Do you use quizzes or polls to collect leads? You’ll need a GDPR-compliant quiz maker like Riddle to handle all that personal data.
Quizzes are powerful lead generation tools.
Riddle – meets all privacy protection requirements
Quizzes are powerful data capture tools – you can collect names, emails, and other personal data. GDPR compliance is critical.
Here’s a high level look at how Riddle protects your users’ personal data and complies with the GDPR:
- All data is hosted in Europe on our own servers (main server in Frankfurt/Main, Germany, live backup server in Luxembourg).
- No cloud-based data storage
- No trackers in the embed code – we don’t even collect IP addresses.
- Only you can view any personal identifiable data you collect with your riddles.
- Using a CRM? We send personal data to your marketing software without ever being stored on our servers.
- If you choose to store it on our servers, it will be encrypted and cannot be accessed by Riddle staff.
- Riddle’s Data Processing Agreement (DPA)
- Our list of cookies used in our creation tools and our embed
7 reasons why you should choose Riddle as a GDPR compliant quiz maker
Riddle is not only a fully GDPR-compliant quiz maker – we also comply with other global privacy regulation like the CCPA.
Riddle is GDPR compliant because…
- No cloud servers – all our web servers are based in Germany and Luxembourg in a secure, banking-grade data center. We are operating our own server infrastructure and are not running on shared services.
- No trackers – the Riddle embed code (the piece of code you put on your website to run the quiz) does not contain any trackers or cookies.
- No IP address tracking – we don’t EVER collect your quiz takers’ IP addresses or attach customer-specific cookies.
- Personal info collected by the quiz creator via lead forms only – with each user’s specific opt-in and the form data can be stored encrypted on Riddles servers, where only the quiz creator has access to them.
- Sign our DPA – creators can sign our Data Processing Agreement (DPA) with us in case you need our staff to access any personal information associated with your account.
- No Google Font tracking – we are serving all Google Fonts directly from our own servers. We have removed all Google tracking.
- No individual tracking of data; we only track aggregate data but never individual quiz takers’ information.
Why choose an GDPR-compliant online quiz maker?
The good news?
If you follow the GDPR, you should generally be compliant with these as well. But of course – check with a lawyer just in case.
The good news? Riddle is a fully GDPR-compliant quiz maker. We power the quizzes for the privacy-conscious BBC, Manchester United, Shopify, and hundreds more.
Riddle collects only aggregate, anonymous data
As a GDPR-compliant quiz maker, we only store aggregate quiz data – with no additional information added, unless you choose to include an opt-in lead form.
For example, imagine 1,000 people take your quiz – 600 fill in your lead form, and 400 opt-out:
- For the 400 quiz takers who do not complete the form: We would store just the total count of quiz answers and overall results (1,000 people answer the quiz in this way). We would not save the specific responses from each user.
- For your 600 leads: We would collect their quiz responses, such as ‘Bob (email@example.com) answered the questions for Quiz 12345 in this way’.
If you want to collect individual quiz takers’ data, no problem. You easily can do that with our lead generations forms in a GDPR-compliant way, either:
- Store the data with Riddle (GDPR-compliant). All data collected by you will be fully encrypted and can only be decrypted with your secure login to riddle.com
- Use our our webhook to send the data directly to your own GDPR compliant storage solution – never touching our servers.
You can decide how GDPR safe your leadforms are
We suggest that you add an opt-in field to the lead form! Ask permission to store the lead’s quiz data along with the form data (like name, email, etc.). If the user fills in the lead form, but does not give permission, we will still store the lead data for you, but will show all quiz data as ‘withheld’.
Also, make sure to use our built-in double-opt-in feature – where each lead had to click an email confirmation. Only data from confirmed email addresses will be stored that way.
General information about the GDPR
Here’s a quick summary of the GDPR in an easy-to-digest format – with a focus on being a GDPR-compliant online quiz maker.
(Disclaimer: This is not legal advice, and this article on GDPR is for informational purposes only)
The GDPR applies to any organization that collects or processes personal data of EU residents – no matter where the company is located.
But what is considered personal data?
- Email address
- Bank details
- Posts on social networks
- Medical information
- Computer’s IP address
Your responsibilities under the GDPR
- You will need to provide your customers with contact information for a data controller and you need to provide a data protection officer.
- EU citizens have the right to request information and ask for the deletion of all data stored about them. You need to make sure that you can comply with these requests.
- You also need to make sure to encrypt or pseudonymize data you store. When you choose a tool to store your lead data outside of Riddle, make sure they are compliant.
Any questions about Riddle – the GDPR-compliant quiz maker?
If you have any questions about our being a GDPR-compliant quiz maker – or would like copies of our data certificates, please drop us an email to firstname.lastname@example.org – or ask us on support chat.
If you don’t have any questions, what are you waiting for? Create your first GDPR-safe quiz within 5 minutes!