Privacy Policy


SurveyShack Privacy Policy

We will never sell or unlawfully disclose any information or personal data from any of our customers, respondents or site visitors at any time; ever!

As a software service and managed service provider, SurveyShack provides you, our customer, with two-way communication tools and services. Therefore, we collect and deliver information that belongs to you and your respondents, not us. We’ve created this privacy policy to explain how SurveyShack handles your data and your personal information.

This Privacy Policy applies to information collected on our site www.surveyshack.com as well as to all of our software tools, products, and other services. We refer to all of our products, software tools, services, and sites collectively as our “Services.” This Privacy Policy sets out how we use your information in the delivery of our Site and Services.

Our Privacy FAQ and Key Privacy Issues

If you create surveys or use our software tools for 360-degree appraisal or performance management:

  • Your data is owned by you. Your data is private, and your data is yours. You control your data; how you release it or use it is up to you. We don’t sell your information to anyone and we don’t use the responses you collect for any purpose other than to provide services to you. But we do comply with the law, so under limited circumstances we could be required to release your information (e.g., if we are compelled by a court order).
  • We don’t use your respondents’ email addresses other than for the purposes we have agreed with you. We make it easy for you (or us on your behalf) to invite people to respond to your surveys or appraisal requests by letting you upload email lists, in which case we act only as custodians of your data. We don’t sell your email lists, and we use them only as directed by you and in accordance with this Privacy Policy. The same is true for any email addresses you collect with your surveys.
  • You act as the data controller to your respondents. We enable you to communicate your compliance statements regarding data handling and privacy. As such, you are responsible for honouring respondent requests under EU privacy regulations.
  • We act as a data processor to respondents. Our tools enable you to securely collect respondent information and the ability to comply with data processing consent/notification requirements.
  • We act as a data controller for your account information. When you place an order with us we collect the minimal required information to deliver our services and communicate with you. This information is never sold.
  • We’re serious about data security. Please see our Data Security policy.
  • You determine where data travels. Data created on surveyshack tools will use the EU Linode Cloud Hosting data centre in London, UK. Surveys created on www.surveygizmo.eu will use the EU AWS data centre in Frankfurt, Germany. What happens to the data after we collect it is up to you, our customer.
  • Customer Information you provide to us
    • Registration information (e.g., usernames, password, and email addresses).
    • Billing information (e.g. billing details and financial information associated with your selected payment method or bank account details). We don’t store any credit card information.
    • Account settings (e.g., your account settings page, account preferences, and personal details like your default language, time zone, etc.).
    • Email lists (e.g., email lists you upload to invite people to take your surveys via email or email details you upload or provide to us to establish users for your performance management or appraisal process). We don’t use your email lists or any email addresses you collect through your surveys, except to assist you at your direction (e.g. if your email list isn’t sending correctly or you wish us to make a prize draw for a managed service) or to establish users in a performance management or appraisal tool that we provide to you.

If you respond to performance management or 360-degree appraisal requests:

  • Appraisal creators administer + control appraisals. We are only a service provider/processor for surveys using our performance management and 360-degree appraisal tools, processing data on behalf of our customer. Survey creators administer and have control over their surveys, while we host their tool and software service for them or provide a managed service for them. If you have questions about a particular invitation or appraisal request you’re taking, please contact your appraisal creator or administrator.
  • Are your responses sold to a third party? We do not sell or share your responses with third party advertisers or marketers or any third party of any kind – ever! The appraisal creator tools administrator controls your response data, and we merely act as a processor and a host on behalf of the survey creator while the information is in our custody.
  • Respondent Information provided to us:
    • Appraisal responses (e.g., what respondents answer in our tools)
    • Email list info (e.g., from email addresses, names, or other contact info from email lists that Customers provide and upload)
    • Customer + Respondent Information
      • Usage info (e.g., visitor logs including IP address, cookies, etc.)
      • Device info (e.g., which browser used, which OS, etc.)
      • Referral source (e.g., which source or link referred respondent to tool)
      • Page tag data (e.g., clear gifs, web beacons, web bugs)

 

If you answer surveys:

  • Survey creators administer + control surveys. We are only a service provider/processor for surveys using Survey Gizmo’s (our sub processor) platform, processing data on behalf of our customer. Survey creators administer and have control over their surveys, while we host their platform and software service for them. If you have questions about a particular survey you’re taking, please contact your survey creator.
  • Are anonymous responses really anonymous? Each survey creator has different options for collecting different kinds of information about respondents. Contact your survey creator for specific information about your survey. We also have more info about Survey Gizmo’s anonymous response options here.
  • Are your survey responses sold to a third party? We or our sub processors do not sell or share your survey responses with third party advertisers or marketers. The survey creator controls your response data, and we merely act as a processor and a host on behalf of the survey creator while the information is in our custody.
  • Respondent Information provided to us:
    • Survey responses (e.g., what respondents answer on surveys)
    • Email list info (e.g., from email addresses, names, or other contact info from email lists that Customers provide and upload)
    • Customer and Respondent Information collected from tracking technologies:
      • Usage info (e.g., visitor logs including IP address, cookies, etc.)
      • Device info (e.g., which browser used, which OS, etc.)
      • Referral source (e.g., which source or link referred respondent to survey)
      • Page tag data (e.g., clear gifs, web beacons, web bugs)

 

If you are an EU resident or customer, you have the following rights:

  • Under the GDPR, you as a respondent are provided specific rights in regard to the handling of your information. You may request the following from the data controller:
    • The right to be informed
    • The right of access
    • The right to rectification
    • The right to erasure
    • The right to restrict processing
    • The right to data portability
    • The right to object
    • Rights in relation to automated decision making and profiling.

Issue resolution

        Issues from the EU regarding GDPR complaints, questions, and comments can be directed to:

Mail:

Information Commissioner’s Office:

  • Wycliffe House
  • Water Lane
  • Wilmslow
  • Cheshire
  • SK9 5AF
  • Phone: Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
  • Online: https://ico.org.uk/concerns/

       The SurveyShack data privacy contact can be reached at:

       Data Protection Officer:

  • SurveyShack (SSL) Ltd,
  • Mountbatten House
  • Fairacres, Windsor
  • Berks, SL4 4LE 
  • Phone: +44 207 112 1960
  • Email: enquiries@surveyshack.com

       The SurveyGizmo data privacy contact can be reached at:

       Security and Compliance Manager:

 

 

What kind of information SurveyShack (or our sub processor SurveyGizmo collects)

Customer Information: Your name and contact information, including: company name, name of contact, title of contact, company address, telephone number, email address, user name and password, and billing information. We don’t store any credit card information. Customers also provide us with information regarding the ordered Services (e.g., the type of account plan Customers pay for, account preferences, use of survey options or preferences, etc.). In addition to the information you actively provide to us, we also collect information from other sources regarding when and how often you log on to our Site. (See “Tracking Technologies” below.)

We will not — under any circumstances — sell or rent Customer or Respondent Information to any third party.

Respondent Information: We receive Respondent Information from performance management, appraisal tools and survey respondents.

If you’re using the SurveyGizmo email campaign distribution method, you provide us with the email address, and optionally other contact information, of each Respondent. Before receiving that information, we contractually require the Customer to warrant that it has a pre-existing relationship with the Survey Respondent and/or the Survey Respondent’s permission to receive electronic messages. We reserve the right to identify you as the person who has made the referral in any message that is sent to them. Permission is considered to be granted when a contact has asked to be subscribed to a list and an email is sent to confirm the validity of the email. This “double opt-in” process ensures that all contacts have been given permission to receive bulk email and that they have provided a valid email address that will not result in bounced messages or SPAM abuse reports.

Survey Respondents provide us with the information requested by you (for example, if your survey question asks about the respondent’s gender or post code) as well as all answers to the survey questions. Customers are solely responsible for the content of the surveys and response data as well as complying with all applicable laws and regulations that might apply to the content that is solicited by Customers, as we state in our terms and conditions. As one of our software features for our Customers, we can record: (i) if and when a Respondent has responded and (ii) if and when a Respondent has received a reminder. In addition, we receive any information contained in any communications a Survey Respondent makes directly with us. (See “Tracking Technologies” below.)

We will not – under any circumstances – use Respondent Information for any purpose other than to provide services to our Customers.

We log Customer and Survey Respondent Internet Protocol (IP) addresses to confirm the accuracy of survey data and Survey Respondent IP addresses may in some case by our sub processor also be converted into geo-data for Customers within the software. For our software system administration purposes, we also log a user’s session so that we know when, how often and what pages of the Site a user visits. To avoid the need to re-insert your username and password every time you and your Survey Respondents move from one page of our Site to the next, we use a cookie. (See “Tracking Technologies” below.) We also collect information from our Customers and Respondents regarding the devices and applications used to access our services (like browser type and operating system) and referral sources (if you arrived from another website or email).

You can login to the SurveyGizmo site using third party sign-in services such as Google Accounts Authentication and Authorization. These services authenticate your identity and give you the choice to share certain types of personal information with us (like your name and email address) to pre-populate your login.

The SurveyGizmo site includes social media features as part of our distribution methods. These features, including the Facebook Post or Twitter Post buttons, may collect your IP address, which page you are visiting on the site, and may set a cookie to enable the feature to function properly. These features are hosted by a third party social media network (like Twitter or Facebook). Your interactions with these features are governed by those third party social media networks’ privacy policies.

Customers collect information using our Services. As a service provider for our Customers, we and our sub processors act as a custodian for that information. We provide features and services for Customers to provide notice to their end users or customers concerning the legal accountability for the collection of information. To protect the privacy of our Customers, we cannot disclose private information to end users regarding our Customers’ accounts.

Tracking Technologies We Use on Our Site and Services Platforms

Cookie Policy

Please read this Cookie Policy before you use our website or provide information on or through this Site. Your use of our website signifies that you agree with this Cookie Policy. If you disagree with any part of this Cookie Policy, please don’t use the website.

Like most other websites, SurveyShack uses “cookies” to collect data about visitors. Cookies are alphanumeric identifiers stored on your computer’s hard drive through your Web browser for the purpose of identifying you when you visit a site or page. Cookies enable us to recognize your browser when you visit and to tell us whether you and other visitors have visited the website previously. For these purposes your cookies are tied to personally identifiable information (like your email address). If you have provided your name or other contact information to us via a web form, we are able to tie that information back to the cookie.

Cookies can be either temporary session cookies that expire at the end of a user session when the browser is closed or persistent cookies that remain on your hard drive for an extended period of time. We use persistent cookies. A persistent cookie can remain on your hard drive for an extended period of time.

We set cookies when you visit our website, respond in our tools, or take a survey. Cookies are used to:

  • Identify whether a user is logged in, for security purposes, and to allow the use of software features
  • Allow us to see how visitors use our website (these may be third party cookies like Google Analytics)
  • Identify a unique survey response when you are a Respondent taking a survey

You can change the settings on your browser to prevent new cookies from being set, or to notify you when a new cookie is set. Each browser is different, but the Help section for the browser will be able to show you how to change cookie preferences or clear your cookies from time to time. If you do block cookies it may impact your experience and you may not be able to take advantage of all features of our software.

Clear Gifs (Web Beacons/Web Bugs)

Our customers can use software features that will enable clear gifs (a.k.a. Web Beacons/Web Bugs) in survey distribution email campaigns to Survey Respondents. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.

We may also uses clear gifs in our HTML-based emails to you our customers and users to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. If you would like to opt-out of promotional emails, please follow the unsubscribe instructions included in each promotional email.

Data Collection Technology Available to Our Customers

For more information on technology available to our customers in collecting data and information on survey respondents, please visit the relevant help sections on the surveygizmo website in respect to the listed software features below:

SurveyGizmo Software Features: Data Collection Technologies

  • SurveyGizmo Features: Data Collection and Distribution Methods
  • Identify Respondent Info: Who took my survey?
  • Track Email Opens
  • sguid the URL Variable: Save and Continue, Unique Links, and Duplicate Protection
  • Save and Continue Tutorial
  • Merge Codes Tutorial
  • Hidden Values Tutorial
  • Get Data Into a Survey Through Prepopulation
  • Sending Values through the URL Redirect Action
  • Prevent Duplicate Responses

Integrations

The SurveyGizmo site includes a variety of integrations with third party services, such as ExactTarget and Salesforce (for a list of integrations, visit our Integrations page). These integrations may use your account information with the third party, collect your IP address, which page you are visiting on the site, and may set a cookie to enable the Integration to function properly. Integrations are either hosted by a third party or hosted directly on the website. Your interactions with these Integrations are governed by the privacy policy of the third-party company providing the Integration.

Blogs/Forums

If you use our blogs or any forums associated with our site, keep in mind that any personally identifiable information you submit there can be read, collected, or used by other users, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums or blog comments.

How we use the information we collect

We use Customer Information in our normal course of business, including to contact you regarding technical support, discuss billing issues, or to bring to your attention any aspect of our mutual business. We may also use your contact information to provide you with policy or product updates or to introduce new products and services provided you have indicated that you do not object to being contacted for these purposes.

If you do not wish to receive promotional emails from us, you can tell us not to either at the point such information is collected (by checking or unchecking (as directed) the relevant box) or by following the unsubscribe instructions included in each promotional email. We send service-related announcements when necessary to do so, and generally, you may not opt-out of these communications, which are not promotional in nature.

All Respondent Information is stored in our databases for our Customers’ benefit. At your direction, we use a Survey Respondent’s email address (and at your option other contact information) to send survey invitations, reminders, and whatever other communications you choose to use. We also use Respondent Information to improve the performance of our website and Services by analysing site and user behaviour, troubleshooting technical problems, resolving disputes and addressing complaints, and addressing compliance issues with our Terms and conditions.

We require our Customers to warrant their compliance with SPAM legislation in Europe and elsewhere, and we may have additional approval processes surrounding email campaigns. We also have a software program that alerts us about certain kinds of illegal or dangerous behaviour in accounts. However, we don’t provide monitoring services to you, on your behalf, or otherwise search or monitor for illegal or illicit or other behaviour in your account. As part of our terms and conditions Customers maintain and warranty sole responsibility over their behaviour, use of our software tools and services, and whatever content is inserted into or solicited by our software. We make no representations or warranty over our Customers’ use of our services, nor do we control our Customers’ behaviours. If you think there may be any violations of our Terms, please report it to us at enquiries@surveyshack.com

We collect information on behalf of our Customers. If you are an end user or customer of one of our Customers and would no longer like to be contacted by one of our Customers that use our service, please contact that Customer directly.

Our Staff’s Access to Information

Our staff will only access your data at a minimum necessary standard, in order to provide technical or administrative support. For instance, if you open a support ticket, use our consulting or managed services, call our telephone support, or your account is flagged for a security reason, then our staff may log into your account for the purpose of troubleshooting and correcting the reported issue or performing their contracted task. We will not for any reason disseminate your data other than as you have directed (e.g. email actions, sending reports, etc.). All your data is subject to confidentiality clauses in our terms and conditions.

Data Retention and Deletion / Destruction

We retain data that we process on behalf of our Customers and data we collect from our Customers directly for as long as it is needed to provide services to our Customers. We will retain and use this data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Sometimes users have specific needs under institutional or legal requirement. For instance, occasionally data needs to be completely destroyed after its intended use. In many cases (e.g. when a customer stops paying for an account, downgrades to a different account plan, etc.), data is retired and locked away rather than actually destroyed. In most cases this makes the loss retrievable in the event of a mistake. We can, however, comply with a request for total data destruction; you just need to let us know.

Links to Other Sites

Our website may contain inks to other websites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other websites. We encourage you to be aware when you leave our website and to read the privacy statements of each and every website that collects personally identifiable information.

Who we share or disclose information to

We do not share information with any third parties except under the following very limited circumstances:

  1. Respondent Information with Customer: Our business is providing tools that allow you, our Customer, to conduct two-way communications with others. Accordingly, we provide you with access to the Respondent Information given in answer to the performance management, appraisal or surveys you have conducted. You may use the Respondent Information consistent with terms and conditions, your own privacy policy, and applicable law.
  2. As Customers and Respondents Choose: We may share or otherwise use your Customer Information as you choose, and we may share Respondent Information as both you and the Survey Respondent choose. For example, if you choose to have an email action send a copy of the survey response to the survey creator, survey respondent, and/or a third party.
  3. Agents Acting on Our Behalf: We may share some of your Information with other companies who provide us with technical and other type of services such as a data hosting centre. They are contractually bound under nondisclosure agreements and are granted access to only Information that is necessary for their jobs and are prohibited from using Information for any other purpose (including marketing or sharing the Information with any other party). We do not share any personally identifiable information with third parties who are not services providers who have signed confidentiality agreements to perform services for us.
  4. For Legal Reasons: We are required by law to respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share your Information to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms and conditions, or as otherwise required by law.
  5. Affiliates and Acquisition: We may share Information with our sub processors and their affiliated companies, products, and services (e.g., PeopleGizmo, HelpGizmo, etc.) or during any real or potential acquisition or merger of our company by or with another. We will notify you if your Information becomes subject to a different privacy policy.

Data archiving / Deletion

When you cease to pay for your account we will archive your data. You can re-access your data to be deleted by yourself or your users by paying for a monthly subscription that will allow you access the data for use (e.g. local storage on your computer, etc.) before deletion. Alternatively, if you do not require access before deletion, you can contact us directly in writing as stated above.

Once a Respondent has submitted a response, the Respondent may not be able to access his/her Information through the Services. We can sometimes facilitate Respondents to re-access responses, but that must be enabled by either the Survey Creator or requested by the Services Administrator. Respondents may contact you and you, in turn, will be able to view the Respondent’s collected Information and, where appropriate, work with us in modifying such Information.

 

Data security

We have extensive security measures in place to protect your Information, and we are committed to the protection of your data. Unique user names and passwords must be entered each time a person logs on. We work with third party data centre service providers, to host our Services, and Software in a secure production environment that uses a firewall and other technology to reasonably prevent access from outside intruders. When transmitting sensitive Survey Information, we also have encryption technology available for your use. Please visit the relevant help sections on the surveygizmo website in respect to Project Data Encryption and Secure Links.

All of our technology and processes are not, however, guarantees of security (see our Terms and Conditions for more information). You should also bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via the Services whilst it is in transit over the internet and any such submission is at your own risk.

For more information on our security measures, get in touch with us at support@surveyshack.com and at +44 207 112 1960 or view our security policy

 

SurveyGizmo Software Features: Security & Privacy

  • SurveyGizmo Features: Security & Reliability Overview
  • Project Data Encryption
  • Anonymous Surveys
  • Secure Email Invite Links
  • Private Domains
  • How to Use Secure (SSL) Survey Links
  • Force Only Secure (HTTPS) Share Links (For Account Administrators)
  • Password Security Settings Tutorial (For Account Administrators)
  • SurveyGizmo Security: How Secure is SurveyGizmo?
  • Data Security: Data Destruction + Privacy Configuration
  • Tips for the Collection of Sensitive Data – Best Practices Blog Post

Account Ownership Transfer

If you choose and to transfer your account billing information and point of contact information (e.g. the individual who registers for the account or the user designated within our Services as the main account administrator) to another individual or organisation, ownership over all of your account’s data is therefore transferred to that individual or organisation. This data may include confidential information, account preferences, surveys, survey response data, and/or custom reports, customized surveys or software code that you may have purchased with our professional services team. Data and account ownership transfer responsibilities lie solely with the customer. SurveyShack cannot and does not monitor how or why a customer or user may transfer data or account ownership.

Changes in the Privacy Policy

As we are constantly improving our services and expanding our business, we reserve the right to modify this privacy policy at any time. In the event we make such changes, we will post the new policy on this website with an update date. We encourage you to frequently review this page for the latest information on our privacy practices.

Effective: May 29, 2018