Privacy Policy


SurveyShack Privacy Policy

We will never sell or unlawfully disclose any information or personal data from any of our customers, respondents or website visitors at any time; ever!

As a software service and managed service provider, SurveyShack provides you, our customer, with two-way communication tools and services. Therefore, we collect and deliver information that belongs to you and your respondents, not us. We’ve created this privacy policy to explain how SurveyShack handles your data and your personal information.

This Privacy Policy applies to information collected on our site www.surveyshack.com as well as to all of our software tools, products, and other services. We refer to all of our products, software tools, services, and sites collectively as our “Services.” This Privacy Policy sets out how we use your information in the delivery of our website and Services.

We are also an approved reseller of the Survey Gizmo survey tool, licensing and providing managed survey services using this tool on behalf of our Customers. In this respect Survey Gizmo is a Sub Processor of our Customers’ Data. We have a data processing addendum in place with Survey Gizmo and we have a joined-up privacy policy in respect to how Survey Gizmo handles your data and your personal information. If you licence a Survey Gizmo tool through SurveyShack, or if we provide you with a managed survey service using their survey tool, please visit https://www.surveygizmo.com/privacy/ for details of their Privacy Policy to which we fully subscribe.

When we resell a Survey Gizmo licence to you or provide you with a managed survey service, we will default to hosting your data in cloud-based servers within the EU. Surveys created on www.surveygizmo.eu will use the AWS data centre in Frankfurt, Germany. We will provide tier 1 support within the EU, but you may on occasion require tier 2 support from Survey Gizmo in the US, which would require some limited amount of your data to be viewed from the US (outside of EU). This is also true for licence commissioning purposes, when Survey Gizmo will collect the minimal required information to deliver their services and communicate with you. This information is never sold by Survey Gizmo. Survey Gizmo fully complies with the GDPR.

Our Privacy FAQ and Key Privacy Issues

If you use or administer our software tools for 360-degree appraisal or performance management:

  • Your data is owned by you. Your data is private, and your data is yours. You control your data; how you release it or use it is up to you. We don’t sell your information to anyone and we don’t use the responses you collect for any purpose other than to provide services to you. But we do comply with the law, so under limited circumstances we could be required to release your information (e.g., if we are compelled by a court order).
  • We don’t use your respondents’ email addresses other than for the purposes we have agreed with you. We make it easy for you (or us on your behalf) to invite people to respond to feedback or appraisal requests by letting you upload email lists, in which case we act only as custodians of your data. We don’t sell your email lists, and we use them only as directed by you and in accordance with this Privacy Policy. The same is true for any email addresses you submit to our tools or collect within your feedback
  • You act as the data controller to your respondents. We enable you to communicate your compliance statements regarding data handling and privacy. As such, you are responsible for honouring respondent requests under EU privacy regulations.
  • We act as a data processor to respondents. Our tools enable you to securely collect respondent information and the ability to comply with data processing consent/notification requirements.
  • We act as a data controller for your account information. When you place an order with us, we collect the minimal required information to deliver our services and communicate with you. This information is never sold.
  • We’re serious about data security. Please see our Data Security policy.
  • You determine where data travels. Data created on SurveyShack tools will use the EU Linode Cloud Hosting data centre in London, UK. What happens to the data after we collect it is up to you, our customer.
  • Customer Information you provide to us
    • Registration information e.g. usernames, password, and email addresses.
    • Billing information e.g. billing details and financial information associated with your selected payment method or bank account details. We don’t store any credit card information.
    • Account settings e.g. your account settings page, account preferences, and personal details like your default language, time zone, etc..
    • Email lists e.g. email lists you upload or provide to us to establish users for your performance management or appraisal process. We don’t use your email lists or any email addresses, except to assist you at your direction e.g. if your email list isn’t sending correctly or to establish users in a performance management or appraisal tool that we provide to you.

If you respond to performance management or 360-degree appraisal requests:

  • Appraisal creators administer and control appraisals. We are only a service provider/processor of feedback data using our performance management and 360-degree appraisal tools, processing data on behalf of our customer. Your administrator administers and has control over their content, while we host their tool and software service for them or provide a managed service for them. If you have questions about a particular invitation or appraisal request, you’re taking, please contact your appraisal creator or administrator.
  • Are your responses sold to a third party? We do not sell or share your responses with third party advertisers or marketers or any third party of any kind – ever! The appraisal creator tools administrator controls your response data, and we merely act as a processor and a host on behalf of the survey creator while the information is in our custody.
  • Respondent Information provided to us:
    • Appraisal responses e.g. what respondents answer in our tools
    • Email list info e.g. from email addresses, names, or other contact info from email lists that Customers provide and upload
  • Customer and Respondent Information
    • Usage info e.g. visitor logs including IP address, cookies, etc.
    • Device info e.g. which browser used, which OS, etc.
    • Referral source e.g. which source or link referred respondent to tool
    • Page tag data e.g. clear gifs, web beacons, web bugs
    • Before receiving that information, we require the Customer to warrant that it has a pre-existing relationship with the Respondent and/or the Respondent’s permission to receive electronic messages. We reserve the right to identify you as the person who has made the referral in any message that is sent to them.
    • Respondents provide us with the information requested by you e.g.if your question asks about the respondent’s self-assessment against a set of criteria or their level of attainment against an objective, as well as all answers to the appraisal questions. Customers are solely responsible for the content of the questionnaires and response data as well as complying with all applicable laws and regulations that might apply to the content that is solicited by Customers. As one of our software features for our Customers, we can record: (i) if and when a Respondent has responded and (ii) if and when a Respondent has received a reminder. In addition, we receive any information contained in any communications a Respondent makes directly with us.

We will not – under any circumstances – use Respondent Information for any purpose other than to provide services to our Customers.

If you are an EU resident or customer, you have the following rights:

  • Under the GDPR, you as a respondent are provided specific rights in regard to the handling of your information. You may request the following from the data controller:
    • The right to be informed
    • The right of access
    • The right to rectification
    • The right to erasure
    • The right to restrict processing
    • The right to data portability
    • The right to object
    • Rights in relation to automated decision making and profiling.

Issue resolution

Issues from the EU regarding GDPR complaints, questions, and comments can be directed to:

Mail:

Information Commissioner’s Office:

  • Wycliffe House
  • Water Lane
  • Wilmslow
  • Cheshire
  • SK9 5AF
  • Phone: Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
  • Online: https://ico.org.uk/concerns/

The SurveyShack data privacy contact can be reached at:

Compliance Manager:

  • SurveyShack (SSL) Ltd,
  • Mountbatten House
  • Fairacres, Windsor
  • Berks, SL4 4LE 
  • Phone: +44 207 112 1960
  • Email: enquiries@surveyshack.com

 

Cookie Policy

Please read this Cookie Policy before you use our website or provide information on or through our website. Your use of our website signifies that you agree with this Cookie Policy. If you disagree with any part of this Cookie Policy, please don’t use the website.

Like most other websites, SurveyShack uses “cookies” to collect data about visitors. Cookies are alphanumeric identifiers stored on your computer’s hard drive through your Web browser for the purpose of identifying you when you visit a site or page. Cookies enable us to recognize your browser when you visit and to tell us whether you and other visitors have visited the website previously. For these purposes your cookies are tied to personally identifiable information (like your email address). If you have provided your name or other contact information to us via a web form, we are able to tie that information back to the cookie.

Cookies can be either temporary session cookies that expire at the end of a user session when the browser is closed or persistent cookies that remain on your hard drive for an extended period of time. We use persistent cookies. A persistent cookie can remain on your hard drive for an extended period of time.

We set cookies when you visit our website, respond in our tools. Cookies are used to:

  • allow us to see how visitors use our website (these may be third party cookies like Google Analytics)

You can change the settings on your browser to prevent new cookies from being set, or to notify you when a new cookie is set. Each browser is different, but the Help section for the browser will be able to show you how to change cookie preferences or clear your cookies.

Clear Gifs (Web Beacons/Web Bugs)

Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages.

We may also use clear gifs in our HTML-based emails to you our customers and users to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. If you would like to opt-out of promotional emails, please follow the unsubscribe instructions included in each promotional email.

Integrations

SurveyShack software tools include a variety of integrations with third party services, such as Mailgun for email distribution of invitations and reminders. These integrations may use your email information with the third party. These Integrations are hosted by a third party and are usually encrypted and hosted in the EU. Your interactions with these Integrations are governed by the privacy policy of the third-party company providing the Integration.

Blogs/Forums

If you use our blogs or any forums associated with our website, keep in mind that any personally identifiable information you submit there can be read, collected, or used by other users, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums or blog comments.

How we use the information we collect

We use Customer Information in our normal course of business, including to contact you regarding technical support, discuss billing issues, or to bring to your attention any aspect of our mutual business. We may also use your contact information to provide you with policy or product updates or to introduce new products and services provided you have indicated that you do not object to being contacted for these purposes.

If you do not wish to receive promotional emails from us, you can tell us not to either at the point such information is collected (by checking or unchecking (as directed) the relevant box) or by following the unsubscribe instructions included in each promotional email. We send service-related announcements when necessary to do so, and generally, you may not opt-out of these communications, which are not promotional in nature.

All Respondent Information is stored in our databases for our Customers’ benefit. At your direction, we use a Survey Respondent’s email address (and at your option other contact information) to send user invitations, reminders, and whatever other communications you choose to use. We may also use Respondent Information to improve the performance of our website and Services by analysing site and user behaviour, troubleshooting technical problems, resolving disputes and addressing complaints, and addressing compliance issues with our Terms and conditions.

As part of our terms and conditions Customers maintain and warranty sole responsibility over their behaviour, use of our software tools and services, and whatever content is inserted into or solicited by our software. We make no representations or warranty over our Customers’ use of our services, nor do we control our Customers’ behaviours. If you think there may be any violations of our Terms, please report it to us at enquiries@surveyshack.com

We collect information on behalf of our Customers. If you are an end user of one of our Customers and would no longer like to be contacted by one of our Customers that use our service, please contact that Customer directly.

Our Staff’s Access to Information

Our staff will only access your data at a minimum necessary level, in order to provide technical or administrative support. For instance, if you open a support ticket, use our consulting or managed services, call our telephone support, or your account is flagged for a security reason, then our staff may log into your account for the purpose of troubleshooting and correcting the reported issue or performing their contracted task. We will not for any reason disseminate your data other than as you have directed (e.g. email actions, sending reports, etc.). All your data is subject to confidentiality clauses in our terms and conditions.

Data Retention and Deletion / Destruction

We retain data that we process on behalf of our Customers and data we collect from our Customers directly for as long as it is needed to provide services to our Customers. We will retain and use this data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Sometimes users have specific needs under institutional or legal requirement. For instance, occasionally data needs to be completely destroyed after its intended use. In some cases (e.g. when a customer stops paying for an account, downgrades to a different account plan, etc.), data can be retired and locked away rather than actually destroyed. In most cases this makes the loss retrievable in the event of a mistake. We can, however, comply with a request for total data destruction; you just need to let us know.

Links to Other Sites

Our website may contain inks to other websites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other websites. We encourage you to be aware when you leave our website and to read the privacy statements of each and every website that collects personally identifiable information.

Who we share or disclose information to

We do not share information with any third parties except under the following very limited circumstances:

  1. Respondent Information with Customer: Our business is providing tools that allow you, our Customer, to conduct two-way communications with others. Accordingly, we provide you with access to the Respondent Information given in answer to the performance management or appraisal you have conducted. You may use the Respondent Information consistent with terms and conditions, your own privacy policy, and applicable law.
  2. As Customers and Respondents Choose: We may share or otherwise use your Customer Information as you choose, and we may share Respondent Information as both you and the Respondent choose. For example, if you choose to have an email action send a copy of a response to the tool administrator or your manager, respondent, and/or a third party.
  3. Agents Acting on Our Behalf: We may share some of your Information with other companies who provide us with technical and other type of services such as a data hosting centre. They are contractually bound under nondisclosure agreements and are granted access to only Information that is necessary for their jobs and are prohibited from using Information for any other purpose (including marketing or sharing the Information with any other party). We do not share any personally identifiable information with third parties who are not services providers who have signed confidentiality agreements to perform services for us.
  4. For Legal Reasons: We are required by law to respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share your Information to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms and conditions, or as otherwise required by law.
  5. Affiliates and Acquisition: We may share Information with our sub processors and their affiliated companies, products, and services or during any real or potential acquisition or merger of our company by or with another. We will notify our Customers if your Information becomes subject to a different privacy policy.

Data archiving / Deletion

When you cease to pay for your Services, we will either archive or delete your data upon your instructions. We will allow you access the data for use (e.g. local storage on your computer, etc.) before deletion. Alternatively, if you do not require access before deletion, you can contact us directly in writing as stated above.

Once a Respondent has submitted a response, the Respondent may not be able to access his/her Information through the Services. We can sometimes facilitate Respondents to re-access responses, but that must be requested by the Services Administrator. Respondents may contact you and you, in turn, will be able to view the Respondent’s collected Information and, where appropriate, work with us in modifying such Information.

Data security

We have extensive security measures in place to protect your Information, and we are committed to the protection of your data. Unique user names and passwords must be entered each time a person logs on. We work with third party data centre service providers, to host our Services, and Software in a secure production environment that uses a firewall and other technology to reasonably prevent access from outside intruders.

All of our technology and processes are not, however, guarantees of security (see our Terms and Conditions for more information). You should also bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via the Services whilst it is in transit over the internet and any such submission is at your own risk.

For more information on our security measures, get in touch with us at support@surveyshack.com and at +44 207 112 1960 or view our security policy

 

Account Ownership Transfer

If you choose and to transfer your account billing information and point of contact information (e.g. the individual who registers for the account or the user designated within our Services as the main account administrator) to another individual or organisation, ownership over all of your account’s data is therefore transferred to that individual or organisation. This data may include confidential information, response data, and/or custom reports, customised software code that you may have purchased with our professional services team. Data and account ownership transfer responsibilities lie solely with the customer. SurveyShack cannot and does not monitor how or why a customer or user may transfer data or account ownership.

Changes in the Privacy Policy

As we are constantly improving our services and expanding our business, we reserve the right to modify this privacy policy at any time. In the event we make such changes, we will post the new policy on this website with an update date. We encourage you to frequently review this page for the latest information on our privacy practices.

Effective: May 25th, 2018

Updated: Nov 22nd, 2018