The General Data Protection Regulation stipulates legal rights of transparency and intervenability. Transparency provides data subjects with insight into how their personal data have been processed, clarifying what consequences will or may arise due to the processing of their data, whereas intervenability enables them to intervene in the process. Technological artefacts, transparency-enhancing tools (TETs) serve the purpose of conveying respective information precisely and intelligibily. However, despite being a prerequisite for transparency, many TETs available today lack usability in that they do not stringently reflect the needs of their users, which raises the question as to whether individual TETs fulfil their designated purpose.

The objective of this dissertation is to systematically apply principles pertaining to human-centred design to ascertain the qualities necessary to design TETs that facilitate transparency and advise means of intervenability with regard to the needs of their target audience. We classify the state of the art of usable TETs published in the literature and discuss the gaps therein. Contextualising our research in the domain of personal health tracking, we investigate to what extent customisation can help accommodate the needs of users of TETs. We introduce privacy notifications as a conceptual means to inform data subjects about facts worthy of their attention, and examine the immanent properties required to accomplish actual usability. We categorise the characteristics of privacy notifications in terms of what insight they convey, and how respective facts need to be presented to facilitate informed decision-making on the recipient's part. Based on findings obtained via quantitative and qualitative user studies, we elicit concomitant factors related to the parameterisation of privacy notifications. We present the prototypical implementation of TETs whose iterative evaluation provides us with a catalogue of design requirements that demonstrably reflect the needs of their users.