This guide is about what SmartSurvey does with respondents’ IP addresses, and the implications for users (In their role as the data controllers for their respondents).
Important- this article does not constitute legal advice. You should ensure that you are aware of your responsibilities regarding personal data at all times while using SmartSurvey. About GDPR compliance
Recording of IP Addresses
By default, SmartSurvey records the IP address of every respondent (this can be changed in the Survey Settings or in the Tracking Link Settings – see
Anonymous Surveys). It’s sent to us when the connection is made between the respondent and our servers when they access the web page that hosts the survey.
When that data arrives, our database creates a record for the response, and saves the IP address it came from as part of that record. Usually this will be an IPv4 address, but it can be v6 if that’s what was used to contact our servers.
If the user who created the survey enabled the Anonymous Survey feature before collecting responses, then the IP address is discarded as soon as we receive the response data. While the IP address still needs to be transmitted to us as part of the TCP or UDP connection, it is not stored anywhere and there is no opportunity for it to be observed by a user when this feature is enabled.
Information Held in an IP Address
Each address refers to a single destination point on the internet, which usually means a computer, or small group of computers connected via a common point. It’s because of the probability that an address can be connected to a single person that it’s been classified as personal data.
The data contained within the address itself is quite abstract (just numbers), and doesn’t tell you much more than the country or region that the address is in (this is used by a lot of online services for geotargeting), the holders of addresses are also centrally registered, and these records can be accessed via a WHOIS request. This will return a collection of data about the holder of the address, sometimes including name and address.
The holder of the IP address isn’t always going to be the person who is responding to a survey. In a lot of cases, the data will be about the respondent’s Internet Service Provider. However, the IP address allows data processors to pull together data about that address from multiple sources (Surveys, data from website visits, etc) and use that to make what’s known as a “jigsaw identification” – building a profile of the user of a single IP address that can be highly tailored, which the user of the address doesn’t know about.
Where a SmartSurvey User Has Collected IP Addresses in the Past
This does not automatically breach regulations, but GDPR states that personal data should not be held for longer than is required for the purposes it was collected. So, like any other personal data, organisations need to think about whether the data they hold passes this test. Whether it does, or doesn’t, can only be determined by the organisation, so they should discuss this and take legal advice if necessary.
Removing IP Address Information From Survey Responses.
Currently, it’s not possible to retroactively delete a logged IP address from a response (or group of responses). The first thing to consider is whether you need the non-personal survey data at all, and if you don’t, then the best course of action is to simply delete or clear the survey responses. If there is non-personal data you wish to retain, then the only current option is to export the data to an external format such as CSV, open it, delete the contents of the IP address column (and any other personal data you don’t need), then save the file, overwriting the original, and then clear the survey responses (if you want to re-use it), or delete it (if you don’t).