How Can You Make Sure that Your Surveys Are GDPR Complaint?

Maulik Shah
Jun 06,2018

    While we write this, implementation of giant – GDPR (General Data Protection Regulation) has already taken place. As we all know; its implementation will have a huge impact on the way in which organizations manage their customers’ personal data. But even at this stage, there are several confusions amongst the business owners pertaining to the compliance with the new privacy regulation. Well, with every article about GDPR, our job is to help you get over these confusions.

    Today, we will talk about how the organizations that make use of online survey tool can ensure that their surveys are GDPR compliant. We all know that surveys are used for gaining feedbacks from prospects, customers, potential customers, employees etc. However, according to the new regulations, whenever you are in a possession of customer’s data, you need to manage in a way that it safeguards your customer’s privacy. So, how should you make your Surveys GDPR proof?

    Here’s a little guide for you to make Your Surveys GDPR Complaint:

    Integrating Data with Third Party Apps

    Yes, if your Survey data gets synced with third party apps and it is not GDPR complaint, it is time to bid goodbye to it. For example, if you use a SugarCRM survey tool and you have integrated a third-party tool, you need to ensure that those apps also adhere to the GDPR regulations. All you need to do is, revisit your vendor agreements with that party and make sure that all the points are up to the mark. You can also check with your lawyers if the need be.

    If you use a Sugar or SuiteCRM survey tool, it is best to go for an extension that doesn’t ask for you to install any other third party apps. Survey Rocket is one such tool as it works with the latest version of Sugar and comes with GDPR compliance.

    Obtain Permission for Data of Minors

    If through your survey tool, you are collecting or processing the data of individuals under 16 years of age, you must take parental consent. If not obtained, you must refrain from sending survey to this age group. In case of data breach, you can face severe consequences.

    Data portability

    The phenomenon of transferring your customers’ personal data from one electronic system to another is known as data portability. So, for example, if you download survey responses or reports to your computer, you must handle them with responsibility and remember that they entail your customers’ personal data. When you create a new personal registry, you need to ask consent of your customers.

    Also, it is not advisable to store the data of your customers using surveys. In case you do, you must let your data subjects know as to for how long you will store the information of your customer before sending survey invitations to them.

    Take Consent Before Sending Survey

    As you collect personal data of your customers through online surveys, you must ensure that you have the permission to use their data for different purposes. In order to obtain the consent, you need to provide your customers with the reason as to why you want to collect their personal data, where will you save it and for how long will you be using it in the future. This data includes the name of your respondents, their address, phone numbers etc. You can use this information only within the scope of the consent that is given to you.

    We hope this brings a little clarity as to how to go about conducting surveys using a Survey Tool. If you are looking for a Suite/SugarCRM Survey tool that comes with the Data Privacy Module of SugarCRM version 8.0, you can consider integrating Survey Rocket. To know more about it, visit

    Read related blogs about CRM