ZEF Security and Privacy Overview

The security and privacy of your data is of high importance to us. We take extensive measures to make sure that your personal data and survey data is kept secure. You, as the customer, own all customer content that you create with Zeffi. To read more about your intellectual property rights and the way in which we have designed our service, please read our Terms of Use. To find out more about ZEF's data processing activities, please see our Privacy Policy.

All materials are meant for informational purposes only and are not meant for the purpose of providing legal advice. If you are looking for legal advice, please consult a lawyer.

Data security is very important to us

All data, including personal data, is handled and processed securely. The GDPR is taken into consideration in all stages of personal data processing and we have added tips throughout the survey creation process so that also you remember to take the GDPR into account.

You control your surveys

Want to create a survey that can be edited by any of your colleagues? And another survey that should not be seen by anyone but you? No problem! We have several survey access levels available, so you get to choose who will see the results of more sensitive surveys.

Safe data processing

You as a customer may use personal data such as email addresses as a part of surveying process. In this kind of cases we as a survey tool provider will act as third party between you and your contacts and GDPR requires us to have written agreement in format of DPA.

More detailed information about security & FAQ

GDPR

For more information on how ZEF processes personal data, please see our Privacy Policy and Data Processing Addendum (DPA).

General Information:

When you, as our customer, use ZEF to collect or process personal data, you are the data controller and ZEF is a data processor of this personal data.

Transfers of Personal Data:

According to the GDPR, personal data can be transferred outside of the European Economic Area (EEA) when the transfer is based on the Commission’s adequacy decision, when appropriate safeguards are in place or when binding corporate rules have been approved. ZEF is fully GDPR compliant in all cases, where personal data is transferred outside of the EEA.

ZEF uses Google’s services for storing survey data. Respondent data (thus a respondent’s answer and contact data) is stored in the Google Cloud SQL database instance located in Belgium. If emails are sent to end users through Zeffi, then the end users’ personal data goes through Mailgun, which is used for sending emails. In the process of sending emails to end users through Zeffi the end user data is not transferred outside EEA.

User data (thus the Zeffi survey creater’s data) is stored in Google Firebase. The survey creator’s personal data may be transferred to the United States. This data can contain the user’s name, email address, phone number and profile picture. See a comprehensive list of ZEF’s third-party data processors from here: https://zef.fi/third-party-data-processors/

Privacy of Zeffi Users:

Survey creator data (thus the Zeffi survey tool user’s data) is stored in Google Firebase. The survey creator’s personal data may be transferred to the United States. User data can contain the user’s name, email address and profile picture. See a comprehensive list of ZEF’s third-party data processors from here: https://zef.fi/third-party-data-processors/

Privacy of Respondents:

ZEF uses Google’s services for storing survey data. Respondent data (thus a respondent’s answer and contact data) is stored in the Google Cloud SQL database instance located in Belgium. If emails are sent to end users through Zeffi, then the end users’ personal data goes through Mailgun, which is used for sending emails. In the process of sending emails to end users through Zeffi the end user data is not transferred outside EEA. See a comprehensive list of ZEF’s third-party data processors from here: https://zef.fi/third-party-data-processors/