on their confirmation email. (And we won’t try to change their mind if they opt-out—for now.)

Final GDPR Signup Flow

GDPR signup flow v1.4 (final)
GDPR signup flow (Final)


The new flow successfully turned around the drop-off in email subscribers and brought conversion metrics back up to acceptable levels. Members who might have initially wanted to receive deal alerts by email but missed the checkbox at the beginning of signup are now able to clearly opt-in.


The hard reality is that there was a breakdown in the product development process with the initial GDPR update. User testing and validation steps were bypassed in order to be in legal compliance quickly. However, the shortcuts taken to save time ended up costing more time and resources.

Thanks for reading! ✌️