General Data Protection Regulation (GDPR) is one of the most significant changes that are about to happen in the area of data privacy. Under this regulation, data is to be coordinated, shielded and commissioned for all the European citizens.
Online surveys are an integral tool to collect data and with GDPR coming into being, it has become extremely critical to make them GDPR compliant as well. In this blog, we discuss the measures taken to ensure QuestionPro survey users create 100% GDPR compliant surveys.
Click here to learn about GDPR data collection
How to create GDPR compliant surveys with QuestionPro:
-
Make sure the GDPR compliance option is on:
Create the GDPR survey settings by going under Account > Organization > GDPR. It’s a checkbox which needs to be switched on for compliance. If you’re from the EU region, this checkbox will be turned on by default.
-
Every organization intending to have GDPR compliant surveys must have a Data Protection (DP) Officer:
For any organization to have a successful data collection process in place, they need to have a DP officer. This will be an authorized person with the knowledge of data and privacy issues and the details of this person like office, name, email and contact information needs to be filled in from Account > Organization > GDPR.
This information goes into the survey footer. Especially in the case of Enterprise customers using edge support look for DP officer to represent their organization provided they have an edge support agreement.
-
Data Retention period for the survey data:
The GDPR compliant surveys relations specify that all the organization looking for compliance, have to clarify the tenure for which respondent data will be retained. If an account is active and consistently paid for, QuestionPro has an infinite reservation period. In case an account is abolished willingly or unwillingly, we provide a buffer period of 30 days after which the user data will be eliminated from our servers.
Under GDPR, every organization needs to have their own data retention rules, these are ours. We provide our own language and data protection policy and so should every other organization and mention it clearly in their surveys.
-
Allow users to access the collected data:
GDPR compliant surveys enforce the fact that every respondent should be able to read and also download their data in readable formats. We allow users to corresponding user metadata along with downloading it like IP address, information about browser and others.
To make sure the download is also GDPR compliant, users can make the download in either PDF or JSON format.
-
Full proof your survey data from any breaches:
GDPR allows every organization to select a Lead Supervising Authority, and as QuestionPro has its presence across Europe, we have chosen Dutch – DPA which for data collection and supervision, especially due to our physical presence in the Netherlands. Due to this, in case there exists some data discrepancy, we have to report it to the DPA authorities in the Netherlands.
There may occur cases where our customers feel the need to have their selected DPA. So, in case of any theft or breach of data, they can contact their own DPA as soon as we get in touch with them about it.
