Post-show surveys and the GDPR
The post-show customer satisfaction surveys offer clients the ability to use a standard set of questions in order that responses can be aggregated and benchmarked for your organisation and across the sector as a whole or the capability to create customised questions.
Areas of feedback include:
- Pricing & value for money
- Enjoyment of the event
- Customer Experience at the venue
- Motivations for attendance
- Marketing Influences
- Demographics
- Qualitative comments
Do I need to obtain consent to send out a post-show survey?
Customer satisfaction surveys are considered reasonable under the legal basis of ‘Legitimate Interests’. Unlike direct marketing or market research communications, they do not require consent under the GDPR. However, you may wish to include in your privacy policy that you periodically seek customer satisfaction feedback and that you do this using 3rd parties.
What customer data is involved?
In order that we can send survey links to your customers, the data held on your ticketing system is securely transferred to our servers overnight, every night. Your organisation has its own database, accessible only by you, nominated members of your team and Purple Seven staff. Information collected includes customer names, contact details and ticketing history. Within this data is the email address of the ticket buyer to which the survey invitation will be sent. For this data you remain the Data Controller and Purple Seven is the data processor.
When a customer chooses to complete a survey, the survey responses and metadata including IP address, device on which the survey was accessed and browser information is collected.
Within the survey itself some questions come under the new ‘Special Category Data’ definition of the GDPR which includes ‘Race’ and ‘Ethnic Origin.’
All ‘Special Category Data’ that is collected is used at an aggregated level for monitoring industry trends and, like other data included in the survey responses, is used only for statistical purposes and not for targeting or identifying an individual.
How is the data used and who can see what?
Survey response data is made available to better understand if your customers are happy with the products and services you provide and how you might improve.
Responses are accessed through the Vital Statistics account where insight reports can be run on responses gathered by event. All users have unique login credentials giving them access to their account. The administrator at your organisation can control which of your team has access at any point. Customer PII is available to view in this platform but is not directly associated with the survey responses.
Purple Seven also aggregates survey responses to create an industry benchmark for customer satisfaction across the measures being asked. All PII is masked before the creation of this benchmark.
Purple Seven staff also have access to your account to provide customer support.
How long is the data retained?
As Data Controller, you have full control over when your customer data is deleted. Under the GDPR you may have specified in your privacy policy the period for which you retain customer data. We have functionality so your company retention policy will be adhered to, automatically anonymising customer data held in your database with us once it meets those criterion. Tell Us Your Retention Period
Data that has been included in an anonymised form at aggregate level falls outside the GDPR.
Can my customer opt out from being surveyed?
Yes. Just like other email marketing communications the survey invitation has an ‘unsubscribe’ link. If a customer clicks this link, their email address will not be used for any future event surveys sent from your organisation.
Where is the data processed?
Our data infrastructure is provided by Millennia Cloud Services. All data centres are accredited to ISO9001:2008 and ISO27001:2013 and all have redundant 10Gbit/s fibre connections.
Is Purple Seven registered with the ICO?
Yes, our registration number is ZA849403
Our Privacy policy relating to DYET
Under GDPR Purple Seven becomes a data controller of the responses given by customers to the survey questions. For this reason, we have created a separate privacy policy dedicated to this product and data processed as a consequence of this product.