The EU GDPR (General Data Protection Regulation) regulation became a reality on 25 May 2018 so you should be sure to be compliant with it when using Opinion Stage.
What is the GDPR?
The General Data Protection Regulation (GDPR) was introduced to unify all EU member states' approaches to data regulation, ensuring all data protection laws are applied identically in every country within the EU. It will protect EU citizens from organizations using their data irresponsibly and puts them in charge of what information is shared, where, and how it is shared.
Is the GDPR regulation relevant to me?
The GDPR regulation is relevant to you if you have an audience in the EU and are collecting personal data from users, regardless of whether you are based inside or outside the EU.
So if you are sure you don't have an EU audience, you can stop reading here (note that to be on the safe side you might even want to block European IP addresses).
However, if you do have an EU audience, it is important you continue reading to verify you are GDPR covered.
What is defined as personal data?
Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person is defined as personal data in the GDPR regulation. It can be anything from a name, an email address, an identification number, or location data.
In what cases does Opinion Stage collect the personal data of users?
Personal data of users is only collected if you explicitly request it through fields in your forms, for example, requesting email addresses or phone numbers.
To stay compliant with the GDPR, you can use Opinion Stage in 2 modes:
Mode #1 - Opinion Stage forms do NOT collect personal data
In this case, you are GDPR compliant.
Mode #2 - Opinion Stage forms collect personal data
If you have an EU audience and still want to request personal data from your users, such as their email address and phone number, you can do so.
To stay compliant with the GDPR rules, it is required in this case to notify your audience what you will be doing with their personal data and that it will be stored on the Opinion Stage servers.
For example, if you are using a form that collects emails, you are required to have a checkbox that is set to default, specifying what you plan to do with their emails and notifying them where they will be stored.
The right to have personal data erased
The GDPR introduces a right for individuals to have their personal data erased upon request. We offer individuals the option to contact us via our chat support or email and request that their personal data be erased. We will address this issue as a top priority.
Where does Opinion Stage store data?
Opinion Stage stores data on secure AWS Amazon servers located in the US. The data is encrypted both in transit and at rest. For information on how Amazon AWS complies with GDPR, please read here: https://aws.amazon.com/compliance/gdpr-center/
Summary
The GDPR is a significant step forward in protecting the personal data of users and a move toward a better and safer internet. If you have an audience in the EU, please do not ignore this regulation and ensure that you are using Opinion Stage in a manner consistent with it.
For more information, please refer to our Privacy Policy & Terms of Service.