Show privacy notice

In order to ensure that personal data are processed fairly and lawfully, controllers must provide certain minimum information to data subjects, regarding the collection and further processing of their personal data. Such information must be provided in a concise, transparent, intelligible and easily accessible form, using clear and plain language. For instance see Article 5.1.a, 12-14 of the GDPR and recital 58 and 59 of the GDPR.

One of the ways to comply is by adding a privacy notice to your survey.

You can easily add such a notice by activating the survey setting Show privacy notice in footer. Once activated a link to your own privacy notice will be shown in the footer of the survey and email invitations and you can link to it anywhere using a variable.

1. Go to the survey.
2. Click on Settings and then on Options.
3. Tick the box next to Show privacy notice in footer.

4. Two additional buttons will appear:
   • Click on Edit to type your privacy notice text and Save it. Is your survey multilingual? Repeat for each language.
   • Click on View to review what the privacy notice page will look like to your respondents.
5. Click on Save at the bottom of the Options page.

From now on there will be a link to your Privacy Notice at the bottom of each survey page and email. You can also link to it in a question or elsewhere by adding the variable {{survey.privacyNoticeUrl}}.

You can easily add this variable by clicking on the Variables drop-down menu in the question editor and selecting Privacy Notice there.

Do you often make similar surveys? Then it is interesting to create a reusable privacy notification template at the account level. The account manager can do this at Account > Legal & Compliance > Privacy Notice.

Create a privacy notice template for each language in which you create surveys.

If a survey owner or account manager activates the privacy notification at thesurvey level, the text of this template will be displayed. They can override it at the survey level and also see an option to reset to the privacy notice set at the account level.

Data subjects have the right to be provided with information on the identity of the controller, the reasons for processing their personal data and other relevant information necessary to ensure the fair and transparent processing of personal data. Such information must be provided in a concise, transparent, intelligible, using clear and plain language.

Article 13 of the GDPR is particularly helpful in understanding what information should be included in the privacy notice of a survey. Recitals: 60, 61, 62 can help with interpreting.

We suggest using a header for each of the points covered in article 13:

• Contact details
• Purposes and legal basis of the processing
• Categories of data being processed
• Recipients of the personal data
• Data retention
• Rights of the respondent (See Art. 13.2 and Recital 63 GDPR)
  • Access, rectification, erasure, portability, revocation, complaint
• Existence of automated decision-making, including profiling

These are just suggestions and a starting off point. This list is not meant to be complete. You should seek independent legal advice for the actual privacy notice you will show to respondents, as only a lawyer can provide you with legal advice specifically tailored to your situation.