What is GDPR?
The GDPR (General Data Protection Regulation) is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU law to strengthen the protection of "personal data" and the rights of the individual. It's a single set of rules which governs the processing and monitoring of EU data.
Panelfox GDPR Compliance Summary
Panelfox is GDPR compliant and provides technology that enables our customers to be GDPR-compliant also. Our Data Processing Agreement is available here. This page discusses how users can manage data subject requests using Panelfox, in particular focusing on how a user can modify and delete data.
Data Protection Officer (DPO)
We have appointed a dedicated Data Protection Officer to oversee and advise on our data management. Please get in touch by emailing us at firstname.lastname@example.org.
Informed consent means that the person who you’re collecting data from knows exactly why you need that data, how you will use it, and who will have access to it. Under GDPR, people must give specific consent for each processing activity. Panelfox gives people full control over their opt-in and opt-out preferences, as well as control over how their data is used and allows them to understand why someone needs access to it.
Data portability and right to be forgotten
Panelists have the right to be forgotten, and can delete their own data at any time. Account administrators can permanently delete individual or bulk contacts should any individual request it. This means erasure happens in one place, with just a few clicks. Panelfox helps you meet your data portability requirements; you can easily export all of your data linked to an individual user, and the entire account.
Account administrators can easily find and modify collected personal data to meet the "correction" requirement of the GDPR. So, you'll easily be able to modify an individual's personal data should they request it.
We appreciate that we are entrusted with valuable and sometimes sensitive user research data. Our application is built on world-class, modern cloud infrastructure designed to ensure the safety of your data. We have carefully chosen proven third party cloud providers that have a great security track record, and we employ best practices including regular backups, data encryption, sanitized logging, and common attack prevention. A list of subprocessors is available here.
Read more about our security practices.