GDPR (General Data Protection Regulations) basics

GDPR (General Data Protection Regulations) basics and why it is important to comply

Starting from May 25, 2018, all organizations that collect personal data from EU (European Union) Citizens need to comply with the GDPR regulations that ensure the protection of personal data for all EU Citizens.

Any kind of information that can help identify a person is considered personal data. (For example; Name, address, phone number, email address, photographs, …)

Need a quick first insight into whether or not your questionnaires are ready for the GDPR? Take this 1-minute quiz.

The most important GDPR principles are:

  • Transparency: Organizations are required to inform people in a clear and comprehensible way on how they collect and store data.
  • Data-transferring: European citizens can transfer their personal data from one service provider to another.
  • The right to be forgotten: Organizations are required to be able to delete all personal data when the person in question requests it.
  • Compulsory reporting in case of data leak: Organizations are required to report a data leak within 72 hours.

Survey Anyplace both collects personal data from its customers and offers the software that enables customers to collect personal data. Consequently, this makes Survey Anyplace both “data controller” and “data processor”.

Data Controlling

In its responsibilities of data controller (personal data that Survey Anyplace collects from its clients), Survey Anyplace has updated Terms of Use, Privacy Policy and Cookie Statement in place:

These documents clarify how the collected personal data is used in a clear and comprehensible way.

Each user of the Survey Anyplace software is required to read and accept that Privacy Policy before being able to use the software. A user has the possibility to opt-out of all communication and can request the deletion of all their personal data. 

Survey Anyplace is also compliant with compulsory reporting regulations.

Data Processing

In its responsibilities of the data processor (personal data that Survey Anyplace users collect through the software), the end-user acts as controller of the data and is ultimately responsible for GDPR compliance. 

To support its users in this matter, Survey Anyplace has functionalities in place within the software that enables its users to easily operate compliant to the GDPR regulations.

These functionalities are:

  • The possibility to provide an opt-in when personal data is collected through a survey, including the option to provide additional information (or a link to additional information) that describes what the personal data will be used for.
  • The possibility to provide multiple opt-ins in cases where personal data will be used for different objectives.
  • The possibility to delete a response (the answer to any survey question) from the survey, including all personal data.
  • The possibility to delete a respondent without deleting that respondent’s responses: this guarantees the removal of all personal data, while the survey results remain available (albeit anonymously).
  • The possibility to delete an entire survey, including all responses and collected personal data.

Find out more about these functionalities here.

Why is it important to comply with the GDPR when collecting data? 

  • To protect the personal data and the privacy of your respondents. 
  • To prevent your brand from losing its reputation. 
  • To avoid penalties for breaching GDPR, which can result in strict fines. 
  • To streamline your process of collecting and storing data and avoid room for mistakes.

What consequences can you face for not being GDPR compliant? 

The consequences for non-compliance depend on certain factors such as the duration of the infringement, the quantity of data subjects affected, and the level of impact.


Keep in mind that this will be applicable to both data controllers and processors. Fines for businesses can go as high as 20 million euros or 4% of the global turnover, whichever amount is the highest.

About GDPR:

The EU General Data Protection Regulation (GDPR) is designed to harmonize data privacy laws across Europe, protect and empower all EU citizens' data privacy, and reshape the way organizations across the region approach data privacy. (More information:

What's next?

Vincent is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.