Wellbeing4business takes the following steps to ensure all Welllbeing Surveys are GDPR compliant.
- We ask people to positively opt-in – individuals are invited to take a survey
- We use clear, plain easy to understand language to explain that no personal data will be captured and reports will contain anonymised data
- We explain why we want the data and what we’re going to do with it
- Data can only be analysed on groups larger than 10 people
- Cutting data by demographic groups can only include singular cuts to protect anonymity
- Once the data has been analysed (withing 5 working days) it will be deleted from our Surveymonkey account
- All downloads taken will also be deleted
See – https://www.surveymonkey.co.uk/mp/privacy/
See – https://www.surveymonkey.co.uk/resources/gdpr-white-paper/
Data will not be stored or sent outside of the geographical boundaries of the EU. The Survey Monkey system maintains a European Data Centre. Should any contingency backup to US servers be required, these are covered by the Privacy Shield initiative which is deemed by the European Commission to mean that Survey Monkey has equivalency in terms of the provisions of the GDPR to countries in the EU.
Notification of data breaches – When we are aware of a data breach of personal or sensitive personal data, we understand that we have a 72-hour window to notify the relevant supervisory authority of the breach. Additionally, we must individually notify data subjects of any breach that presents a high risk to their individual rights and freedoms.
- Responsibility – Wellbeing4business Ltd
- Security and rapid response – Surveymonkey
Contact us on 01257453645 or email email@example.com