This is the survey data policy.
The following was taken from How to Write GDPR-proof Data Policies:
So, these are the points that need to be explained in your text:
What you collect and how
In your text, explain what type of personal data you are collecting and how. Is it respondents email, name, or IP address? Is it simply by asking them questions, or are you collecting data automatically (for example their geo-location or IP address)?
Why you collect
How will you use their data
This is super important to let your respondents know how you are going to use their personal data. Are you going to share it with third parties? In that case, say who these 3rd parties are and why you need to share their data with them. If you ask for their contact info for instance, are you going to use it to contact them, or send them something?
How long will you keep their data
How secure is the data in your possession
Clarify your respondents rights
- Right to access, view, and edit their own information in a timely manner
- Right to be forgotten, which means being deleted from your survey results
- Also right to be able to opt-out form your future messages (e.g. if you use their data to send them ads or marketing messages)
Keep in mind that data is owned by the respondents, not you or your company or organization.
Who to contact