GDPR - Lead Supervising Authority

GDPR calls for a legal obligation for the notification to supervising authority regarding a data breach within 72 hours of knowing about it.

As such, due to the fact that QuestionPro operates pan-Europe and most companies collect data and impact citizens of multiple countries within the EU, GDPR allows for selecting a “Lead Supervising Authority” - QuestionPro has selected the Dutch - DPA as the lead supervising authority that governs data collected by QuestionPro. This is partly because our physical servers are located in the Netherlands.

In case of a data breach, at QuestionPro, we will be obligated to notify and DPA in the Netherlands.

In some cases, each of our clients may want to select their own Supervising Authority. Our customers must then use their own supervising authority and can notify them about a data breach as soon as we notify you.

In cases where there is a data breach without our involvement - example a laptop with data from survey respondents gets stolen, it is up to our clients to notify their own supervising authority regarding the breach.

QuestionPro will provide a mechanism to select the Lead Supervising Authority that each of our clients in the EU want.

Set up

  • Go to: User Profile >> Compliance >> GDPR
  • Selec the Lead Supervising Authority from the Authority dropdown menu.
  • Click on Save Changes button.
Survey Software Help Image

Was this article helpful?
Sorry about that
How can we improve it?