NPS and the EU General Data Protection Regulation – GDPR

May, 25th, 2018 the EU General Data Protection Regulation – or GDPR as it is customary called – comes into force. From this date Data Privacy of EU citizens is regulated within a new framework. This has implications for FanExam and probably all other NPS providers. FanExam is committed to be fully GDPR compliant by May 25th.

Simple steps to use FanExam GDPR compliant

In terms of the GDPR, FanExam acts as a “data processor” if you use the FanExam NPS service to survey your customers. You can use FanExam GDPR compliant by these simple steps:

  • Don’t collect the IP address of customers. This setting can be selected in the FanExam settings page.
  • You can anonymize customer personal information by using an opaque identifier (for example a cryptographic hash). When you do this, FanExam (as a data processor) has no means to identify your customers. Be aware that you as a “data controller” still have the possibility to identify your customers (and you should make sure you have the consent of your customers).
  • Obtain consent from you customers, e.g. by asking them before collecting NPS.

We will keep you updated about changes we implement to make GDPR compliance built into FanExam.