SurveyMonkey is, like many other companies, preparing for the General Data Protection Regulation (GDPR) when it comes into effect in May 2018. We can assure you that we are taking the GDPR requirements very seriously and are working cross-functionally with all our teams to ensure that SurveyMonkey’s privacy standards are always first class. We believe that our current company practices are very respectful of our users’ privacy and all applicable privacy laws, but we are nonetheless using our GDPR readiness preparations as another opportunity to ensure that we do even better.
In case you have not already reviewed them, we have a number of helpful articles in our Help Centre and on our website regarding SurveyMonkey’s privacy and security compliance today:
Our Help Centre is also a great privacy resource for customers and, in particular, we would direct you to the following:
Some updates on GDPR readiness plans
- Standard Contractual Clauses for ADVANTAGE team plans and higher – We now offer customers with certain qualifying accounts our standard SurveyMonkey Data Processing Agreement with Standard Contractual Clauses/Model Clauses. We understand that some of our customers prefer to have a written agreement as regards data processing and transfers, in addition to SurveyMonkey’s Privacy Shield certification.
- Security – While SurveyMonkey already uses state of the art SOC II certified servers in the United States, we are aware of the new and increased security standards that GDPR introduces and will continue to evaluate our practices to ensure that they align with industry standards.
We are confident of our ability to ensure that we (and by association our customers when using SurveyMonkey) can comply with GDPR by the deadline in May 2018. If you have any specific questions regarding the GDPR requirements and how this may impact your use of SurveyMonkey please feel free to let us know and our GDPR team will respond.