6 tips for creating chat surveys that are GDPR compliant

20 March 2019 | 2 min read | Written by Julia Morton

The General Data Protection Regulation (GDPR) came into effect in the UK and all EU Member States on May 25, 2018. Any survey that you send to customers, fans or employees in the EU needs to comply with this regulation. In this short guide, I’ll share some tips and best practices to help you ensure that your chat surveys (or "conversational surveys" or simply "chats") adhere to the GDPR.  

Just a disclaimer: Since I am not a lawyer or a data privacy expert, the tips presented here should be viewed as general information and recommendations only. 🙂 This is not legal advice and should not be relied on as such.

Tip 1: Get consent.

A key tenet of the GDPR is asking for explicit consent. This means research participants need to voluntarily opt-in to get future communications from you. Ask for consent when people do your first chat. If people refuse to provide consent, you can’t collect any data from them and must end the chat there.

Get explicit consent for your surveys for GDPR compliance

Tip 2: Link to your privacy policy.  

When asking for opt-in consent, you must give all chat respondents a chance to review your privacy policy. This is easy—simply link to your policy from the chat. Your privacy policy should be clear, concise, detailed and informative. Avoid legalese—use plain and friendly language people will easily understand.

Tip 3: Be transparent.

Be specific about how the data collected will be used. For the purposes of a chat survey, we usually tell clients to explain that it’s for research purposes and will be reported on in-aggregate only.

Be specific about how survey data will be used for GDPR compliance

Tip 4: Let people request a copy of their personal data.

GDPR requires that your privacy policy include contact information for the respondent to request:

☑️ A copy of their personal data
☑️ A deletion of their personal data from your system
☑️ A change to their personal data

If you receive requests like these, you need to fulfill it within a reasonable period of time.

Tip 5: Let people unsubscribe.

Respondents should always have the ability to opt-out of your research activities.

In our platform, Chat Lab, this functionality is baked in. People subscribed to your chats can easily opt out by typing “unsubscribe” at any time. This is information we share with people when they opt-in to chats the first time.


Tip 6: Anonymize data when sharing.

Protecting respondent data should go beyond your activities in Chat Lab. Ensure that when you’re sharing any data electronically, it is anonymized. In other words, remove any personal data or personally identifying information (name, date of birth, contact information, address, IP address).

Related resources

If you’d like to learn more about the GDPR and its implications for market research and insights, I recommend the following resources:

☑️ The Information Commissioner’s Office’s guide 
☑️ FAQs from the Market Research Society (MRS)
☑️ GDPR guidance (PDF) from ESOMAR

author image
Written by Julia Morton

Julia Morton leads the customer success practice at Rival Technologies. In this role, she helps insight leaders from Fortune 500 brands adopt and maximize the value of emerging conversational research technologies. From recruitment for mobile agile communities to ongoing research projects, Julia plays a key role in delivering the best possible experience to Rival customers.

Talk to an expert

Talk to an expert

Got questions about insight communities and mobile research?
Chat with one of our experts.


SUBSCRIBE Sign up to get new resources from Rival.

Subscribe by Email

No Comments Yet

Let us know what you think