To ensure that you can make the best and safest decisions on the collection & storage of your data while using Usabilla, we have created a GDPR Checklist. Regardless if you're an existing or new a customer, going over this checklist will make sure that you're ready for the GDPR.
Where to start?
When you collect feedback, this might come with privacy-sensitive data. A good starting point is to consider what information is essential to you too for the processing of your feedback. Keep in mind, it is still ok to collect privacy-sensitive data, as long as you have a valid reason for it and take the necessary measure to ensure the privacy regardless of what happens.
At Usabilla we strongly believe in "Privacy by Design". Privacy by Design is an approach based on the premise that privacy is rooted in the design and operation of IT systems, networked infrastructure, and business practices. With the GDPR coming into effect it's also important for you as a customer of ours to take this approach. Therefore, we have made a couple of changes to our solution to ensure that by default, all settings don't collect privacy-sensitive information.
What is changed?
One of the key changes that we made is that, for newly created buttons, privacy-sensitive information is not collected by default. Privacy-sensitive includes the location data, IP-address, and the form values in a screenshot. Of course, you have the option to collect this type of data by enabling this in the settings.
For existing Feedback Buttons and forms, the settings remain the same. Do keep in mind that you might want to reconsider if all the data that you currently collect is (still) necessary. In the "Which information does Usabilla collect?" Support article you'll find an overview of all the data that Usabilla collects.
The checklist
To give you full control over the collection of your data please follow the next steps.
- Go to your button privacy Settings.
- Do you want to collect form values?
- Is it necessary to collect Location data?
- Check if you are collecting IP-Addresses and if so if it's (still) necessary
- Consider setting a Data retention period
Note: These settings can be edited if you have permission to create buttons and forms the Usabilla login environment. Read-only users are not able to adjust these settings. Settings will be changed per button and will affect all connected forms and surveys.
Privacy Settings
The privacy settings of your feedback buttons are located in the button drop-down menu. On the privacy settings page, you’ll find the General privacy settings for your button. The options to enable or disable form values, IP-address and Location data are collected here.
Form values
When users leave feedback on your website, a screenshot will be generated. Depending on the web page on which the user gave his/her feedback it might happen that privacy-sensitive data is captured in the generated screenshot. Disabling the "Save form values" option makes sure that any values filled-out in forms present on the webpage are not included in the screenshot. By default, this option is turned off.
A good example of when you would add this when your website has a sign-up form for people applying for a loan. These kinds of forms often contain privacy-sensitive information. To be on the safe side when it comes to forms on your websites, we recommend disabling the option to make sure that you do not store the values your customers fill in in a form.
Tip: We also offer a masking option that will mask HTML elements, text, or attributes from the screenshot to help you prevent the storage of privacy-sensitive data. More information about this can be found here.
Location data
Our feedback and campaign data used to include the location of the person that left the feedback. For new feedback buttons and campaign forms, this is turned off by default. While location data can be very useful to track the mood or NPS for specific regions, you might want to consider if you're actually using the location data. Location data can be considered personal information when combined with other meta-data. If you don't actively use it may be better to disable this functionality for existing buttons.
IP Addresses
Just similar to location data our feedback items and campaign data used to come with an IP-address of the person that filled in the form. Consider if it is necessary to collect this data. If not, we recommend disabling the storage of IP-address for existing buttons. The European Court of Justice considers the IP-address to be personal information so only collect this data when this is necessary.
Tip: If you need to distinguish feedback coming from your employees/colleagues from the feedback coming from actual customers, it's better to use the Custom Form feature when it comes to feedback.
Campaigns
For existing campaigns, the privacy settings remain the same. However, newly created campaigns do not collect IP addresses and location data by default. Keep in mind that campaigns do not copy the settings of the button they are connected to. If you prefer to store IP addresses and location data, you will need to enable this manually:
In-Page widget
Existing In-Page widget settings remain the same. However, newly created widgets will not store IP addresses and location data by default. If you prefer to store IP addresses and location data, you will need to enable this manually:
Usabilla for Email
Existing Usabilla for Email widget settings remain the same. However, newly created widgets will not store IP addresses and location data by default. If you prefer to store IP addresses and location data, you will need to enable this manually:
Data retention period
To make sure that you don't keep any unnecessary data that you don't need we've added the data retention feature. This new feature will enable you to set a retention period for all collected data within Usabilla. This covers all data within Usabilla, regardless of which product you are using.
By default, no data will be removed from our database, but in case you don’t need the data forever, we would recommend setting a retention period. There is no reason to keep data if you no longer use it.
On your account settings page, you’ll find the Security & Privacy tab. Here you find the option to select your preference from 36 months up to 1 month. A service will mark all collected items automatically on a day-to-day basis. The data will be deleted on a daily basis, starting between 01:30 AM and 04:00 AM (UTC). Keep in mind that this setting will only show if you're one of the administrators of your Usabilla Team account. (Make sure to also enable 2-factor authentication while you're at it).
Warning: Setting a data retention period can have huge consequences for Campaigns. If you, for example, used a single campaign over a longer period to collect the NPS score, it can happen that setting a data retention period will significantly change the aggregated results. So make that before you're setting a data retention period that you export any important historical data. Because once the data is deleted it's gone forever.