Privacy Policy

We're glad you're here, we appreciate your interest in privacy. In this document, we’ll explain how personal data is handled at Responsly to keep everything transparent and straightforward.

This Privacy Policy takes effect on September 23, 2024. Any capitalized terms in this document are defined in our Terms of Service. If there’s ever a conflict between this Privacy Policy and our Terms of Service, the Terms of Service will prevail.

At Responsly, we’re committed to handling your data responsibly. As a data controller, we process personal data collected directly from you or provided to us. For respondents' data or data entered into the system as part of account activities, we act as a data processor rather than a data controller.

Who we are?

Responsly is operated by Sixpoints – Jędrzej Koronowicz, a Polish company incorporated under the laws of the Republic of Poland. Our registered office is located at: Dywizji Wolynskiej 85, 80-041 Gdansk, Poland, Tax Identity Number: PL5842612410, Contact Email: help@responsly.com

Whenever we refer to "Responsly," "we," "us," or "our," we're talking about SixPoints as the service provider of Responsly.

What Data Do We Process and Why?

When You Give Consent

  • Purpose: We process your data to fulfill the purpose for which you gave consent.
  • Legal Basis: Art. 6(1)(a) GDPR – your consent. You can withdraw consent anytime by emailing us at help@responsly.com. Withdrawing consent won’t affect processing done before withdrawal.
  • Retention Period: Until consent is withdrawn or for legal purposes (e.g., defending claims).
  • Who Sees Your Data: Trusted IT, customer service, accounting, or legal partners who help us fulfill the consented purpose.

When You Use Responsly

  • Purpose: To create and manage your account and fulfill our agreement with you.
  • Legal Basis: Art. 6(1)(b) GDPR – contract performance.
  • Retention Period: As long as your account is active and for any legally required period afterward.
  • Who Sees Your Data: IT, customer service, accounting, or legal partners involved in providing our services.

When You Contact Support or File a Complaint

  • Purpose: To provide answers, assistance, and resolve your concerns.
  • Legal Basis: Art. 6(1)(f) GDPR – our legitimate interest in helping you.
  • Retention Period: 12 months from resolution or longer if needed for legal claims.
  • Who Sees Your Data: Relevant IT, customer service, accounting, or legal partners.

When You Participate in Forms

  • Purpose: To improve our services and understand user experience.
  • Legal Basis: Art. 6(1)(f) GDPR – our legitimate interest in service improvement.
  • Retention Period: 12 months after form completion, or longer for legal purposes.
  • Who Sees Your Data: Partners supporting IT, customer service, or form analysis.

When We Send Notifications or Emails

  • Purpose: To keep you informed and send notifications.
  • Legal Basis: Art. 6(1)(f) GDPR – our legitimate interest in communication.
  • Retention Period: While your account is active, with limited retention afterward for legal purposes.
  • Who Sees Your Data: Trusted IT, customer service, or legal providers.

When Website Visitors Use Cookies

  • Purpose: To enhance your experience, improve our website, and analyze usage.
  • Legal Basis: Consent or Art. 6(1)(f) GDPR – legitimate interest in website performance.
  • Retention Period: Until consent is withdrawn or longer if required for legal claims.
  • Who Sees Your Data: Trusted analytics and IT service providers.

Your Rights

We value your rights and are here to help! Under GDPR, you can:

  • Access, correct, or delete your data.
  • Transfer your data if consent-based.
  • Restrict or object to data processing when based on legitimate interest.
  • Withdraw consent at any time.
  • Lodge a complaint with your local supervisory authority (in Poland, this is the President of the Office for Personal Data Protection).

Data Sharing and Transfers

In some cases, data may be shared with third parties or transferred outside the European Economic Area (EEA). However, we only do this in line with our agreements and with a strong focus on data protection and compliance. Here’s how it works:

  • Basis for Data Transfers: Any transfer of data to third countries is conducted under agreements that we have carefully established with our service providers.
  • Purpose: Data sharing and processing are directly related to the performance of our agreement with you (e.g., to provide and improve our services).

Full List of Providers

Below is a complete list of our trusted providers who may process data as part of their role in helping us deliver Responsly services:

SubcontractorPurpose of ProcessingLocationWhat Data is Shared
AWSHosting, storage systems provider, Transactional messagingEUData concerning respondents and users, contact info, identification data, usage data, survey responses.
DigitalOceanHosting and storage systems providersEUData concerning respondents and users, storage-related data.
CloudflareContent distribution, security, abuse prevention and DNS servicesGlobalIP addresses, browser data, and site performance metrics.
OpenAIService provider for hosting large language models and embeddingsUSAText input data, interaction data, and generated responses.
SentryError trackingUSAError logs, user interaction data related to bugs or issues.
HelpScoutSupport servicesUSAUser support tickets, contact details, and interaction history.
AmplitudeEvent logging for analyticsUSAAnonymized user activity data, event tracking, and engagement metrics.
SegmentEvent logging for analyticsUSAUser interaction data, behavioral analytics, and event logs.
PostmarkTransactional messagingUSAEmail addresses, message content, and delivery status data.
MailerSendTransactional messagingUSAEmail addresses, message content, and delivery status data.
Customer.ioTransactional, broadcast, and marketing messagingUSAEmail addresses, marketing preferences, and interaction data.
GoogleTranslation API, AnalyticsUSAUser activity data, analytics, translation text input, and interaction data.
TwilioSMS, WhatsApp and Phone functionalityUSAPhone numbers, message content, and delivery data.
MailGunTransactional messagingUSAEmail addresses, message content, and delivery status data.
MixpanelEvent logging for analyticsUSAUser interaction data, anonymized event tracking, and analytics metrics.

In the case of the above-mentioned providers, some data is transferred to countries outside the European Economic Area, including the United States. Please note that the USA does not currently have an adequacy decision from the European Commission, meaning European data protection regulations do not directly apply there.

We want to be transparent and let you know that transferring data to the US carries a potential risk of access by US authorities under their applicable laws. However, we’ve taken steps to protect your data by entering into robust data processing agreements with all these providers, ensuring your data is handled securely and in compliance with applicable standards. If you have any concerns or questions, feel free to reach out to us – we’re here to help!

We ensure that any data transfer outside the EEA complies with applicable legal requirements, including the use of Standard Contractual Clauses (SCCs) or other safeguards where necessary.

If you have any questions about data sharing or need more details about specific providers, feel free to reach out to us at help@responsly.com.

Categories of Third Parties Engaged by Responsly

We work with different types of third parties to provide and improve our services. Here's a breakdown of how we engage with them and your options for managing your preferences:

1. Third Parties Requiring Your Consent

For certain tools, like those involving cookies or tracking technologies, we ask for your explicit consent. You'll see a cookie banner on the login page of the Responsly App where you can choose to accept or reject these cookies. You can also update your preferences anytime through our Help Articles, giving you full control over your consent choices.

2. Third Parties Engaged Based on Legitimate Interests

We also partner with third parties to integrate services that are based on our legitimate interest. These partnerships aim to enhance our service or add valuable features. If you’re uncomfortable with this, you have the right to object to your data being processed by these parties. You can easily submit your objections via our Help Articles.

3. Essential Service Providers

Some third parties are critical to the functioning of Responsly. These providers are essential to delivering our services, such as DigitalOcean and AWS, which powers the infrastructure of Responsly. By using our services, you agree to the involvement of these third parties. Unfortunately, opting out of these services isn’t possible unless you discontinue using Responsly.

Consent and Your Choices

We prioritize your privacy and provide you with clear options to manage your data-sharing preferences:

  • At Entry: When you log in, you'll see a cookie banner where you can accept or reject the use of tools that require your consent.
  • Help Articles: For ongoing consent management, visit our Help Articles. Here, you can change your preferences or object to data processing based on legitimate interests at any time.

Your choices are respected, and we aim to give you full control over your data. Please note that rejecting certain third parties might limit the functionality of our services.

If you have any questions or concerns about how your data is shared, feel free to reach out to our team at help@responsly.com. We're here to help!

Use of Google API’s

Responsly utilizes Google APIs to enhance our platform. This includes secure login access and seamless OAuth-based integrations for our services. We are committed to handling all data sourced from Google APIs responsibly, especially prioritizing the security of authentication data.

Adherence to Google API Services User Data Policy

Responsly strictly adheres to the Google API Services User Data Policy, ensuring compliance with Limited Use requirements. This guarantees that any data obtained through Google APIs is processed with the utmost respect for your privacy and aligned with policy guidelines.

Limited Application of Google API Data

The data we access or send via Google APIs is exclusively used for the intended purposes of specific APIs, within the context of providing our services. We ensure that:

  • The data is never used for advertising purposes.
  • We do not share this data with third parties, except where necessary for delivering our services.
  • All data is securely stored and accessible only by authorized personnel.

Your Rights and Choices

You have control over the data shared with Responsly through Google APIs. Adjust your preferences and settings as needed. If you have further questions, feel free to reach out to us.

Data Processing and Responsibility

Responsly acts as a data processor under GDPR when a Data Processing Agreement (DPA) is in place. Users control the data processed via our platform. For questions about data processing, please contact the survey creator.

Data Related to Respondents

  • Visitor ID
  • Visitor attributes (from survey URLs or passed traits)
  • IP address
  • Browser language
  • Email address (for link surveys)
  • Operating system version, device type, and device

Responsly does not use cookies to target respondents, but we may offer features for survey delivery based on existing visitor cookies. Respondents' IP addresses may be processed for live service delivery or firewall purposes, but we do not store precise geographic data.

System Notifications

We provide notifications to keep you informed:

  • Service purchase confirmations
  • Subscription renewal reminders
  • Product updates and new features
  • Service interruptions or maintenance
  • Changes to Terms of Service or pricing

Anonymous Reports

Responsly may generate anonymous, statistical reports for development or promotional purposes. These reports are entirely quantitative and do not include any personal data.

Security Practices

We prioritize your privacy and security:

  • Encrypted connections to our website - always look for HTTPS in the URL or lock icon 🔒
  • We never ask for sensitive data over email
  • Verification steps may require account logins or organizational confirmation
  • Use safe devices and networks when accessing our services

Cookies

Cookies enhance your experience by storing data on your device. Learn how to adjust cookies in your browser:

Contact Us

If you have any questions or need assistance, feel free to reach out to us at help@responsly.com. We're here to help!

Get answers today

It's really easy and we'll help you when needed
Sign up for free
  • No credit card required
  • No time limit on Free plan
Talk to us!