logo_explori2_white-01
Book Demo

Privacy Policy: Customers

Your surveys, GDPR and you

From May 2018, any organisation that collects and processes the personal data of EU citizens will need to comply with the General Data Protection Regulations (GDPR).

We recommend our clients seek professional advice to ensure all their activities are compliant.  The information on this page is designed to highlight some areas you may need to consider and help answer your questions, but it shouldn't be considered as definitive advice as every client's situation is different.

Whilst we are headquartered in the UK and anticipate the outcome of the transition process to define the UK's status once it is no longer a member of the EU, we commit to operating to GDPR standards as a minimum and we will exceed these as required by equivalent local legislation and put in-place special clauses with our clients as required.

 
HOW DO YOU MANAGE UNSUBSCRIBES?

The Explori platform enforces the inclusion of an unsubscribe link in every survey email sent.  This allows respondents to unsubscribe from receiving any further survey reminders.

In addition we now enforce the inclusion of a link to your own privacy policy (which you need to host on your website).  This should advise respondents how you manage their personal data and how they can unsubscribe from your database.

WHAT HAPPENS TO SURVEY RESPONSES?

Personal data (such as name, email address and IP address) will be stripped from your responses, which will then be combined with the responses of other customers to produce trend data.  This will be available to the authorised individuals at your organisation and to Explori in an aggregated form to collate industry-wide trends. 

If you would like to use responses that have not been anonymised, for example to map responses back to your CRM system, please be clear about this in your survey email.  You may wish to get specific consent from respondents to do this.

HOW LONG DO YOU STORE PERSONAL DATA?

If an individual chooses not to respond to a survey, their personal data (such as name, email address and IP address) will automatically be deleted from the Explori system within one month of the survey closing.  If an individual chooses to respond to the survey, their personal data will be automatically deleted from the Explori system within 12 months of the survey closing.  If you have a specific reason that you would need Explori to store personal data for longer than this, please discuss this with the support team.

We ask that you include a link to your own privacy policy in your survey email, this should set out how you intend to use and store any responses collected within your own organisation.

HOW DOES SENDING SURVEYS WITH EXPLORI COMPLY WITH DATA PROTECTION REGULATIONS SUCH AS GDPR?

The EU-wide GDPR recognises that organisations must continue to conduct business in-line with their legitimate interests, so long as this is not out-weighed by the potential harm to the privacy of individuals.  Seeking feedback from recent customers on the products or services they received is an example of this legitimate interest and Explori work closely with our clients to ensure any risk of harm to the privacy of individuals is minimal.  Therefore many of our clients will continue to send surveys on the Explori platform on the basis of legitimate interest.

In other instances you may be sending a survey because your audience has given their consent for you to do this.  

If you think neither of these situations apply, please contact the Explori support team to discuss the best way to approach your project.

HOW DOES THIS COMPLY WITH DATA PROTECTION REGULATIONS SUCH AS GDPR?

The EU-wide GDPR recognises that organisations must continue to conduct business in-line with their legitimate interests, so long as this is not out-weighed by the potential harm to individuals.  Seeking feedback from recent customers on the products or services they received is an example of this legitimate interest and Explori work closely with our clients to ensure any risk of harm to individuals is minimal.

In other instances an organisation may be sending you a survey because you have given your consent for them to do this.  

If you think neither of these situations apply, or you wish to withdraw your consent, please contact the organisation who sent you the survey.  You can follow the privacy link in the survey to find out how to do this or contact them directly.

If you can't make contact with the organisation, please let us know and we will do our best to help.

HOW WILL EXPLORI KEEP MY CUSTOMERS' DATA SECURE?

Explori uses a number of best practise methods to ensure all the personal and non-personal data held on our platform is secure.  We have successfully passed security due diligence checks to become preferred suppliers to some of the world's biggest live event suppliers.

These include the following:

  • Encrypted passwords for all users
  • User specific permissions - users only have access to data that is relevant to them
  • Secure encrypted servers
  • Automatic deletion of personal data in a timely manner
  • Training for all users who have access to personal data

We ask all our clients to support us in protecting customer data by ensuring their user list is kept up to date and they use our secure upload facilities to place their data into the Explori system.  We do not accept customer data via email.

If you have any specific questions about the data security methods Explori has in place, please contact our support team.

DOES EXPLORI PASS MY CUSTOMER DATA TO ANYONE ELSE?

Explori will never use your customer data to contact your customers directly, or pass it to a third party with the sole exception outlined below.

If your customer data was collected in Italy, the Middle East or Africa, (for example if it relates to an event or conference in one of these countries/regions) one of our sub-processors may access your data for the purposes of creating your survey insight.  Our sub-processors are carefully selected for their research reputation and bound by the same standards as us - you can find out more information about them here.

If you require your data to be processed solely in the EU please contact us.

We ask that you include a link to your own privacy policy in your survey email that outlines to responders any instances where you may pass their data to a third party.

DO YOU HAVE A DATA PROCESSOR AGREEMENT?

Yes, at the start of each licence period, you will be asked to renew your agreement with Explori.  A data processor agreement now forms part of our standard terms and conditions.  This outlines the steps that both Explori and our clients will take to ensure all our projects are undertaken in compliance with GDPR.

From time-to-time we may add additional terms to the data processor agreement if we believe it is appropriate for the project and will consider requests from clients for additional terms should the need arise.

We will consult with our clients on the addition of Special Clauses should this become necessary at the conclusion of the transition period for the UK to leave the EU.

All Explori team members with access to personal data (and commercially sensitive data) have received training and are subject to non-disclosure agreements.

WHO SHOULD I CONTACT IF I HAVE A QUESTION OR COMPLAINT?

In the first instance please contact the organisation who sent you the survey.  You can follow the privacy link in the survey to find out how to do this or contact them directly.  If this doesn't resolve your question or complaint, or it relates to Explori directly, then please don't hesitate to contact us.

Data Officer: Olly Watts

email: Olly Watts

Explori Media Ltd

We are committed to responding in a timely manner and doing our best to resolve any complaints to the best of our ability.