All Collections
Datasets
Data management according to GDPR
Data management according to GDPR

What you need to know to manage respondent data and be GDPR compliant

U
Written by Upinion Support
Updated over a week ago

The EU’s new data privacy regulation, the General Data Protection Regulation (GDPR), is a set of laws aimed at enhancing the protection of EU citizens’ personal data and increasing the obligations of organisations to manage that data in transparent and secure ways. The GDPR applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens.

In this article we will outline data responsibilities, data request features, respondent management features, and information to provide your respondents including revoking access to data. Also make sure you read our privacy statement.

Data responsibilities

The Upinion platform was built with data privacy and security in mind, including features that enable you to easily comply with the GDPR. As a client of Upinion, you are the Controller of your and your respondents' data. Upinion acts as the Processor of data on your behalf. Ultimately, you are in control of the collection and management of data. To request personal data from respondents, we strongly recommend using data request features outlined below (rather than directly in a conversation). This way respondents have the ability to easily manage their details according to GDPR and revoke access to their personal data. 

Data request features

You can request personal data from respondents at different stages: when respondents join a group conversation or when they want to redeem a reward. It is important to understand what the GDPR means for your business and to make sure you build compliant processes of your own during these stages. Steps on how to request personal data can be found here. Below we outline the data types you can request. 

General data types:

Name: Text field where respondent enters their name.
Email: Ask for the respondent's email, the respondent has to enter a valid email address.
Verify account: The respondent must register in order to connect. If they do not, they have the chance to register when joining the Group. This can be useful if you don't want any unregistered respondents in your group.
Advertising ID: Is an alphanumeric string unique to each device, used only for serving advertisements. More information can be found here.
Custom field: Allows you to create your own input field from scratch which can be either text, email or numeric. Setting these types will restrict what respondents can enter as their data. 

Facebook Messenger data types:

Facebook ID: As part of our facebook integration service, we only use your respondents Facebook ID in order to make it possible to identify your respondents.
You can find your Facebook ID:
Go to your Facebook page - Click settings  - Click Page info - you can see Facebook Page ID 

Respondent management

Delete a respondent

You can delete or archive a respondent if you need to. On the Upinion web app, go to the Groups section and hover over the trash bin to delete a user from your group.

Remove inactive respondents

Manage how long you keep respondents in your group by adding a "remove inactive respondents" setting in Group / Settings.

Respondents can revoke access to personal data

In the previous section, we discussed how you can request and manage respondent data. It is also possible for respondents to view, edit or revoke the personal data they shared with you at any point. 

When a respondent revokes access of their data from your Group (or Reward), they are completely removed from the Group and their personal data is deleted. They can rejoin the Group but only if they provide the required data again.

Respondents are asked for all of the respondent Data that you have requested when joining the group. If the respondent revokes the access to the data from their app then they are forced to leave the group.

Respondents can revoke access to their personal details at any time on both the Upinion Messenger and Facebook Messenger. 

Revoking access to personal data on Upinion Messenger

Respondents can revoke access to their Group personal details simply by going to the Upinion Messenger app > Settings > Group privacy > Revoke access 

Respondents can revoke access to their Reward personal details simply by going to the Upinion Messenger app > Settings > Reward privacy > Revoke access 

Revoking access to personal data on Facebook Messenger

Respondents can type following commands in Facebook Messenger to request to get personal data deleted:

"delete personal data"
"remove personal data"
"revoke personal data" 

Did this answer your question?