CC BY-SA 4.0Kiss, LennartLennartKissSellung, RachelleRachelleSellung2025-06-102025-06-102025https://doi.org/10.24406/publica-4746https://publica.fraunhofer.de/handle/publica/48843110.18420/OID2025_1010.24406/publica-4746This paper examines persistent challenges users/citizens face in exercising their data protection rights under the General Data Protection Regulation (GDPR), particularly in everyday digital contexts. It presents findings from the BMBF-funded Tester project, which developed a privacy assistant to support transparency, intervenability, and data protection literacy in the context of self-tracking and health-monitoring devices. Focusing on the onboarding experience, this study explores how users engage with a GDPR-aligned privacy assistant through an iterative, human-centered design process. Based on mixed-method user evaluations, we validate key usability strategies - such as personalization, grouped customization, and adaptive content - that can promote awareness and improve informed user decision making. The results offer lessons for the design of onboarding experiences in privacy-focused applications and contribute to broader efforts to make digital privacy rights more accessible, transparent, and usable.enPrivacy AssistantUsabilityUser ExperienceGDPRData ProtectionPrivacyconference paper