The General Data Protection Regulation (GDPR) is a regulation intended to strengthen and unify data protection for all individuals within the European Union. We have created a few tools to make it easy for the controller to create GDPR compliant surveys.
Visit our Trust Center to find all relevant documentation for an overview of Questback security and data privacy principles.
The general features are quite simple. For all new quests created after the 25th of May 2018, GDPR will be enabled by default. This means that the controller will have to create a GDPR statement describing the purpose, duration etc. of collecting the data, and that the data subject will have to accept this on a comply page in order to respond to the quest. Moreover, the controller must make sure to flag any question containing personal data (by default, all open answer questions, as well as any uploaded respondent data, will be pre-flagged as personal data). When the retention period set for the personal data is up, all data flagged as personal (as well as the IP address) will be deleted from the system, and the respondent’s e-mail address will be anonymized.
We provide the following features:
The controller can create and edit GDPR statements, that can be used as templates when setting up a GDPR compliant quest.
The controller can apply and edit GDPR settings on GDPR enabled quests
The controller can flag and un-flag questions and respondent data as personal data
Data subjects will be presented with a comply page containing the GDPR statement and will have to comply to this in order to answer the quest.
Any personal data collected before 25th of May, 2018 has been automatically deleted.
Deletion of personal data from responses received prior to enabling GDPR on the quest
You have the option to delete personal data that was collected before you activated GDPR settings for any particular Quest.
You have a running quest with 50 collected responses. The controller enables GDPR and flags a few questions as personal data. The automatic deletion will take care of any new responses coming in, but for the existing responses, pre-GDPR activation, the controller will have to click “Delete personal data pre-GDPR” in order to do the same with the 50 existing responses.
Export and deletion of individual responses
To be able to cater for the GDPR requirements, data subjects (respondents) can request to either have their personal data exported in a readable format or completely deleted. In short this will consist of expanding the current delete function in the responses grid on the follow-up page, as well as when viewing an individual response in follow-up.
When opting to delete a response, the controller will be presented with two options:
Delete complete response (deleting every piece of data from and about a specific respondent)
Delete personal data (only delete data flagged as personal data (including IP address) and show respondent as anonymous.
The export in Essentials already caters for the export of personal data including the option to att IP address to the exported file.
Deletion of invitation data
When the controller uploads any respondent data (and an e-mail address or mobile number), we store this data in a database table separate from the table containing the responses. The system described above will therefore not be able to delete any data connected to the invitation – as opposed to the response. When the data subject responds to the quest, the uploaded invitation data is copied to the response table, and data flagged as the personal will of course be deleted from that table. The data will, however, remain in our system as part of the invitation. This is also true for data subjects who don’t answer the quest.
To cater for this, we will introduce a separate “invitation retention period” to the GDPR settings accordion, where the controller can define how long the data uploaded should remain in our system before being deleted. Moreover, we will also introduce a button for deleting the invitation data uploaded prior to enabling GDPR on the quest.
Example for employee engagement
Company name (controller)
Bogstadveien 54, Oslo
Controller’s representative (if applicable)
Kanzlei Vollpfeifen & Partner
Purpose of each processing operation for which consent is sought
The purpose for the processing of personal data for the defined use case is to comply with company regulations regarding continuous dialogue with employees about their work environment, job satisfaction, career opportunities and other elements relevant to their position in the company. Company will use the personal data in order to assess trends in employee satisfaction over years, in order to pinpoint areas where measures are needed for increased employee satisfaction, or to mitigate negative working environment.
What personal data will be collected and used
Name, email, IP address,
What special categories of personal data will be collected and used
sexual orientation, health information, trade union membership
Criteria used to determine processing period (if no retention period has been defined)
yes if unlimited retention period
after 250 survey are completed
Legal basis for processing
egitimate interest of controller or third party (if applicable)
evaluate and assess customer satisfaction, improve workplace culture and atmosphere
Recipients or categories of recipients of the personal data
HR, Senior managemant
Transfer of data to a non-EU/EEC country or international organisation, and safeguards
transfer to USA based on EU standards clauses
Statutory or contractual requirement (if applicable)
Automated decision making
Information on data subject rights
Information on right to withdraw consent
Information on supervisory authority
Name & contact details of data protection officer (if applicable)
Did you find an answer to your question? Under documentation we have gathered informative descriptions that helps you understand Essential's functionality fully. Through insight work, you raise the level of knowledge in the entire organization