Privacy Shield FAQs

• On October 6, 2015, the European Court of Justice issued a judgement declaring as invalid the European Commission’s Decision 2000/520/EC of 26 July 2000 on the adequacy of the U.S.-EU Safe Harbor Framework.
• As of July 12, 2016 the European Commission adopted the EU - US Privacy Shield.
• As of August 4, 2017 SurveyGizmo is Privacy Shield Certified.

Each of the following Principles have specific requirements that SurveyGizmo must comply with:

• Notice Principle - The Notice Principle describes how an organization informs individuals about the type of data collected, its purpose, how the data will be used, who gets it, and their rights to it.
• Choice Principle - The Choice Principle comprises of how an individual can opt out of communications from an organization.
• Accountability for Onward Transfer - This principle describes how the data is processed and transferred to its destination.
• Security Principle - The Security Principle includes the reasonable and appropriate security measures to protect the data.
• Data Integrity and Purpose Limitation - This Principle describes how the collected information must be limited to the information that is relevant for the purposes of processing and that the data is only kept while it is still valid.
• Access Principle - The Access Principle describes that individuals must have access to personal information about them that an organization holds and are able to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of these Principles.
• Recourse, Enforcement, and Liability - This Principle outlines the way in which an individual may file a complaint and an organization's obligations and required follow up procedures for assertions, verification of compliance, and prompt response to the filed complaint.

Please read on to learn how SurveyGizmo complies with each of the above-listed principles.

We comply with the Notice Principle by way of our Privacy Policy; specifically how we use the information provided to us, and what we collect automatically such as cookies, web beacons, log info.

We comply with the Choice Principle through the ability of our customers to be able to Opt-Out by sending an email to marketing@surveygizmo.com with the subject line “Unsubscribe.”

We comply with the Onward Transfer Principle by being responsible for our Sub Processors and entering into a Data Processing Agreement (DPA) with them.

We comply with the Security Principle through reasonable and appropriate security measures to protect your data from loss, misuse and unauthorized access.

We comply with the Data Integrity and Purpose Limitation Principle by only using the data for its intended purposes (by the specific direction of our Customers) and only keeping it until the Customer tells us to delete it.

We comply with the Access Principle by providing Customers and Survey Respondents access to their Personal Information through an email sent to support@surveygizmo.com with the subject line "Personal Information Request".

We comply with the Recourse, Enforcement and Liability Principle by requesting individuals send complaints to compliance@surveygizmo.com. We must respond within 45 days of receiving a complaint and if the complaint is not resolved, it can be escalated to the BBB EU Privacy Shield organization.

Per the SurveyGizmo Services Agreement section 7.3, our Customers are responsible for obtaining the appropriate and informed consent from all their Survey Respondents. They must provide all notices and information regarding the transfer and processing of any Survey Respondent Personal Information via the SurveyGizmo Services.

Per the SurveyGizmo Privacy Policy section titled Information Provided via Surveys, SurveyGizmo collects information about Survey Respondents from and under the direction of our Customers, and has no direct relationship with the Survey Respondents.

If you are a Survey Respondent and have any questions or concerns regarding our customers’ privacy practices, or if you seek access to or wish to correct, amend or delete inaccurate data, you should contact the entity from whom you received a survey.

If a Survey Respondent requests ‘access’ to their personal information, SurveyGizmo will notify them that we will follow our procedures to address the request. SurveyGizmo will require them (the respondent) to provide the specific survey link that collected their information. In most cases, we will directly contact the owner of the survey (SurveyGizmo Customer) and notify them of the Survey Respondent’s request. SurveyGizmo will follow the directions of the Customer.

The BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. Please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information or to file a complaint.