PRIVACY POLICY FOR QUESTBACK ESSENTIALS (TRIAL PERIOD)

Questback is committed to privacy and data protection. Protecting the privacy of our users and their respondents is extremely important to us. When it comes to processing personal data, we are aware of the importance of transparency.

This Privacy Policy explains how we process personal data of individuals (“User”) on this registration page for our service Questback Essentials and in the admin area of our service Questback Essentials (hereafter “Service” and/or “Software”).

Please also see the General Terms and Conditions for free trial accounts.

Who is processing your personal data

www.questback.com. As the controller according to Art. 4 (7) GDPR, we ensure that User’s personal data is solely processed in accordance with the GDPR and other applicable data protection laws.

What personal data do we process

We will process your personal data, for example:

Name and contact data: Your first and last name, email address, country/region, postal address, phone number, language and other similar contact data.

Credentials: Passwords.

Interactions: Data about your frequency, duration and type of use of our Service.

Contacts and relationships: Data about your contacts who participate in surveys.

Location data: We collect location data using the device’s IP address or data in the account profile that indicates where it is located with less precision, such as at a city or postal code level.

Assignment data: Data about surveys you created, contacts uploaded by you, and other similar assignment data.

Support and suggestions notifications: Your email address and your notification regarding support requests or suggestions.

Payment data: Data to process payments, e.g. your payment instrument number (such as a credit card number) and the security code associated with your payment instrument.

Subscription and licensing data: Information about your subscriptions, licenses, and other entitlements.

Other personal data: Other information provided by you voluntarily when using our Service.

How we process personal data

Questback is processing personal data we collect for various purposes to ensure a convenient, effective and secure user experience.

In particular, we use data for:

Providing our Service: We use personal data to operate our Service and to provide you the functionalities of our Service, such as creation and conduction of surveys and follow-ups, creation of templates, and administration of your respondent database.

Product improvement: We use data to continually improve our products and services, including adding new features or capabilities. In its anonymized and aggregated form, such data will never be attributed to you or the respondents.

Customer support: We use personal data to diagnose problems and difficulties with our Service and provide customer care and support services to you.

Security: We use data to help secure and troubleshoot our Service. This includes using data to protect the security and safety of our products and customers, detecting malware and malicious activities, troubleshooting performance and compatibility issues to help you get the most out of your experiences, and notifying you of updates to our products. This may include using automated systems to detect security and safety issues.

Updates: We use data we collect to develop product updates and security patches. Updates and patches are intended to maximize your experience with our Service, help you protect the privacy and security of your data, provide new features, and ensure your device is ready to process such updates.

Protecting rights and property: We use data to detect and prevent fraud, resolve disputes, enforce agreements, and protect our property. For example, we use data to confirm the validity of software licenses to reduce piracy. We may use automated processes to detect and prevent activities that violate our rights and the rights of others, such as fraud.

Legal compliance: We process data to comply with law. For example, we process contact information and credentials to help customers exercise their right under privacy legislation.

Promotional communications: We use personal data we collect to deliver promotional communications regarding our products offerings, events, webinars, special offers, discounts. You can sign up for email subscriptions and choose whether you wish to receive promotional communications from Questback. You can opt out at any time from receiving promotional communications.

Transacting commerce: We use data to carry out transactions with us. We will process payment information to provide customers with product subscriptions, enable payment transactions and use contact information to deliver products purchased from us. For example, we may process cardholder name, email address, unique customer identifier, order ID, bank account details, payment card details, card expiration date, CVC code, date/time/amount of transaction, location.

We rely on a variety of legal reasons (“legal bases”) to process personal data for the purposes described above, including your consent, a balancing of legitimate interests, and necessity to enter into and perform contracts with our customers, and to comply with legal obligations.

How we share your information

We will not share your personal data with third parties unless stated otherwise in this Privacy Policy or required by statutory law or authorities. Your personal data will be used and accessed by one or more of the following recipients:

Questback companies

We will share your personal data with all members of the Questback Group which includes:

  • Questback Sweden AB, Kungsgatan 48, 111 35 Stockholm, Sweden
  • Questback OY, Keilaranta 1, 02150 Espoo, Finland
  • Questback GmbH, Gustav-Heinemann-Ufer 72a, 50968 Cologne, Germany
  • Questback Ltd., 77 Leadenhall Street, London EC3A 3DE, United Kingdom
  • Questback Inc. New York, 575 Lexington Avenue, 14th floor / WeWorks New York, NY 10022, USA
  • Questback Inc. Texas, 21 Waterway Avenue #500, The Woodlands, TX 77380, USA

As far as personal data is accessed from or processed by Questback group companies outside the EU/EEA, we have undertaken appropriate safeguards by concluding standard data protection clauses adopted by the EU Commission (Art. 46 (2) GDPR). For further questions on these safeguards, please contact us at dataprotection@questback.com.

Suppliers

We may share personal data to several suppliers, as required. These suppliers will process personal data only on a need-to-know basis and as instructed by Questback to ensure a secure, reliable and high-performance user experience of this service. For example, we will share personal data with

providers of hosting and supplementary services to operate and maintain our IT infrastructure, enhance accessibility and performance of our website and Services.

Marketing and CRM solutions

We process your personal data for marketing and promotional purposes only to the extent permitted by privacy laws and regulations. To deliver marketing messages and to manage our customer relations with you we use cloud-based services and applications. Our suppliers for such services and applications process personal data only as instructed by Questback and for the purposes described in this Privacy Policy.

COOKIES

This section provides information on cookies used on this website and in the admin area of our Service. If you do not accept cookies listed in this information, please do not use this Service.

What are cookies?

Cookies are small text files, that are stored on you computer assigned to the browser you are using and through which information can be provided to the website that set the cookies. Cookies cannot be used to run programs or deliver viruses to user’s computer. Cookies do various jobs, which make the user’s experience of the Internet much smoother and more interactive. For example, cookies are used on our website to store your login-status and assure that only humans sign up for a trial version.

On the landing page for registration of trial accounts, the following cookies may be placed:

Name Purpose of use and interest Retention period
qb-ConsentToolicy Stores the confirmation of the cookie banner. 14 days
ASP.NET_SessionId Asp.net standard session cookie for session management. Retains the status of the user for all page requests. Session cookie
NID This cookie is set by Google reCAPTCHA and sets an individual ID. 6 months

Third-party service Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

With reCAPTCHA it is checked whether the sign up for a trial version of our Service on this websites is done by a human being or by an automated program. For this reCAPTCHA analyses the behavior of the web site visitor on the basis different characteristics. This analysis starts automatically as soon as the website visitor accepted the cookie banner. For analysis, reCAPTCHA evaluates various information (e.g. IP address, time the website visitor stays on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background.

It is not possible to signup for the free trial version on this website without accepting this service. The use of this service is necessary to protect our systems and to ensure that our trial versions are only provided to humans. This processing is based on your consent.

https://www.google.com/recaptcha/intro/android.html.

In the admin area of the Service, the following cookies may be placed:

Name Purpose of use and interest Retention period
.esslogin This cookie checks, whether a login to Essentials is done with Single-Sign-On or with user credentials. 365 days
ASP.NET_SessionId Asp.net standard session cookie for session management. Retains the status of the user for all page requests and is part of the ASP.NET Framework. Session
QBDate This cookie is used to save your login based on the session ID. 2 hours
.QuestBack This cookie is used to progress your login the session. If you choose the option “Save password”, this cookie will store your login for ESS for 15 days. Therefore, no new login is required for the lifetime of the cookie. Session or 15 days
__AntiXsrfToken Prevention of cross-site request forgery attacks (CSRF). Session
.QBOnline Session management for displaying reports. 2 hours

Your choices

Withdrawal of consent

If you have given your consent to processing your personal data, you are entitled to withdraw your consent at any time. If you wish to do so, please contact Questback by sending an email to dataprotection@questback.com or by other means. Please note that your withdrawal has no effect on the lawfulness of data processing prior to your withdrawal; such processing remains valid.

Right to object

You are entitled to object at any time to our processing of your personal data on grounds relating to your particular situation, unless Questback demonstrates compelling legitimate interest in the processing which overrides your interests.

Additional rights

You may also be entitled to supplementary individual rights granted under data protection regulation, such as the right

  • to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and further information;
  • to obtain the rectification of inaccurate or completion of incomplete personal data concerning you,
  • to obtain the erasure of personal data concerning you subject to certain preconditions;
  • to obtain restriction of data processing subject to certain preconditions;
  • to receive the personal data concerning you, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller subject to certain preconditions;

dataprotectionofficer@questback.com. If you seek to exercise your rights, we reserve the right to delete your entire account completely in order to service such request due to technical reasons.

You are entitled to exercise your rights for each purpose of data processing separately (e.g. you may object to receiving further newsletters and continue to receive product information).

https://www.datatilsynet.no). However, we strongly recommend to get in touch with us directly to address your inquiry as soon as possible.

How long do we process your personal data

We will keep your personal data for no longer than is necessary for the purpose described in this Privacy Policy unless there is a legal basis for such processing or Questback is obligated to keep personal data due to statutory retention duties. If you chose to unsubscribe from our services at all, we will delete your personal data immediately upon cancelling your subscription, except for personal data we need to ensure that you will not receive unsolicited messages in the future. We will also delete your personal data upon the expiration of your trial period, unless you sign on to our Service by entering into a regular subscription.

*****

Version 1.0

March 2020

Finland

International

Benelux

Norway

Sweden

Germany