It’s no longer news that the EU’s General Data Protection Regulation (GDPR) came in to effect on May 25th. Everyone’s inboxes have been flooded with notices of renewed privacy policies. At Maptionnaire we welcome the idea behind the new requirements for companies to be more transparent and give people more control over their data. We’ve worked hard to ensure that our service and your Maptionnaire experience live up to the philosophy.
New General Terms and Conditions (GTC)
The new GTC will automatically be applied to all new Maptionnaire users. But if you already have a Maptionnaire account, the next time you sign in you will see a dialog asking you to accept our new GTC. While at it, you can also update your preference for receiving our newsletter. This dialog will open one time only. The newsletter preference can also be changed later in your user settings.
Set Privacy Policies for Sensitive Data Collection
Data Access Limitations
The GDPR instructs service providers to design with “privacy by default“. In line with this, we are limiting default access to a questionnaire’s response data within a Maptionnaire organization to the questionnaire owner only.
If the questionnaire owner wants to make a questionnaire’s data accessible to all organization members, this can be done in the new “Data and Privacy Settings” section of the editor. Note that the enlarged data access is a per-questionnaire setting and it is off by default for all existing questionnaires as well as all new questionnaires.
You can also allow response data access by default in your user settings. This will only affect newly created questionnaires and you can still change the settings of individual questionnaires separately.
Please note that the new data access setting only affects other members of your Maptionnaire organization. You can still generally or more selectively share access to the response data by setting an analysis password in the “Passwords” section of the editor.
The owner of a Maptionnaire organization can also activate API-based access to response data. This access type is separate from the password-based and organization membership-based access types. The option is intended for integration with third-party services or automated processes (FME). For more detailed information about API-based access, you’re welcome to contact firstname.lastname@example.org.
Happy and secure mapping!