GDPR (General Data Protection Regulations) basics and why it is important to comply
Starting from May 25, 2018, all organizations that collect personal data from EU (European Union) Citizens need to comply with the GDPR regulations that ensure the protection of personal data for all EU Citizens.
Any kind of information that can help identify a person is considered personal data. (For example; Name, address, phone number, email address, photographs, …)
Need a quick first insight into whether or not your questionnaires are ready for the GDPR? Take this 1-minute quiz.
The most important GDPR principles are:
- Transparency: Organizations are required to inform people in a clear and comprehensible way on how they collect and store data.
- Data-transferring: European citizens can transfer their personal data from one service provider to another.
- The right to be forgotten: Organizations are required to be able to delete all personal data when the person in question requests it.
- Compulsory reporting in case of data leak: Organizations are required to report a data leak within 72 hours.
Survey Anyplace both collects personal data from its customers and offers the software that enables customers to collect personal data. Consequently, this makes Survey Anyplace both “data controller” and “data processor”.
These documents clarify how the collected personal data is used in a clear and comprehensible way.
Survey Anyplace is also compliant with compulsory reporting regulations.
In its responsibilities of the data processor (personal data that Survey Anyplace users collect through the software), the end-user acts as controller of the data and is ultimately responsible for GDPR compliance.
To support its users in this matter, Survey Anyplace has functionalities in place within the software that enables its users to easily operate compliant to the GDPR regulations.
These functionalities are:
- The possibility to provide an opt-in when personal data is collected through a survey, including the option to provide additional information (or a link to additional information) that describes what the personal data will be used for.
- The possibility to provide multiple opt-ins in cases where personal data will be used for different objectives.
- The possibility to delete a response (the answer to any survey question) from the survey, including all personal data.
- The possibility to delete a respondent without deleting that respondent’s responses: this guarantees the removal of all personal data, while the survey results remain available (albeit anonymously).
- The possibility to delete an entire survey, including all responses and collected personal data.
Find out more about these functionalities here.
What consequences can you face for not being GDPR compliant?
The consequences for non-compliance depend on certain factors such as the duration of the infringement, the quantity of data subjects affected, and the level of impact.
The EU General Data Protection Regulation (GDPR) is designed to harmonize data privacy laws across Europe, protect and empower all EU citizens' data privacy, and reshape the way organizations across the region approach data privacy. (More information: https://www.eugdpr.org/)
- Find out what impact GDPR has on your questionnaires and if it’s necessary to make any changes.
- Discover what updates were made in the Survey Anyplace tool to make the software and your questionnaires GDPR proof.
- Learn how to make a GDPR compliant survey on our blog.