At Step 1, select the Website option or App option or both.
Answer some questions about your website or app.
Answer some questions about your business.
- 1.1. Privacy Laws
- 1.2. Survey Hosting Platforms
- 2.1. Identify Who is Conducting the Survey
- 2.2. What Personal Information Your Survey/Website Collects, and How
- 2.3. How Collected Information is Used
- 2.5. How You Keep Data Safe and Secure
- 2.6. How You Share Information
- 3. Summary
All surveys have the potential to collect personal information. You need to collect names and login information so you can verify that surveys are completed by people and not bots. Also, surveys frequently request demographic information that may help determine sales trends.
The laws have subtle differences, but they share many common elements.
One is how they define personal information.
Email addresses, GPS locations, screen names, mailing addresses or general location (even if it is just a city name) are considered protected personal information under privacy laws.
Note that if you delve into sensitive personal information, like sexual orientation, religion, ethnicity or political affiliations, your responsibilities for keeping that information safe increase.
Survey Hosting Platforms
Third party services that allow you to distribute apps or send mass emails generally require Privacy Policies. Survey hosting platforms may either require this, or recommend it.
SurveyMonkey starts by explaining why disclosing privacy practices is important and how it should be done. It then includes a list of what privacy statements often include:
These suggestions align closely with current privacy laws. Even basic Privacy Policies should include this information.
SurveyMonkey offers other guidance and suggestions about good privacy protections. These elements are often integrated into Privacy by Design plans that many corporations have already adopted to increase information security.
SurveyMonkey suggests that you only collect what personal information is necessary and only keep it for as long as necessary:
Another recommendation by SurveyMonkey is to include a consent statement. This assures your privacy terms are accepted and survey respondents understand that they are sharing personal data with you:
As users move through the survey questions, they're reminded not to include any personal information. This helps protect user privacy and can help with the "notice" aspect of compliance with privacy laws:
Identify Who is Conducting the Survey
This is a good way of making it clear what companies have access to the personal information collected by a survey.
What Personal Information Your Survey/Website Collects, and How
Here's how SurveyMonkey does this, and mentions its surveys specifically:
Apple notes that it may collect information during a number of interactions, including when participating in an online survey:
Snap Surveys describes information it may hold via surveys its clients put out. It notes that the company running the survey remains the controller of the data, and that Snap Surveys will only process the data in accordance to the agreements between itself and the third party running the survey:
It makes your intentions clear and prevents misunderstanding.
How Collected Information is Used
Just as with any other collection of personal data, you must describe how you use information you collect from surveys.
The respondent data section includes a lot of details on how everything from cookies to contact information is used. A section specific to how survey data is used can be seen here:
If you host surveys for others, consider using this approach from Snap Surveys. Chances are, your data handling will be different for your client's information than for respondents. Making this clear maintains your compliance with relevant privacy laws.
If you hire a third party to manage your surveys, you will need to mention them in a separate paragraph on service providers or among the third parties who see your data.
Surveys may have cookies if the client requests them or if tracking needs to continue after the survey.
SurveyMonkey's Cookies clause is very detailed and includes paragraphs for each different purpose cookies work to serve, such as to gather metrics, to personalize content and for security reasons:
How You Keep Data Safe and Secure
Data is often stored longer with surveys because it can take time to process. If you are a third-party provider, you may have to keep it safe for clients for awhile. This means you need to reassure users that their data will be secure, and be clear about your storage and security measures.
Snap Surveys offers a detailed description of its security measures, including encryption, secured servers and following industry best practices:
Share as much information about your security measures as you are comfortable with doing. Not only is this reassuring to your users, but it shows you've taken reasonable steps to prevent a security breach.
How You Share Information
The difference between surveys and general web services is that surveys exist for the sole reason of collecting and sharing information. You also need to describe reasons for sharing that do not fall within the surveys. These include mergers and acquisitions involving your company, responding to legal procedures, enforcing other online agreement, and business dissolution or bankruptcy.
Here's how Apple lets users know how personal information may be disclosed for a variety of purposes:
Surveys are an important part of marketing, business analytics and getting to know your customer and user base in beneficial ways.
However, survey data is often personal or sensitive.
Make sure to disclose what personal information you are collecting, how it's collected, what you do with it, such as sharing it and securing it, as well as other specifics that may be required by privacy laws in your jurisdiction.