You own your data. We don’t sell your data. Ever.
Welcome to the SurveyGizmo web site. As an application service provider, Widgix Limited provides our customers, with two-way communication tools (including our software platform-SurveyGizmo).
Our Privacy FAQ + Key Privacy Issues
IF YOU CREATE SURVEYS:
• Your survey data is owned by you. Your surveys are private, and your data is yours. You control your data; how you release it or use it is up to you. We don’t sell your information to anyone and we don’t use the survey responses you collect for any purpose other than to provide service to you. But we do comply with the law, so under limited circumstances we could be required to release your information (e.g., if we are compelled by a legal order or subpoena).
• You act as the data controller to the survey respondents. We enable you to communicate your compliance statements regarding data handling and privacy. As such, you are responsible for honoring respondent requests under EU privacy regulations.
• We act as a data processor to respondents. Our platform enables you to securely collect respondent information and the ability to comply with data processing consent/notification requirements. Any data requests from survey respondents will be forwarded to the respective survey creator for action.
• We act as a data controller for your account information. When you create an account, we collect the minimal required information to deliver our services and communicate with you. This information is never sold.
• You determine where respondent data travels. Which datacenter you utilize is based on which site you use to create surveys. For instance, surveys created on www.surveygizmo.eu will utilize the EU AWS data center in Frankfurt, Germany. What happens to the data after we collect it is up to you, our customer.
• Customer Information you provide to us
◦ Registration information (e.g., your username, password, and email address).
◦ Billing information (e.g., billing details and financial information associated with your selected payment method like credit card number and expiration date or a bank account number). We don’t store any credit card information, and use a third party service as credit card processor.
◦ Account settings (e.g., your account settings page, account preferences, and personal details like your default language, timezone, etc.).
◦ Email lists (e.g., email lists you upload to invite people to take your surveys via email). We don’t use your email lists or any email addresses you collect through your surveys, except to assist you at your direction (e.g., if your email list isn’t sending correctly).
IF YOU ANSWER SURVEYS:
• Survey creators administer + control surveys. We are only a service provider/processor for surveys, processing data on behalf of our customer. Survey creators administer and have control over their surveys, while we host their platform and software service for them. If you have questions about a particular survey you’re taking, please contact your survey creator.
• Are anonymous responses really anonymous? Each survey creator has different options for collecting different kinds of information about respondents. Contact your survey creator for specific information about your survey. We also have more info about our anonymous response options here.
• Are your survey responses sold to a third party? Widgix does not sell or share your survey responses with third party advertisers or marketers. The survey creator controls your response data, and we merely act as a processor and a host on behalf of the survey creator while the information is in our custody.
• Respondent Information provided to us:
◦ Survey responses (e.g., what respondents answer on surveys)
◦ Email list info (e.g., from email addresses, names, or other contact info from email lists that Customers provide and upload)
◦ Customer + Respondent Information collected from tracking technologies:
• Usage info (e.g., visitor logs including IP address, cookies, etc.)
• Device info (e.g., which browser used, which OS, etc.)
• Referral source (e.g., which source or link referred respondent to survey)
• Page tag data (e.g., clear gifs, web beacons, web bugs)
• As a respondent and/or customer, you are provided specific rights in regard to the handling of your information. You may request the following from the data controller using our automated form:
• The right to be informed – you may request details of what we collect and what we or our customers do with your data
• The right of access – you may request a copy of the personal data we hold on you
• The right to rectification – you may request that we or our customers correct the data we have on file for you
• The right to erasure – you may request that your data be deleted in portions or in its entirety
• Please note that minimal customer (not respondent) details will need to be preserved in order to contact you regarding surveys you created.
• The right to restrict processing – you may restrict the processing of your data to specific purposes
• The right to data portability – you may request your personal data in a csv format for transfer to another system
• The right to object – you may object to your data being processed for purposes to which you do not consent
• Rights in relation to automated decision making and profiling – you may restrict your data from being used in automated decision making and profiling applications
• Widgix is committed to complying with international regulations and privacy framework including GDPR and US Privacy Shield.
• Issues from the EU regarding GDPR complaints, questions, and comments can be directed to the UK ICO:
Information Commissioner’s Office
Phone: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
· In compliance with the Privacy Shield Principles, WIdgix commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact The Widgix/SurveyGizmo Security and Compliance Manager can be reached at:
Security and Compliance Manager
4888 Pearl East Circle, Suite 100 W
Phone: 800 609 6480
Our EU Representative can be contacted at:
Phone: +49 (0) 40 99999 3430
• Under US Privacy Shield, you have the right to invoke binding arbitration to address unresolved complaints. The US Federal Trade Commission has investigatory and enforcement power over Widgix Privacy Shield Compliance. SurveyGizmo has further committed to refer unresolved Privacy Shield complaints to the Better Business Bureau, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information or to file a complaint. The services of the Better Business Bureau are provided at no cost to you.
US-EU Privacy Shield and Swiss-US Privacy Shield inquiries or compliance complaints may be directed through our independent issue resolution provider:
Council of Better Business Bureaus, Inc.
BBB EU Privacy Shield
3033 Wilson Boulevard, Suite 600
Arlington, VA 22201
Online at: http://www.bbb.org/EU-privacy-shield/for-eu-consumers
Think a survey violates our Terms of Service or is engaging in illegal activity?
What kind of information Widgix collects
Customer Information: When you register on our Site, we ask for your name and contact information, including: company name, name of contact, title of contact, company address, telephone number, email address, user name and password, and billing information which may include credit card numbers. We don’t store any credit card information, instead we use a third-party service as a credit card processor. Customers also provide us with information regarding the ordered Services (e.g., the type of account plan Customers pay for, account preferences, use of survey options or preferences, etc.). In addition to the information you actively provide to us, we also collect information from other sources regarding when and how often you log on to our Site. (See “Tracking Technologies” below.) Information collected is processed by contracted 3rd parties to assist with accounting, customer management, and compliance. All customer data transfers from SurveyGizmo to third parties require a data processing addendum which restricts how the information may be used.
We will not — under any circumstances — sell or rent Customer or Respondent Information to any third party.
Respondent Information: We receive Respondent Information from survey respondents. If you’re using our email campaign distribution method, you provide us with the email address, and optionally other contact information, of each Respondent. Before receiving that information, we contractually require the Customer to warrant that it has a pre-existing relationship with the Survey Respondent and/or the Survey Respondent’s permission to receive electronic messages. We reserve the right to identify you as the person who has made the referral in any message that is sent to them. Permission is considered to be granted when a contact has asked to be subscribed to a list and an email is sent to confirm the validity of the email. This “double opt-in” process ensures that all contacts have been given permission to receive bulk email and that they have provided a valid email address that will not result in bounced messages or SPAM abuse reports.
Survey Respondents provide us with the information requested by you (for example, if your survey question asks about the respondent’s gender or zip code) as well as all answers to the survey questions. Customers are solely responsible for the content of the surveys and response data as well as complying with all applicable laws and regulations that might apply to the content that is solicited by Customers, as we state in our Terms of Service. As one of our software features for our Customers, we can record: (i) if and when a Survey Respondent has responded to a survey and (ii) if and when a Survey Respondent has received a reminder. In addition, we receive any information contained in any communications a Survey Respondent makes directly with Widgix. (See “Tracking Technologies” below.)
We will not – under any circumstances – use Respondent Information for any purpose other than to provide services to our Customers.
We log Customer and Survey Respondent Internet Protocol (IP) addresses to confirm the accuracy of survey data and Survey Respondent IP addresses are also converted into geo-data for Customers within our software. For our software system administration purposes, we also log a user’s session so that we know when, how often and what pages of the Site a user visits. To avoid the need to re-insert your username and password every time you and your Survey Respondents move from one page of our Site to the next, we use a cookie. (See “Tracking Technologies” below.) We also collect information from our Customers and Respondents regarding the devices and applications used to access our services (like browser type and operating system) and referral sources (if you arrived from another website or email).
You can login to our site using third party sign-in services such as Google Accounts Authentication and Authorization. These services authenticate your identity and give you the choice to share certain types of personal information with us (like your name and email address) to pre-populate your login.
Our site includes social media features as part of our distribution methods. These features, including the Facebook Post or Twitter Post buttons, may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. These features are hosted by a third party social media network (like Twitter or Facebook). Your interactions with these features are governed by those third party social media networks’ privacy policies.
Customers collect information using our software services platform. As a service provider for our Customers, Widgix acts as a custodian for that information. Widgix provides features and services for Customers to provide notice to their end users or customers concerning the legal accountability for the collection of information. To protect the privacy of our Customers, we cannot disclose private information to end users regarding our Customers’ accounts.
Tracking Technologies We Use on Our Site and Services Platforms
Like most other websites, Widgix uses “cookies” to collect data about visitors. Cookies are alphanumeric identifiers stored on your computer’s hard drive through your Web browser for the purpose of identifying you when you visit a site or page. Cookies enable us to recognize your browser when you visit and to tell us whether you and other visitors have visited the Site previously. For these purposes your cookies are tied to personally identifiable information (like your email address). If you have provided your name or other contact information to Widgix via a web form, we are able to tie that information back to the cookie.
Cookies can be either temporary session cookies that expire at the end of a user session when the browser is closed or persistent cookies that remain on your hard drive for an extended period of time. We use persistent cookies. A persistent cookie can remain on your hard drive for an extended period of time.
We set cookies when you visit our web site, use our application, and take a survey. Cookies are used to:
◦ Identify whether a user is logged in, for security purposes, and to allow the use of software features
◦ Allow us to see how visitors use our site (these may be third party cookies like Google Analytics)
◦ Identify a unique survey response when you are a Respondent taking a survey
|Cookie Name||Purpose & Data Contained||Type & Duration||3rd Party Cookie & Who Set it|
|_utm various||Provides information on session behavior||End of Session to 2 years depending on the specific cookie||Google Analytics|
|Localezone||Used to distinguish between international and US visitors||9 months||SurveyGizmo|
|Visitor_id####||The visitor cookie includes the name “visitor_id” plus the unique identifier for your account, which is derived from the tracking code placed on your site. The value stored is the unique ID for the visitor.||10 years||Pardot & Saleforce|
|_sg_ various||Website intercept feature for the application||20 minutes to 3 months depending on the specific cookie||SurveyGizmo|
You can change the settings on your browser to prevent new cookies from being set, or to notify you when a new cookie is set. Each browser is different, but the Help section for the browser will be able to show you how to change cookie preferences or clear your cookies from time to time. If you do block cookies it may impact your experience and you may not be able to take advantage of all features of our software.
Clear Gifs (Web Beacons/Web Bugs)
Our customers can use software features that will enable clear gifs (a.k.a. Web Beacons/Web Bugs) in survey distribution email campaigns to Survey Respondents. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.
Widgix also uses clear gifs in our HTML-based emails to you our customers and users to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. If you would like to opt-out of promotional emails, please follow the unsubscribe instructions included in each promotional email.
Data Collection Technology Available to Our Customers
For more information on technology available to our customers in collecting data and information on survey respondents, please visit the following pages:
Our Software Features: Data Collection Technologies
• SurveyGizmo Features: Data Collection and Distribution Methods
• Identify Respondent Info: Who took my survey?
• Track Email Opens
• sguid the URL Variable: Save and Continue, Unique Links, and Duplicate Protection
• Save and Continue Tutorial
• Merge Codes Tutorial
• Hidden Values Tutorial
• Get Data Into a Survey Through Prepopulation
• Sending Values through the URL Redirect Action
• Prevent Duplicate Responses
If you use our blog or any forums associated with our site, keep in mind that any personally identifiable information you submit there can be read, collected, or used by other users, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums or blog comments.
How we use the information we collect
We use Customer Information in our normal course of business, including to contact you regarding technical support, discuss billing issues, or to bring to your attention any aspect of our mutual business. We may also use your contact information to provide you with policy or product updates or to introduce new products and services provided you have indicated that you do not object to being contacted for these purposes.
If you do not wish to receive promotional emails from us, you can tell us not to either at the point such information is collected (by checking or unchecking (as directed) the relevant box) or by following the unsubscribe instructions included in each promotional email. We send service-related announcements when necessary to do so, and generally, you may not opt-out of these communications, which are not promotional in nature.
All Respondent Information is stored in our databases for our Customers’ benefit. At your direction, we use a Survey Respondent’s email address (and at your option other contact information) to send survey invitations, reminders, and whatever other communications you choose to use. We also use Respondent Information to improve the performance of our Site and services by analyzing site and user behavior, troubleshooting technical problems, resolving disputes and addressing complaints, and addressing compliance issues with our Terms of Service.
We require our Customers to warrant their compliance with the CAN-SPAM Act of 2003 of the US and equivalent legislation in Europe and elsewhere, and we may have additional approval processes surrounding email campaigns. We also have a software program that alerts us about certain kinds of illegal or dangerous behavior in accounts that violates our Terms of Service. However, we don’t provide monitoring services to you, on your behalf, or otherwise search or monitor for illegal or illicit or other behavior in your account that may violate our Terms of Service. As part of our Terms of Service our Customers maintain and warranty sole responsibility over their behavior, use of our software platform, and whatever content is inserted into or solicited by our software. We make no representations or warranty over our Customers’ use of our services, nor do we control our Customers’ behaviors. If you think there may be any violations of our Terms, please report it to us at email@example.com.
We collect information on behalf of our Customers, just like the Post Office sending and receiving mail on behalf of individuals. If you are an end user or customer of one of our Customers and would no longer like to be contacted by one of our Customers that use our service, please contact that Customer directly.
Our Staff’s Access to Information
Our staff will only access your data at a minimum necessary standard, in order to provide technical or administrative support. For instance, if you open a support ticket, hire our consulting services, call our telephone support, or your account is flagged for a security reason, then our staff may log into your account for the purpose of troubleshooting and correcting the reported issue or performing their contracted task. We will not for any reason disseminate your data other than as you have directed (e.g. email actions, sending reports, etc.). All your data is subject to the confidentiality clause (Section 11) of our Terms of Service.
Data Retention + Deletion / Destruction
Widgix retains data that we process on behalf of our Customers and data we collect from our Customers directly for as long as it is needed to provide services to our Customers. Widgix will retain and use this data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Sometimes users have specific needs under institutional or state requirement. For instance, occasionally data needs to be completely destroyed after its intended use. In many cases (e.g. when a customer stops paying for an account, downgrades to a different account plan, etc.), data is retired and locked away rather than actually destroyed. In most cases this makes the loss retrievable in the event of a mistake. We can, however, comply with a request for total data destruction; you just need to let us know. See our section below (Section 4) for more information on data destruction.
Links to Other Sites
Our site contains links to other sites that are not owned or controlled by Widgix. Please be aware that we, Widgix, are not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personally identifiable information.
Who we share or disclose information to
In the event that we need to share or disclose information, we maintain accountability for your data in accordance with the onward transfer principles of the Privacy Shield Framework. We do not share information with any third parties except under the following very limited circumstances with the following protections:
2. As Customers and Respondents Choose: We may share or otherwise use your Customer Information as you choose, and we may share Respondent Information as both you and the Survey Respondent choose. For example, if you choose to have an email action send a copy of the survey response to the survey creator, survey respondent, and/or a third party.
3. Agents Acting on Our Behalf: We may share some of your Information with other companies who provide us with technical and other type of services such as a credit card processor or data hosting center. They are contractually bound under nondisclosure agreements and are granted access to only Information that is necessary for their jobs, and are prohibited from using Information for any other purpose (including marketing or sharing the Information with any other party). We do not share any personally identifiable information with third parties who are not services providers who have signed confidentiality agreements to perform services for us.
Data archiving / Deletion
Ceasing to pay for your account will archive your data. You can re-access your data to be deleted by yourself or your users by paying for a monthly subscription that will allow you access the data for use (e.g. local storage on your computer, etc.) before deletion. Alternatively, if you do not require access before deletion, you can contact us directly in writing as stated above.
Once a Survey Respondent has submitted a survey, the Survey Respondent may not be able to access his/her Information through the Site. We do have software features available to allow Survey Respondents to re-access survey responses, but that must be enabled by the Survey Creator. Survey Respondents may contact you and you, in turn, will be able to view the Survey Respondent’s collected Information and, where appropriate, work with us in modifying such Information.
We have extensive security measures in place to protect your Information, and we are committed to the protection of your data. Unique user names and passwords must be entered each time a person logs on. We work with a third-party Tier 1 data center service provider, AWS, to host our Site, Services, and Software in a secure production environment that uses a firewall and other technology to reasonably prevent access from outside intruders. When transmitting sensitive Information, we also have encryption technology available for your use. (See Project Data Encryption and Secure Links for more info.)
All of our technology and processes are not, however, guarantees of security (see our Terms of Service for more information). You should also bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via the Site whilst it is in transit over the internet and any such submission is at your own risk.
For more information on our security measures, get in touch with us at firstname.lastname@example.org and at (720) 496-2990, or head to some of our other site pages:
Our Software Features: Security & Privacy
• SurveyGizmo Features: Security & Reliability Overview
• Project Data Encryption
• Anonymous Surveys
• Secure Email Invite Links
• Private Domains
• How to Use Secure (SSL) Survey Links
• Force Only Secure (HTTPS) Share Links (For Account Administrators)
• Password Security Settings Tutorial (For Account Administrators)
• SurveyGizmo Security: How Secure is SurveyGizmo?
• Data Security: Data Destruction + Privacy Configuration
• Tips for the Collection of Sensitive Data – Best Practices Blog Post
Account Ownership Transfer
If you transfer your account billing information and point of contact information (e.g. the individual who registers for the account or the user designated within our application as the main account administrator) to another individual or organization, ownership over all of your account’s data is therefore transferred to that individual or organization. This data may include confidential information, account preferences, surveys, survey response data, and/or custom reports, customized surveys or software code that you may have purchased with our professional services team. Data and account ownership transfer responsibilities lie solely with the customer. Widgix cannot and does not monitor how or why a customer or user may transfer data or account ownership.
Effective: May 25, 2018
Updated: September 21, 2018