Posted on: 2018-02-23 Last updated: 2018-05-22

 Why and how do we collect data

We’re a digital company who is offering an online survey solutions which by nature is designed to collect data. SurveyLegend AB’s main purpose of gathering personal data and user’s other information is to maintain service, ensure safe and guaranteed service performance for its users, upgrade and improve functionality of its services and products. You can read our Privacy Policy to get a detailed understanding on how we treat the privacy and security. There, we also explain in details why and how we collect data from our Users, Respondents, and Visitors, how we use it, and how long we keep it. Here in this page, we provide pretty much the same information mentionded above, but written in a shorter and easier-to-understand way.  

Information that our users manually give us:

1. Through account registration

To use SurveyLegend’s solution, you must create an account. Personal data and other user’ information collected by SurveyLegend is used in order to complete user registration and at the same time to ensure access to SurveyLegend’s services and products. To register an account, you have two choices.
  • Either use our registration form and enter a custom “user name”, “your email address”, and a personal “password”.
  • Or use available 3rd parties such as Google, Facebook, or Linkedin to register and authenticate yourself.
  In any case, this is the personal information about you which we naturally save in our system:
  • Your username (only visible to admins of SurveyLegend’s website)
  • Your real name or nickname that you have specified in the 3rd party providers (only if you use the 3rd party providers to create the account, and only visible to admins of SurveyLegend’s website)
  • Your email address (only visible to admins of SurveyLegend’s website)
  • Your password (will be encrypted and therefore not visible or accessible to admins or other employees)
  Just like any other online tool, we need to save these data to be able to authenticate you when you login. Also, your email address will be used according to our Terms and Privacy Policies, for different purposes. For example, to enable you to reset your forgotten password, or send you email notifications about your surveys’ performance and newly collected responses. Your email address will never be shared with 3rd parties.  

2. Through payment processing and billing

When you upgrade your account to a payed subscription, you will be required to enter your payment information. This step of the payment is handled either by PayPal or Stripe (credit cards). This is based on your own preferred payment method that you manually choose in the checkout page. We will not be able to “see” or “save” your payment data, since the payment is processed by Stripe or PayPal. The only thing our payment system saves is your payment preference. This is because the system will charge your bank account or PayPal account at the beginning of every subscription period. So, you can feel safe because nobody at SurveyLegend can see the payment details.


To securely handle online payments, we use the best and most secure online payment system available, called Stripe. While users upgrade their free account to a paid subscription,  we request them to provide us with such information as: name, surname, address, and company or business name and VAT number (when applies). At this stage, Stripe which handles our online payments will require the user to provide credit/payment card information. When making payments to use our services, the personal information are required by law for accounting and bookkeeping purposes, and for us to be able to pay tax to the right countries or states, when applicable. However, this information will simultaneously enable us to send the payment receipts to our customers. In our Stripe dashboard, we can see an overview of all transactions and users who have paid us, but this data is without provided credit/payment card information, as they are encrypted and safely stored in Stripe’s data centers. They only thing we may be able to see is user’s credit/payment card type, for instance Visa, Master, or American Express.
Risha Jamison Privacy Counsel | Stripe, Inc. 185 Berry Street, Suite 550, San Francisco, California 94107 [email protected] Phone: (866) 620-8423

At the time of writing this document, we cannot verify if PayPal as an organization is compliant with the GDPR.

Therefore, we do not recommend our users (specially citizens of EU who are protected by GDPR) to use PayPal for their payments, unless the users are fine with PayPal’s terms and privacy policy.


3. Through creation of “surveys” and collection of “responses”

When you create questionnaires, you naturally type questions or upload pictures to be used in questions or answer choices. Also, when you send out your surveys to your target audience, they will manually enter information or upload files while answering your questions. This data that you as a SurveyLegend user, or your respondents manually enter to our system will be securely saved on our data centers hosted by DigitalOcean LLC, which are physically located in EU (Frankfurt Germany) and follow GDPR law. These are used for data storage in databases and as digital files, emails and for generating charts of collected responses.
Alan Shapiro General Counsel | DigitalOcean, LLC 101 Avenue of The America, New York, New York 10013 [email protected] Phone: (347) 903-7918
Also the current structure of our system uses a 3rd party service made by Google called Firebase. All of Firebase database are currently located in US only and there are no plans to add to Europe at the moment. Google LLC, including the Firebase products, is certified under both the EU-U.S. and Swiss-U.S. Privacy Shield frameworks and their certifications can be viewed on the Privacy Shield list. Google is working hard to prepare for the GDPR across Firebase. We are also committed to helping our customers succeed under the GDPR. Firebase already complies with GDPR. Google Firebase is used as an intermediate database for storing surveys and responses, and data for charts. Before the data reaches and gets saved on our European servers, it is temporarily passed and processed through Google Cloud servers that abide by the European Union (EU) data protection directive. However, as soon as the data is processed there (which normally takes just a few seconds), it will be transferred and saved on our servers and immediately deleted form Google Cloud Servers.
Keith Enright Director, Privacy Legal | Google LLC Google Data Protection Office 1600 Amphitheatre Pkwy, Mountain View, California 94043 [email protected] Phone: 650-253-0000 Fax: 650-618-1806

Information that we automatically collect through analytics and tracking:

Just like all other companies which sell digital services or products, we need to know how people use our website or app. This is achieved through using analytics and tracking tools in our website and app. These terms may sound scary and connote a negative message. But we can assure you that we don’t do anything evil here. Therefore, when using our software or website we may collect device information such as device type, operating system and browser version. We use this information in order to provide an optimized version of our applications for your device type. Please be aware we also collect and process data related to the use of our software and services (online surveys, questionnaires, and forms) by our users and their respondents. We use such data for statistical purposes and may also use it to improve our software or create and improve new services. Such data is collected anonymously and processed collectively. In short, these analytics tools provide knowledge that enables us to give a better and richer experience to our users. For example, by knowing which keywords people use when perfomring searches to find our website, we can make sure that our website is found for users who are looking for the services that we offer. Or another example is when we see that people come to our user guide page and search for a specific keyword, this tells us that either they need a feature that we do not have (so we can decide to build it for them), or we realize that we already have that feature, but people do not find it in our tool (which makes us re-think our design and make things more clear). Another example could be insights that we gain about how users generally navigate our site. For instance when we notice a certain repetitive pattern then we can draw several different conclusions that help us grow and become better and more relevant for those users. Let’s say many users find our website on Google using a specific keyword such as “picture-based survey” (which we do offer as a service), then they come to a certain page in our website, but then leave the site within 10 seconds without creating an account or testing our tool. This makes us think why does this happen so often? Do we have a page that loads very slowly? Is there something provocative there? Is there a bug in that page? Is the information on that page irrelevant or confusing? What changes can we make to be more clear and more user friendly. You see, this is the type of insight we gain and this is why we do it. Just to make things better for our users or random website visitors. Here are the three and only tools that we use on our site for analytics and tracking purposes:

1. Through Google Analytics

Both on our website and in our app, we use a service from Google which is called Google Analytics. Google Analytics is used for tracking page views and user behaviour within SurveyLegend services. With intentions of improving user experience, identifying bottlenecks and pain points, improving performance and ease of use. Important to know that data is kept in Googles systems and is not used to track individual users only to get an overview of large groups of users. Google Analytics shows us general information which are not personally identifiable! For example, we cannot not see who exactly has searched for which keyword on Google to find our website, or we can never know which one of our current visitors lives exactly where. As explained in the previous sections, we just see general behavior of our visitors or users, which countries they are from, which pages on our website are mostly visited, what devices (computers, tables, or smartphones) or web browsers (Chrome, Safari, Firefox, etc..) are used to access our site or app, and things like that. Another thing we can notice is generic browsing patterns, for instance users who come to page A, usually go to page B, and then from there go to page C, an then X% of them will create an account. So here is nothing personal.
Keith Enright Director, Privacy Legal | Google LLC Google Data Protection Office 1600 Amphitheatre Pkwy, Mountain View, California 94043 [email protected] Phone: 650-253-0000 Fax: 650-618-1806

2. Google reCAPTCHA

Both on our website registering page, our support and contact page we use Google reCAPTCHA. Google reCAPTCHA is used to stop bots from creating accounts and misusing our system, creating problems for our members and people in general. Important to know that data is kept in Googles systems and is not used to track individual users only to get an overview of large groups of users. Google reCAPTCHA shows us general information which are not personally identifiable! For example, we can not see who exactly has registered, used the support page or the contact form. As explained in the previous sections, we just see the general behavior of our visitors or users, which countries they are from, how the register-, support- and contact forms are used, what devices (computers, tables, or smartphones) or web browsers (Chrome, Safari, Firefox, etc..) are used to access our site or app, and things like that. All this is to recognize bot behavior so bots can’t create 1000s of accounts and create problems for us as a company and for people in general not only our members.
Keith Enright Director, Privacy Legal | Google LLC Google Data Protection Office 1600 Amphitheatre Pkwy, Mountain View, California 94043 [email protected] Phone: 650-253-0000 Fax: 650-618-1806

3. Through LiveChat

We are also known to provide a superior live chat support both to our users and website visitors. To acomplish this, we use a tool called Livechat. This application has an built in tracking system that provides us with some data and insights about users and their way of surfing our site or app, which we will explain below. As a visitor or a SurveyLegend user, you do not have to use the live chat support. But if you decide to use it, you will be asked to provide your name and email address. As soon as the chat session starts, our support agent will be able to see the following pieces of information about you:
  • your email
  • your name
  • your public IP address which shows your country and country
  • your local time
  • your browser model and version
  • your operating system
  • whether you are a new user, a paying user, or a returning visitor
  • whether we have chatted before, and the chat history in this case
  • which web-page in our site or which pane in our app are you looking at
  • and a few previous pages on our site or panes in our app, that you visited before chatting with us
This information is firstly for us to be able to filter out or block visitors who simply want to have some fun and waste time, so we can instead focus on real users who really need help or have questions. But most importantly this data will help us to:
  • Provide a more personalized help
  • Save your time and avoid unnecessary questions, such as: Are you our user? Have we chatted before? Can you tell us your question again? What browser do you use? Have you visited our user guide about this feature? and so forth…
  • Provide a faster and more accurate support, for example when we know a bug that you may be reporting is caused by an old web-browser version that you may be using, we can recommend you to upgrade your browser.
  • Save records of our conversations with you to be able to get back to you again, when we have answer to your questions, if we couldn’t provide a satisfactory answer right away.
  • Transfer your support requests or support tickets to our development team, in case their engagement is required to solve your problem. For instance when you report a bug, or some feature does not work specifically for your account.
If we chat with you, our conversation history and the mentioned data about you is encrypted and stored on LiveChat’s data centers located in Europe, only visible by our support agents. Whenever you wish, you can ask our support agents to delete your chat history. At the time of writing this document, LiveChat is working on becoming fully compliant with GDPR, and we are working on signing a “Data Processing Agreement” with them.
Katarzyna Janiszewska Lawyer | LiveChat Inc. One International Place, Suite 1400, Boston, Massachusetts 02110 [email protected] Phone: +1 617 275-2400

4. Through Cookies

The cookies SurveyLegend uses are small text files that store data made available by your web browser, such as language preference. This information helps us give you a better experience when browsing our website.
  • Cookies do not provide us with any personally identifiable information.
  • You can change or block cookies in your browser settings.
  • Cookies do not harm your computer or impact your online security.

Become a Legend Now ;)

Make your 1st free online survey today!

starMobile-ready surveys
starUnlimited responses
starLots of amazing features!