With regards to GDPR all information collected below is only relevant for personalized surveys. Surveys which are being conducted in a full anonymous way are not subject to this rules since no personal identifying information (PII) is involved.
Information about users rights ( Art. 12 GDPR )
To be GDPR compliant the user needs to be informed about the data collection and his attached rights. To be compliant follow these steps:
- Create a survey containing no element.
- On the “Thank you” element copy the text from this template:
https://survalyzer.survalyzer.eu/compliance - Adapt the template accordingly and publish this survey. This creates a static page containing the legal information regarding GDPR.
- Add this example sentence to your invitation, just before the survey link: “By opening the following links you accept the privacy policy and the saving and analysis of your data.”
- With the usage of the opt-out placeholder {{member.opt_out_link}} in your invitation mail, a possibility is added for the participant to remove himself from further invitations. This could be placed in an explaining sentence like “If you don’t want to receive any further invitations click here.” or simply in an “Unsubscribe” link in the footer.
Information about collected data ( Art. 13, 14, 15 GDPR )
Survalyzer organizes all information about survey participants in panels and samples. For the sake of simplicity only panels are used in the further explanations but all mentioned equally applies to samples as well.
Panels contain the standard fields as shown below but could be extended by custom variables. This can be all kind of data like demographics, education, job, etc. which is useful to create segments.
All requests from survey participants to Survalyzer are forwarded to the responsible workspace admin. With the screen above the Panel owner could provide all collected information to the user. The data collection consists of information about the user and the interviews of the user.
In case a user requests the collected information, the owner of the panel could simply download the Interviews as PDFs (portability Art. 20 GDPR) as well as the master data record as Excel export.
Which data is being accessible by the user could be fine grain controlled by the workspace or account admin. In the workspace settings all data protection relevant PIIs could be excluded:
Even the collection of indirect PII as the IP-Address could be turned off. For the interviews as well as for the server logs. The server logs in this case only contains 0.0.0.0 as shown in the screenshot below:
With these extensive possibilities the workspace group admin can configure the level of anonymization according to the data protection needs or legal requirements. Since Survalyzer could be used completely anonymous even the strictest rules could be fulfilled.
All details are documented in the privacy policy which could be downloaded here.
Exercising of user rights ( Art. 16, 17, 18 GDPR )
Correction of data
Panel members can request the correction or deletion of their personal data. Changing user data can be achieved by the panel member screen shown in Chapter “Information about collected data”.
Deletion of data
The deletion of a panel member can be done by using the yellow marked trash icon of the panel member overview page:
Survalyzer deletes data only logical and keeps it for a retention period to be able to restore accidentally deleted data. The retention periods can be configured by the account admin in the screen shown below:
Delete retention period: This feature lets the Account Admin decide how long deleted data is available until it gets deleted physically in a nightly job. The shorter the period is configured the faster the data is gone permanently.
Retention periods for completed surveys: The feature is designed to meet the highest regulatory requirements. According to GDPR data may only be collected for a specific purpose and the collected data may only be stored for as long as the purpose justifies it. This means that as soon as you have conducted the analysis of a survey and gained the insights from it, the purpose expires and you have to delete the interviews. The feature supports Survalyzer users and automates the process that it cannot be forgotten. Simply set the retention period for closing the survey and a nightly job deletes the interviews after the retention period expired.
Retention periods for sample data: This feature is exactly the same as for completed surveys, but with the focus on panels members. After the survey has been completed the justification for storing the panel members also expires. The feature supports Survalyzer users and automates the process that it cannot be forgotten. Simply set the retention period for sample data and a nightly job deletes the panel members after the retention period expired.
Restriction of processing
Panel members could request to exclude them from any further processing. The account admin needs to create an account opt-out for the panel member. As shown in the screenshot below:
The account opt-out is different to the opt-out link of the E-Mail. The opt-out link in the email opts-out the panel member from the workspace containing the panel. This means if a company has several workspaces the user can still be invited from other workspaces. On the other hand if a panel member is added to the account opt-out, it is valid for all workspaces and the panel member will never get invited again.
Notification of the user ( Art. 19 GDPR )
Panel Members
Survalyzer users have the obligation to confirm panel members the deletion and rectification of their data. Survalyzer supports account admins by forwarding spam complaints. The panel members complained about spam needs to be added to the account opt-out list. Survalyzer will monitor that this is done by the account admin.
Also all other requests or questions of panel members which are sent to Survalyzer are forwarded to either the account admin or a workspace admin.
Survalyzer Users
After a Survalyzer subscription has been expired all data is deleted. Since each Survalyzer customer has it’s own database also all backups for the database are destroyed. The deletion of all data is done automatically in a nightly job. Confirmations are only sent upon request.