The General Data Protection Regulation (GDPR) came into effect in the UK and all EU Member States on May 25, 2018. Any survey that you send to customers, fans or employees in the EU needs to comply with this regulation. In this short guide, I’ll share some tips and best practices to help you ensure that your chat surveys (or "conversational surveys" or simply "chats") adhere to the GDPR.
Just a disclaimer: Since I am not a lawyer or a data privacy expert, the tips presented here should be viewed as general information and recommendations only. 🙂 This is not legal advice and should not be relied on as such.
A key tenet of the GDPR is asking for explicit consent. This means research participants need to voluntarily opt-in to get future communications from you. Ask for consent when people do your first chat. If people refuse to provide consent, you can’t collect any data from them and must end the chat there.
When asking for opt-in consent, you must give all chat respondents a chance to review your privacy policy. This is easy—simply link to your policy from the chat. Your privacy policy should be clear, concise, detailed and informative. Avoid legalese—use plain and friendly language people will easily understand.
Be specific about how the data collected will be used. For the purposes of a chat survey, we usually tell clients to explain that it’s for research purposes and will be reported on in-aggregate only.
GDPR requires that your privacy policy include contact information for the respondent to request:
☑️ A copy of their personal data
☑️ A deletion of their personal data from your system
☑️ A change to their personal data
If you receive requests like these, you need to fulfill it within a reasonable period of time.
Respondents should always have the ability to opt-out of your research activities.
In our platform, Chat Lab, this functionality is baked in. People subscribed to your chats can easily opt out by typing “unsubscribe” at any time. This is information we share with people when they opt-in to chats the first time.
Protecting respondent data should go beyond your activities in Chat Lab. Ensure that when you’re sharing any data electronically, it is anonymized. In other words, remove any personal data or personally identifying information (name, date of birth, contact information, address, IP address).
Related resources
If you’d like to learn more about the GDPR and its implications for market research and insights, I recommend the following resources:
☑️ The Information Commissioner’s Office’s guide
☑️ FAQs from the Market Research Society (MRS)
☑️ GDPR guidance (PDF) from ESOMAR
.webp)
Got questions about insight communities and mobile research?
Chat with one of our experts.
No Comments Yet
Let us know what you think