Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
en:general:privacy [14.11.2019 12:31] adminen:general:privacy [29.06.2025 21:36] (current) admin
Line 1: Line 1:
 ====== Privacy Protection in the Online Survey ====== ====== Privacy Protection in the Online Survey ======
  
-Online surveys are restricted by research ethics and laws. In many countries, violating privacy laws involves the risk of severe penalties. SoSci Survey supports you in creating privacy compliant online surveys. First, SoSci Survey provides features to collect data without violating privacy. Second, the survey servers [[https://www.soscisurvey.de|www.soscisurvey.de]] and [[https://s2survey.net|s2survey.net]] provide the infrastructure to run privacy-compliant online studies -- especially customer an employee surveys.+Online surveys are restricted by research ethics and laws. In many countries, violating privacy laws involves the risk of severe penalties. SoSci Survey supports you in creating privacy compliant online surveys. First, SoSci Survey provides features to collect data without violating privacy. Second, the survey servers [[https://www.soscisurvey.de|www.soscisurvey.de]] and [[https://s2survey.net|s2survey.net]] provide the infrastructure to run privacy-compliant online studies according to GDPR. Such surveys include customer an employee surveys.
  
  
Line 7: Line 7:
  
  
-==== Contract about Processing of Personal Data ====+==== Contract about Order Processing of Personal Data ====
  
-If your study works with personal data, it may be necessary to make a contract about the processing of personal data with us. Our contract conforms to the strict German law (ADV contract). If such a contract becomes relevant for you, please contact us via [[https://www.soscisurvey.de/index.php?l=eng&page=imprint|email]].+If your study works with personal data, it may be necessary to make a contract about the processing of personal data with us. Our DPA (data processing agreement) conforms to the strict German and European privacy laws (GDPR, BDSG n.V.). For details see [[:en:general:dsgvo]].
  
  
 ==== Important ==== ==== Important ====
  
-  * Companies have the ability to save call detail records about its employees, which ultimately allows them to match certain IP addresses and questionnaires, using timestamps, for example. Such data usually already comes with certain rules that regulate its usage.+  * Companies have the ability to save Internet usage detail records about its employees, which ultimately allows them to match certain IP addresses and questionnaires, using timestamps, for example. Such data usually already comes with certain rules that regulate its usage.
   * If your questionnaire asks for personal information, such as names, email addresses and phone numbers, the questionnaire obviously looses its anonymity.   * If your questionnaire asks for personal information, such as names, email addresses and phone numbers, the questionnaire obviously looses its anonymity.
   * To prevent third parties to access this data, you should choose a password that is absolutely safe. Please avoid words which already exist and vary the use of capital and small initial letters. Including numbers and choosing a password of at least 7 characters makes it even more safe.   * To prevent third parties to access this data, you should choose a password that is absolutely safe. Please avoid words which already exist and vary the use of capital and small initial letters. Including numbers and choosing a password of at least 7 characters makes it even more safe.
Line 31: Line 31:
 ==== Anonymous Panel Studies ==== ==== Anonymous Panel Studies ====
  
-If you are conducting studies with a known set of participants or panel studies where participants are to be repeatedly interviewed, SoSci Survey provides a project-internal partcipants administration function. All datasets by the same User will get a unique ID (Serial number). This ID does not allow consolitation with an email-Adress or the identity of the user.+If you are conducting studies with a known set of participants or panel studies where participants are to be repeatedly interviewed, SoSci Survey provides a project-internal partcipants administration function. All datasets by the same User will get a unique ID (SERIAL, person ID). This ID does not allow consolitation with an email-Adress or the identity of the user.
  
-However, on conducting panel studies that requires participants to be interviewed repeatedly, SoSci Survey will store an email/user-ID-assignment in a different database so that users can get an individual link. Upon deleting the email adresses, this assignment will be deleted as well ([[:en:survey:mailing]]).+However, on conducting panel studies that requires participants to be interviewed repeatedly, SoSci Survey will store the assignment between email address and person ID in a different database so that users can receive an individual link. Upon deleting the email adresses, this assignment will be deleted as well ([[:en:survey:mailing]]).
  
 ==== Separate Email Address Collection ==== ==== Separate Email Address Collection ====
Line 40: Line 40:
  
  
-====Disable Timestamps====+==== Disable Timestamps ====
  
 If collecting very sensitive data, recording of timestamps may be disabled in the project settings. In this case, neither the interview's starting time, nor dwell times will be stored. If collecting very sensitive data, recording of timestamps may be disabled in the project settings. In this case, neither the interview's starting time, nor dwell times will be stored.
Line 46: Line 46:
 This measure further decreases the probability that collected data is de-anonymized by merging with external data (e.g., an Internet provider's connection data). This measure further decreases the probability that collected data is de-anonymized by merging with external data (e.g., an Internet provider's connection data).
  
-Please note, that timestamps may still be reconstructed from the server logfiles. If it is necessary to disable the logfiles for a specific survey due to privacy issues, please contact us.+Please note, that timestamps may still be reconstructed from the server logfiles. If the recording of log files is to be switched off for particularly sensitive surveys (e.g., in the area of crime research), this is possible, but involves additional costs due to the effort involved.
  
  
Line 65: Line 65:
 Data backups of the projects and the datasets are created daily to ensure the safety of the data. Data backups of the projects and the datasets are created daily to ensure the safety of the data.
  
-SoSci Survey will not pass on any data to third parties. Other parties do not have access to the data. We have concluded agreements with the server host corresponding to §11 BDSG (German data protection law).+SoSci Survey will not pass on any data to third parties. Other parties do not have access to the data. We have concluded adequate agreements with the server host.
  
  
 ==== SSL Encryption ==== ==== SSL Encryption ====
  
-Unencrypted data transfer theoretically allows for thrid parties to gain access to the transmitted information.+Unencrypted data transfer theoretically allows for third parties to gain access to the transmitted information.
  
-The servers [[https://www.soscisurvey.de|www.soscisurvey.de]] and [[https://s2survey.net|s2survey.net]] therefore use SSL encryption with a signed certificate, noticeable at the "HTTPS" preceding the URL. All data is being encrypted by the browser and decoded by the server. This process is considered very secure.+The servers [[https://www.soscisurvey.de|www.soscisurvey.de]] and [[https://s2survey.net|s2survey.net]] therefore use SSL/TLS encryption with a validated certificate, noticeable from the ''https://'' preceding the URL. All data is being encrypted by the browser and decoded by the server. This process is considered very secure.
  
  
Line 90: Line 90:
 By default, the questionnaires do not use any cookies. Instead, to identify a user on filling out a questionnaire, the user ID is not being stored permanently on a user's computer but transferred from one questionnaire page to the next. By default, the questionnaires do not use any cookies. Instead, to identify a user on filling out a questionnaire, the user ID is not being stored permanently on a user's computer but transferred from one questionnaire page to the next.
  
-Cookies do not serve as reliable means to prevent multiple questionnaire submissions. The only way to avoid those is by using personalized questionnaire links using the serial mail or serial number function in Sosci Survey ([[:en:survey:mailing]]).+Cookies do not serve as reliable means to prevent multiple questionnaire submissions. The only way to avoid those is by using personalized questionnaire links, which SoSci Survey provides by the mailing or access code features ([[:en:survey:mailing]]).
  
en/general/privacy.1573731106.txt.gz · Last modified: by admin
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
Driven by DokuWiki