As you probably already know, it is always necessary to have valid legal reasons to process your users' data in a GDPR compliant way. This may be accomplished by retrieving your users’ consent, or might also be a part of your contractual agreements - if it is, for example, part of your offer to provide continuous customer services.
The next paragraphs will provide more details about different usage models of Usabilla 4 Email and applicable GDPR requirements.
Usabilla in Newsletters
For sending out Newsletters, it is a GDPR requirement to retrieve your users' explicit consent (also without using our solution). It is perfectly legitimate to make use of Usabilla in your Newsletters, since this directly contributes to improving User Experience and future content of Newsletters. However, it is also important to communicate this purpose transparently.
As an additional safeguard, you may optionally include a phrase to your declaration of consent, which states that feedback processing is part of your newsletter service to improve future content.
Usabilla for Reviewing Customer Services
For providing customer services, it is also important to have a valid reason why you reach out to your customers (e.g. this may be based on the consent of your users or contractual definitions between you and your customers). Again, it is perfectly legitimate to make use of Usabilla for reviewing customer services, since this directly contributes to improving User Experience and future customer service.
Depending on the legal foundation of your processing activities, it is, for example, possible to include a phrase to your declaration of consent or to applicable agreements with your customers to inform them for which purposes you process feedback and that it is part of the service (as an additional safeguard).
Usabilla Full Screen Surveys in Emails
The same principles as described above apply when it comes to using hyperlinks to full-screen surveys in your emails: it is a requirement to have a legal base for processing your users' data. Whatever this legal base may be, you can always communicate transparently how and for which purposes you make use of our solution and, more importantly, explain why it is also part of the specific service you provide.
To summarise the key points, you can use Usabilla in a GDPR compliant way if you:
• are transparent in which way you process data,
• have valid reasons, which allow you to process your users' data (e.g. consent of your users, contractual requirements) and
• follow subject requests by your users (e.g. information about and rectification or deletion of their data).
We support you to handle subject requests! The extraction, rectification or deletion of individual feedback items upon request of a data subject can be easily fulfilled within the legally defined period. If you have any questions feel free to contact us at any time.