EU Privacy Summary (GDPR)

Name: PaperSurvey.io
Brand: PaperSurvey.io
Rating: 4.8 (28 reviews)

Summary

When you use our services you entrust us with your valuable information. We have made it a priority to protect your data and to provide you with choices about controlling it. We understand that there are particular concerns from organizations about how we use and protect your data, so we put this page together as a guide to answer some of the most common questions you may have.

Is PaperSurvey GDPR compliant?

Yes, it is.

What is GDPR?

The EU General Data Protection Regulation (GDPR) governs data protection and privacy across the EU and EEA. It is a comprehensive framework that strengthens the protection of personal data and the rights of the individual, providing a single set of rules governing the processing and monitoring of EU data.

A note for US-based customers

Even if you are based in the US, hosting your data in the EU means it is protected under one of the world's most comprehensive privacy frameworks. GDPR gives your survey respondents clear rights over their data and imposes strict obligations on how that data can be used and stored.

Does it affect me or my business?

If you hold or process the data of any person in the EU, the GDPR will most likely apply to you, whether you are based in the EU or not.

I am a PaperSurvey customer. How does PaperSurvey relate to me in terms of GDPR?

There are two different kinds of relationships defined in GDPR, that of "Controller" and that of "Processor". The relationship between you as a customer and PaperSurvey falls under both of these categories.

PaperSurvey acts as a controller in our direct relationship with you as a customer, and the information you give us directly (for example, that which is given when signing up). The service PaperSurvey provides however is as a processor. We process and store information on the behalf of our customers.

Your Rights Under GDPR

If you are located in the EU or EEA, you have the following rights regarding your personal data:

Right of access: You can request a copy of the personal data we hold about you.
Right to rectification: You can ask us to correct inaccurate or incomplete data.
Right to erasure: You can request that we delete your personal data, subject to certain legal obligations.
Right to restriction: You can ask us to limit how we use your data in certain circumstances.
Right to data portability: You can request your data in a structured, commonly used format.
Right to object: You can object to certain types of processing, including direct marketing.

To exercise any of these rights, contact us at gdpr@papersurvey.io.

Data Processing Agreement

A Data Processing Agreement (DPA) is available for enterprise customers who require a formal record of data processing activities under GDPR. To request a DPA, contact us at gdpr@papersurvey.io.

Data Retention

Survey data is retained on our systems until you choose to delete it. When you delete surveys or responses, the data is removed from our production systems immediately. Encrypted offsite backups may retain deleted data for up to 6 months as part of our disaster recovery procedures, after which they are automatically purged.

Sub-processors

We use a number of third-party sub-processors to deliver our service. For a full and up-to-date list of sub-processors, please refer to our Privacy Policy.

I want to make a GDPR Request

You can contact us via email at gdpr@papersurvey.io to send us a GDPR request.

We provide more detail about all of this in our Privacy Policy.